115 research outputs found
Subquadratic time encodable codes beating the Gilbert-Varshamov bound
We construct explicit algebraic geometry codes built from the
Garcia-Stichtenoth function field tower beating the Gilbert-Varshamov bound for
alphabet sizes at least 192. Messages are identied with functions in certain
Riemann-Roch spaces associated with divisors supported on multiple places.
Encoding amounts to evaluating these functions at degree one places. By
exploiting algebraic structures particular to the Garcia-Stichtenoth tower, we
devise an intricate deterministic \omega/2 < 1.19 runtime exponent encoding and
1+\omega/2 < 2.19 expected runtime exponent randomized (unique and list)
decoding algorithms. Here \omega < 2.373 is the matrix multiplication exponent.
If \omega = 2, as widely believed, the encoding and decoding runtimes are
respectively nearly linear and nearly quadratic. Prior to this work, encoding
(resp. decoding) time of code families beating the Gilbert-Varshamov bound were
quadratic (resp. cubic) or worse
Computing discrete logarithms in subfields of residue class rings
Recent breakthrough methods \cite{gggz,joux,bgjt} on computing discrete
logarithms in small characteristic finite fields share an interesting feature
in common with the earlier medium prime function field sieve method \cite{jl}.
To solve discrete logarithms in a finite extension of a finite field \F, a
polynomial h(x) \in \F[x] of a special form is constructed with an
irreducible factor g(x) \in \F[x] of the desired degree. The special form of
is then exploited in generating multiplicative relations that hold in
the residue class ring \F[x]/h(x)\F[x] hence also in the target residue class
field \F[x]/g(x)\F[x]. An interesting question in this context and addressed
in this paper is: when and how does a set of relations on the residue class
ring determine the discrete logarithms in the finite fields contained in it? We
give necessary and sufficient conditions for a set of relations on the residue
class ring to determine discrete logarithms in the finite fields contained in
it. We also present efficient algorithms to derive discrete logarithms from the
relations when the conditions are met. The derived necessary conditions allow
us to clearly identify structural obstructions intrinsic to the special
polynomial in each of the aforementioned methods, and propose
modifications to the selection of so as to avoid obstructions.Comment: arXiv admin note: substantial text overlap with arXiv:1312.167
Algebraic Problems Equivalent to Beating Exponent 3/2 for Polynomial Factorization over Finite Fields
The fastest known algorithm for factoring univariate polynomials over finite
fields is the Kedlaya-Umans (fast modular composition) implementation of the
Kaltofen-Shoup algorithm. It is randomized and takes time to factor polynomials of degree over the finite field
with elements. A significant open problem is if the
exponent can be improved. We study a collection of algebraic problems and
establish a web of reductions between them. A consequence is that an algorithm
for any one of these problems with exponent better than would yield an
algorithm for polynomial factorization with exponent better than
Candidate Tree Codes via Pascal Determinant Cubes
Tree codes are combinatorial structures introduced by Schulman [Schulman, 1993] as key ingredients in interactive coding schemes. Asymptotically-good tree codes are long known to exist, yet their explicit construction remains a notoriously hard open problem. Even proposing a plausible construction, without the burden of proof, is difficult and the defining tree code property requires structure that remains elusive. To the best of our knowledge, only one candidate appears in the literature, due to Moore and Schulman [Moore and Schulman, 2014].
We put forth a new candidate for an explicit asymptotically-good tree code. Our construction is an extension of the vanishing rate tree code by Cohen-Haeupler-Schulman [Cohen et al., 2018], and its correctness relies on a conjecture that we introduce on certain Pascal determinants indexed by the points of the Boolean hypercube. Furthermore, using the vanishing distance tree code by Gelles et al. [Gelles et al., 2016] enables us to present a construction that relies on an even weaker assumption. We furnish evidence supporting our conjecture through numerical computation, combinatorial arguments from planar path graphs and based on well-studied heuristics from arithmetic geometry
Drinfeld modules may not be for isogeny based cryptography
Elliptic curves play a prominent role in cryptography. For instance, the hardness of the elliptic curve discrete logarithm problem is a foundational assumption in public key cryptography. Drinfeld modules are positive characteristic function field analogues of elliptic curves. It is natural to ponder the existence/security of Drinfeld module analogues of elliptic curve cryptosystems. But the Drinfeld module discrete logarithm problem is easy even on a classical computer. Beyond discrete logarithms, elliptic curve isogeny based cryptosystems have have emerged as candidates for post-quantum cryptography, including supersingular isogeny Diffie-Hellman (SIDH) and commutative supersingular isogeny Diffie-Hellman (CSIDH) protocols. We formulate Drinfeld module analogues of these elliptic curve isogeny based cryptosystems and devise classical polynomial time algorithms to break these Drinfeld analogues catastrophically
- …