51 research outputs found
A duality principle for selection games
A dinner table seats k guests and holds n discrete morsels of food. Guests
select morsels in turn until all are consumed. Each guest has a ranking of the
morsels according to how much he would enjoy eating them; these rankings are
commonly known.
A gallant knight always prefers one food division over another if it provides
strictly more enjoyable collections of food to one or more other players
(without giving a less enjoyable collection to any other player) even if it
makes his own collection less enjoyable. A boorish lout always selects the
morsel that gives him the most enjoyment on the current turn, regardless of
future consumption by himself and others.
We show the way the food is divided when all guests are gallant knights is
the same as when all guests are boorish louts but turn order is reversed. This
implies and generalizes a classical result of Kohler and Chandrasekaran (1971)
about two players strategically maximizing their own enjoyments. We also treat
the case that the table contains a mixture of boorish louts and gallant
knights.
Our main result can also be formulated in terms of games in which selections
are made by groups. In this formulation, the surprising fact is that a group
can always find a selection that is simultaneously optimal for each member of
the group.Comment: 8 pages, 2 figure
Attacks on the Search-RLWE problem with small errors
The Ring Learning-With-Errors (RLWE) problem shows great promise for
post-quantum cryptography and homomorphic encryption. We describe a new attack
on the non-dual search RLWE problem with small error widths, using ring
homomorphisms to finite fields and the chi-squared statistical test. In
particular, we identify a "subfield vulnerability" (Section 5.2) and give a new
attack which finds this vulnerability by mapping to a finite field extension
and detecting non-uniformity with respect to the number of elements in the
subfield. We use this attack to give examples of vulnerable RLWE instances in
Galois number fields. We also extend the well-known search-to-decision
reduction result to Galois fields with any unramified prime modulus q,
regardless of the residue degree f of q, and we use this in our attacks. The
time complexity of our attack is O(nq2f), where n is the degree of K and f is
the residue degree of q in K. We also show an attack on the non-dual (resp.
dual) RLWE problem with narrow error distributions in prime cyclotomic rings
when the modulus is a ramified prime (resp. any integer). We demonstrate the
attacks in practice by finding many vulnerable instances and successfully
attacking them. We include the code for all attacks
Algebraic aspects of solving Ring-LWE, including ring-based improvements in the Blum-Kalai-Wasserman algorithm
We provide a reduction of the Ring-LWE problem to Ring-LWE problems in
subrings, in the presence of samples of a restricted form (i.e. such
that is restricted to a multiplicative coset of the subring). To create and
exploit such restricted samples, we propose Ring-BKW, a version of the
Blum-Kalai-Wasserman algorithm which respects the ring structure. Off-the-shelf
BKW dimension reduction (including coded-BKW and sieving) can be used for the
reduction phase. Its primary advantage is that there is no need for
back-substitution, and the solving/hypothesis-testing phase can be
parallelized. We also present a method to exploit symmetry to reduce table
sizes, samples needed, and runtime during the reduction phase. The results
apply to two-power cyclotomic Ring-LWE with parameters proposed for practical
use (including all splitting types).Comment: 25 pages; section on advanced keying significantly extended; other
minor revision
- …