Majorana representations of the symmetric group of degree 4

AbstractThe Monster group M acts on a real vector space VM of dimension 196,884 which is the sum of a trivial 1-dimensional module and a minimal faithful M-module. There is an M-invariant scalar product (,) on VM, an M-invariant bilinear commutative non-associative algebra product ⋅ on VM (commonly known as the Conway–Griess–Norton algebra), and a subset A of VM∖{0} indexed by the 2A-involutions in M. Certain properties of the quintetM=(M,VM,A,(,),⋅) have been axiomatized in Chapter 8 of Ivanov (2009) [Iv09] under the name of Majorana representation of M. The axiomatization enables one to study Majorana representations of an arbitrary group G (generated by its involutions). A representation might or might not exist, but it always exists whenever G is a subgroup in M generated by the 2A-involutions contained in G. We say that thus obtained representation is based on an embedding of G in the Monster. The essential motivation for introducing the Majorana terminology was the most remarkable result by S. Sakuma (2007) [Sak07] which gave a classification of the Majorana representations of the dihedral groups. There are nine such representations and every single one is based on an embedding in the Monster of the relevant dihedral group. It is a fundamental property of the Monster that its 2A-involutions form a class of 6-transpositions and that there are precisely nine M-orbits on the pairs of 2A-involutions (and also on the set of 2A-generated dihedral subgroups in M). In the present paper we are making a further step in building up the Majorana theory by classifying the Majorana representations of the symmetric group S4 of degree 4. We prove that S4 possesses precisely four Majorana representations. The Monster is known to contain four classes of 2A-generated S4-subgroups, so each of the four representations is based on an embedding of S4 in the Monster. The classification of 2A-generated S4-subgroups in the Monster relies on calculations with the character table of the Monster. Our elementary treatment shows that there are (at most) four isomorphism types of subalgebras in the Conway–Griess-Norton algebra of the Monster generated by six Majorana axial vectors canonically indexed by the transpositions of S4. Two of these subalgebras are 13-dimensional, the other two have dimensions 9 and 6. These dimensions, not to mention the isomorphism type of the subalgebras, were not known before

On the Security of the Algebraic Eraser Tag Authentication Protocol

The Algebraic Eraser has been gaining prominence as SecureRF, the company commercializing the algorithm, increases its marketing reach. The scheme is claimed to be well-suited to IoT applications but a lack of detail in available documentation has hampered peer-review. Recently more details of the system have emerged after a tag authentication protocol built using the Algebraic Eraser was proposed for standardization in ISO/IEC SC31 and SecureRF provided an open public description of the protocol. In this paper we describe a range of attacks on this protocol that include very efficient and practical tag impersonation as well as partial, and total, tag secret key recovery. Most of these results have been practically verified, they contrast with the 80-bit security that is claimed for the protocol, and they emphasize the importance of independent public review for any cryptographic proposal.Comment: 21 pages. Minor changes. Final version accepted for ACNS 201

Fast Monte Carlo Algorithms for Permutation Groups

AbstractWe introduce new, elementary Monte Carlo methods to speed up and greatly simplify the manipulation of permutation groups (given by a list of generators). The methods are of a combinatorial character, using only elementary group theory. The key idea is that under certain conditions, "random subproducts" of the generators successfully emulate truly random elements of a group. We achieve a nearly optimal O(n3 logcn) asymptotic running time for membership testing, where n is the size of the permutation domain. This is an improvement of two orders of magnitude compared to known elementary algorithms and one order of magnitude compared to algorithms which depend on heavy use of group theory. An even greater asymptotic speedup is achieved for normal closures, a key ingredient in group-theoretic computation, now constructible in Monte Carlo time O(n2 logcn), i.e., essentially linear time (as a function of the input length). Some of the new techniques are sufficiently general to allow polynomial-time implementations in the very general model of "black box groups" (group operations are performed by an oracle). In particular, the normal closure algorithm has a number of applications to matrix-group computation. It should be stressed that our randomized algorithms are not heuristic: the probability of error is guaranteed not to exceed a bound ϵ > 0, prescribed by the user. The cost of this requirement is a factor of |log ϵ| in the running time

An adaptive prefix-assignment technique for symmetry reduction

This paper presents a technique for symmetry reduction that adaptively assigns a prefix of variables in a system of constraints so that the generated prefix-assignments are pairwise nonisomorphic under the action of the symmetry group of the system. The technique is based on McKay's canonical extension framework [J.~Algorithms 26 (1998), no.~2, 306--324]. Among key features of the technique are (i) adaptability---the prefix sequence can be user-prescribed and truncated for compatibility with the group of symmetries; (ii) parallelizability---prefix-assignments can be processed in parallel independently of each other; (iii) versatility---the method is applicable whenever the group of symmetries can be concisely represented as the automorphism group of a vertex-colored graph; and (iv) implementability---the method can be implemented relying on a canonical labeling map for vertex-colored graphs as the only nontrivial subroutine. To demonstrate the practical applicability of our technique, we have prepared an experimental open-source implementation of the technique and carry out a set of experiments that demonstrate ability to reduce symmetry on hard instances. Furthermore, we demonstrate that the implementation effectively parallelizes to compute clusters with multiple nodes via a message-passing interface.Comment: Updated manuscript submitted for revie

Bounds on the diameter of Cayley graphs of the symmetric group

In this paper we are concerned with the conjecture that, for any set of generators S of the symmetric group of degree n, the word length in terms of S of every permutation is bounded above by a polynomial of n. We prove this conjecture for sets of generators containing a permutation fixing at least 37% of the points.Comment: 17 pages, 6 table