Tameness of holomorphic closure dimension in a semialgebraic set

Given a semianalytic set S in a complex space and a point p in S, there is a unique smallest complex-analytic germ at p which contains the germ of S, called the holomorphic closure of S at p. We show that if S is semialgebraic then its holomorphic closure is a Nash germ, for every p, and S admits a semialgebraic filtration by the holomorphic closure dimension. As a consequence, every semialgebraic subset of a complex vector space admits a semialgebraic stratification into CR manifolds satisfying a strong version of the condition of the frontier.Comment: Published versio

Efficient UC Commitment Extension with Homomorphism for Free (and Applications)

Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values. In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment. We obtain amortized linear computational complexity in the length of the input messages and rate 1. Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters. While the previously best constructions use UC oblivious transfer as the main building block, our constructions only require extractable commitments and PRGs, achieving better concrete efficiency and offering new insights into the sufficient conditions for obtaining homomorphic UC commitments. Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic. These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments. Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge

Analytic curves in algebraic varieties over number fields

We establish algebraicity criteria for formal germs of curves in algebraic varieties over number fields and apply them to derive a rationality criterion for formal germs of functions, which extends the classical rationality theorems of Borel-Dwork and P\'olya-Bertrandias valid over the projective line to arbitrary algebraic curves over a number field. The formulation and the proof of these criteria involve some basic notions in Arakelov geometry, combined with complex and rigid analytic geometry (notably, potential theory over complex and $p$-adic curves). We also discuss geometric analogues, pertaining to the algebraic geometry of projective surfaces, of these arithmetic criteria.Comment: 55 pages. To appear in "Algebra, Arithmetic, and Geometry: In Honor of Y.i. Manin", Y. Tschinkel & Yu. Manin editors, Birkh\"auser, 200

On the complexity of arithmetic secret sharing

Since the mid 2000s, asymptotically-good strongly-multiplicative linear (ramp) secret sharing schemes over a fixed finite field have turned out as a central theoretical primitive in numerous constant-communication-rate results in multi-party cryptographic scenarios, and, surprisingly, in two-party cryptography as well. Known constructions of this most powerful class of arithmetic secret sharing schemes all rely heavily on algebraic geometry (AG), i.e., on dedicated AG codes based on asymptotically good towers of algebraic function fields defined over finite fields. It is a well-known open question since the first (explicit) constructions of such schemes appeared in CRYPTO 2006 whether the use of “heavy machinery” can be avoided here. i.e., the question is whether the mere existence of such schemes can also be proved by “elementary” techniques only (say, from classical algebraic coding theory), even disregarding effective construction. So far, there is no progress. In this paper we show the theoretical result that, (1) no matter whether this open question has an affirmative answer or not, these schemes can be constructed explicitly by elementary algorithms defined in terms of basic algebraic coding theory. This pertains to all relevant operations associated to such schemes, including, notably, the generation of an instance for a given number of players n, as well as error correction in the presence of corrupt shares. We further show that (2) the algorithms are quasi-linear time (in n); this is (asymptotically) significantly more efficient than the known constructions. That said, the analysis of the mere termination of these algorithms does still rely on algebraic geometry, in the sense that it requires “blackbox application” of suitable existence results for these schemes. Our method employs a nontrivial, novel adaptation of a classical (and ubiquitous) paradigm from coding theory that enables transformation of existence results on asymptotically good codes into explicit construction of such codes via concatenation, at some constant loss in parameters achieved. In a nutshell, our generating idea is to combine a cascade of explicit but “asymptotically-bad-yet-good-enough schemes” with an asymptotically good one in such a judicious way that the latter can be selected with exponentially small number of players in that of the compound scheme. This opens the door t

Secure Computation with Constant Communication Overhead using Multiplication Embeddings

Secure multi-party computation (MPC) allows mutually distrusting parties to compute securely over their private data. The hardness of MPC, essentially, lies in performing secure multiplications over suitable algebras. Parties use diverse cryptographic resources, like computational hardness assumptions or physical resources, to securely compute these multiplications. There are several cryptographic resources that help securely compute one multiplication over a large finite field, say $\mathbb{G}\mathbb{F}[2^n]$, with linear communication complexity. For example, the computational hardness assumption like noisy Reed-Solomon codewords are pseudorandom. However, it is not known if we can securely compute, say, a linear number of AND-gates from such resources, i.e., a linear number of multiplications over the base field $\mathbb{G}\mathbb{F}[2]$. Before our work, we could only perform $o(n)$ secure AND-evaluations. This example highlights the general inefficiency of multiplying over the base field using one multiplication over the extension field. Our objective is to remove this hurdle and enable secure computation of boolean circuits while incurring a constant communication overhead based on more diverse cryptographic resources. Technically, we construct a perfectly secure protocol that realizes a linear number of multiplication gates over the base field using one multiplication gate over a degree-$n$ extension field. This construction relies on the toolkit provided by algebraic function fields. Using this construction, we obtain the following results. If we can perform one multiplication over $\mathbb{G}\mathbb{F}[2^n]$ with linear communication using a particular cryptographic resource, then we can also evaluate linear-size boolean circuits with linear communication using the same cryptographic resource. In particular, we provide the first construction that computes a linear number of oblivious transfers with linear communication complexity from the computational hardness assumptions like noisy Reed-Solomon codewords are pseudorandom, or arithmetic-analogues of LPN-style assumptions. Next, we highlight the potential of our result for other applications to MPC by constructing the first correlation extractor that has $1/2$ resilience and produces a linear number of oblivious transfers