Even Delta-Matroids and the Complexity of Planar Boolean CSPs

The main result of this paper is a generalization of the classical blossom algorithm for finding perfect matchings. Our algorithm can efficiently solve Boolean CSPs where each variable appears in exactly two constraints (we call it edge CSP) and all constraints are even $\Delta$-matroid relations (represented by lists of tuples). As a consequence of this, we settle the complexity classification of planar Boolean CSPs started by Dvorak and Kupec. Using a reduction to even $\Delta$-matroids, we then extend the tractability result to larger classes of $\Delta$-matroids that we call efficiently coverable. It properly includes classes that were known to be tractable before, namely co-independent, compact, local, linear and binary, with the following caveat: we represent $\Delta$-matroids by lists of tuples, while the last two use a representation by matrices. Since an $n\times n$ matrix can represent exponentially many tuples, our tractability result is not strictly stronger than the known algorithm for linear and binary $\Delta$-matroids.Comment: 33 pages, 9 figure

On the Memory-Hardness of Data-Independent Password-Hashing Functions

We show attacks on five data-independent memory-hard functions (iMHF) that were submitted to the password hashing competition. Informally, an MHF is a function which cannot be evaluated on dedicated hardware, like ASICs, at significantly lower energy and/or hardware cost than evaluating a single instance on a standard single-core architecture. Data-independent means the memory access pattern of the function is independent of the input; this makes iMHFs harder to construct than data-dependent ones, but the latter can be attacked by various side-channel attacks. Following [Alwen-Blocki\u2716], we capture the evaluation of an iMHF as a directed acyclic graph (DAG). The cumulative parallel pebbling complexity of this DAG is a good measure for the cost of evaluating the iMHF on an ASIC. If n denotes the number of nodes of a DAG (or equivalently, the number of operations --- typically hash function calls --- of the underlying iMHF), its pebbling complexity must be close to n^2 for the iMHF to be memory-hard. We show that the following iMHFs are far from this bound: Rig.v2, TwoCats and Gambit can be attacked with complexity O(n^{1.75}); the data-independent phase of Pomelo (a finalist of the password hashing competition) and Lyra2 (also a finalist) can be attacked with complexity O(n^{1.83}) and O(n^{1.67}), respectively. For our attacks we use and extend the technique developed by [Alwen-Blocki\u2716], who show that the pebbling complexity of a DAG can be upper bounded in terms of its depth-robustness

Quantitative weak compactness

In this thesis we study quantitative weak compactness in spaces (C(K), τp) and later in Banach spaces. In the first chapter we introduce several quantities, which in different manners measure τp-noncompactness of a given uniformly bounded set H ⊂ RK . We apply the results in Banach spaces in chapter 2, where we prove (among others) a quantitative version of the Eberlein-Smulyan theorem. In the third chapter we focus on convex closures and how they affect measures of noncompactness. We prove a quantitative version of the Krein-Smulyan theorem. The first three chapters show that measuring noncompactness is intimately related to measuring distances from function spaces. We follow this idea in chapters 4 and 5, where we measure distances from Baire one functions first in RK and later also in Banach spaces.