The Complexity of Fixed-Height Patterned Tile Self-Assembly

We characterize the complexity of the PATS problem for patterns of fixed height and color count in variants of the model where seed glues are either chosen or fixed and identical (so-called non-uniform and uniform variants). We prove that both variants are NP-complete for patterns of height 2 or more and admit O(n)-time algorithms for patterns of height 1. We also prove that if the height and number of colors in the pattern is fixed, the non-uniform variant admits a O(n)-time algorithm while the uniform variant remains NP-complete. The NP-completeness results use a new reduction from a constrained version of a problem on finite state transducers.Comment: An abstract version appears in the proceedings of CIAA 201

Public Key Encryption Resilient to Post-Challenge Leakage and Tampering Attacks

In this paper, we introduce a new framework for constructing public-key encryption (PKE) schemes resilient to joint post-challenge/after-the-fact leakage and tampering attacks in the bounded leakage and tampering (BLT) model, introduced by Damgård et al. (Asiacrypt 2013). All the prior formulations of PKE schemes considered leakage and tampering attacks only before the challenge ciphertext is made available to the adversary. However, this restriction seems necessary, since achieving security against post-challenge leakage and tampering attacks in its full generality is impossible as shown in previous works. In this paper, we study the post-challenge/after-the-fact security for PKE schemes against bounded leakage and tampering under a restricted yet meaningful and reasonable notion of security, namely, the split-state leakage and tampering model. We show that it is possible to construct secure PKE schemes in this model, tolerating arbitrary (but bounded) leakage and tampering queries; thus overcoming the previous impossibility results. To this end, we formulate a new notion of security, which we call entropic post-challenge IND-CCA-BLT secure PKE. We first define a weaker notion called entropic restricted post-challenge IND-CCA-BLT secure PKE, which can be instantiated using the (standard) DDH assumption. We then show a generic compiler from our entropic restricted notion to the entropic notion of security using a simulation-extractable non-interactive zero-knowledge argument system. This requires an untamperable common reference string as in previous works. Finally, we demonstrate the usefulness of our entropic notion of security by giving a simple and generic construction of post-challenge IND-CCA-BLT secure PKE scheme in the split-state leakage and tampering model. This also settles the open problem posed by Faonio and Venturi (Asiacrypt 2016)

A Formal Treatment of Backdoored Pseudorandom Generators

We provide a formal treatment of backdoored pseudorandom generators (PRGs). Here a saboteur chooses a PRG instance for which she knows a trapdoor that allows prediction of future (and possibly past) generator outputs. This topic was formally studied by Vazirani and Vazirani, but only in a limited form and not in the context of subverting cryptographic protocols. The latter has become increasingly important due to revelations about NIST’s backdoored Dual EC PRG and new results about its practical exploitability using a trapdoor. We show that backdoored PRGs are equivalent to public-key encryption schemes with pseu-dorandom ciphertexts. We use this equivalence to build backdoored PRGs that avoid a well known drawback of the Dual EC PRG, namely biases in outputs that an attacker can exploit without the trapdoor. Our results also yield a number of new constructions and an explanatory framework for why there are no reported observations in the wild of backdoored PRGs using only symmetric primitives. We also investigate folklore suggestions for countermeasures to backdoored PRGs, which we call immunizers. We show that simply hashing PRG outputs is not an effective immunizer against an attacker that knows the hash function in use. Salting the hash, however, does yield a secure immunizer, a fact we prove using a surprisingly subtle proof in the random oracle model. We also give a proof in the standard model under the assumption that the hash function is a universal computational extractor (a recent notion introduced by Bellare, Tung, and Keelveedhi).

The complexity of fixed-height patterned tile self-assembly

We characterize the complexity of the PATSproblem for patterns of fixed height and color count in variants of the model where seed glues are either chosen or fixed and identical (so-called non-uniform and uniform variants). We prove that both variants are NP-complete for patterns of height 2 or more and admit O(n)-time algorithms for patterns of height 1. We also prove that if the height and number of colors in the pattern is fixed, the non-uniform variant admits a O(n)-time algorithm while the uniform variant remains NP-complete. The NP-completeness results use a new reduction from a constrained version of a problem on finite state transducers.SCOPUS: cp.kinfo:eu-repo/semantics/publishe

Bits and qubits

Quantum computing is an interdisciplinary field of research, and it is natural that many people starting in this area should feel uncomfortable with the fundamentals of either computer science or physics. In this chapter, we briefly review the basic concepts necessary to follow the rest of the book734CONSELHO NACIONAL DE DESENVOLVIMENTO CIENTÍFICO E TECNOLÓGICO - CNPQCOORDENAÇÃO DE APERFEIÇOAMENTO DE PESSOAL DE NÍVEL SUPERIOR - CAPESFUNDAÇÃO CARLOS CHAGAS FILHO DE AMPARO À PESQUISA DO ESTADO DO RIO DE JANEIRO - FAPERJFUNDAÇÃO DE AMPARO À PESQUISA DO ESTADO DE SÃO PAULO - FAPESPNão temNão temNão temNão temWe are grateful to our colleagues and students from the Federal University of Rio de Janeiro (UFRJ, Brazil), the National Laboratory for Scientific Computing (LNCC, Brazil), and the University of Campinas (UNICAMP, Brazil) for several important discussions and interesting ideas. We acknowledge CAPES, CNPq, FAPERJ, and FAPESP—Brazilian funding agencies—for the financial support to our research projects. We also thank the Brazilian Society of Computational and Applied Mathematics (SBMAC) for the opportunity to give a course on this subject that resulted in the first version of this monograph in Portuguese (http://www.sbmac.org.br/arquivos/notas/livro_08.pdf), which in turn evolved from our earliest tutorials (in arXiv quant-ph/0301079 and quant-ph/0303175