Results 21  30
of
701
Dynamic Perfect Hashing: Upper and Lower Bounds
, 1990
"... The dynamic dictionary problem is considered: provide an algorithm for storing a dynamic set, allowing the operations insert, delete, and lookup. A dynamic perfect hashing strategy is given: a randomized algorithm for the dynamic dictionary problem that takes O(1) worstcase time for lookups and ..."
Abstract

Cited by 128 (13 self)
 Add to MetaCart
The dynamic dictionary problem is considered: provide an algorithm for storing a dynamic set, allowing the operations insert, delete, and lookup. A dynamic perfect hashing strategy is given: a randomized algorithm for the dynamic dictionary problem that takes O(1) worstcase time for lookups and O(1) amortized expected time for insertions and deletions; it uses space proportional to the size of the set stored. Furthermore, lower bounds for the time complexity of a class of deterministic algorithms for the dictionary problem are proved. This class encompasses realistic hashingbased schemes that use linear space. Such algorithms have amortized worstcase time complexity \Omega(log n) for a sequence of n insertions and
Efficient generation of shared RSA keys
 Advances in Cryptology  CRYPTO 97
, 1997
"... We describe efficient techniques for a number of parties to jointly generate an RSA key. At the end of the protocol an RSA modulus N = pq is publicly known. None of the parties know the factorization of N. In addition a public encryption exponent is publicly known and each party holds a share of the ..."
Abstract

Cited by 127 (5 self)
 Add to MetaCart
We describe efficient techniques for a number of parties to jointly generate an RSA key. At the end of the protocol an RSA modulus N = pq is publicly known. None of the parties know the factorization of N. In addition a public encryption exponent is publicly known and each party holds a share of the private exponent that enables threshold decryption. Our protocols are efficient in computation and communication. All results are presented in the honest but curious settings (passive adversary).
Cuckoo hashing
 JOURNAL OF ALGORITHMS
, 2001
"... We present a simple dictionary with worst case constant lookup time, equaling the theoretical performance of the classic dynamic perfect hashing scheme of Dietzfelbinger et al. (Dynamic perfect hashing: Upper and lower bounds. SIAM J. Comput., 23(4):738–761, 1994). The space usage is similar to that ..."
Abstract

Cited by 126 (6 self)
 Add to MetaCart
We present a simple dictionary with worst case constant lookup time, equaling the theoretical performance of the classic dynamic perfect hashing scheme of Dietzfelbinger et al. (Dynamic perfect hashing: Upper and lower bounds. SIAM J. Comput., 23(4):738–761, 1994). The space usage is similar to that of binary search trees, i.e., three words per key on average. Besides being conceptually much simpler than previous dynamic dictionaries with worst case constant lookup time, our data structure is interesting in that it does not use perfect hashing, but rather a variant of open addressing where keys can be moved back in their probe sequences. An implementation inspired by our algorithm, but using weaker hash functions, is found to be quite practical. It is competitive with the best known dictionaries having an average case (but no nontrivial worst case) guarantee.
Reductions in Streaming Algorithms, with an Application to Counting Triangles in Graphs
"... We introduce reductions in the streaming model as a tool in the design of streaming algorithms. We develop the concept of listefficient streaming algorithms that are essential to the design of efficient streaming algorithms through reductions. Our results include a suite of listefficient streaming ..."
Abstract

Cited by 118 (5 self)
 Add to MetaCart
We introduce reductions in the streaming model as a tool in the design of streaming algorithms. We develop the concept of listefficient streaming algorithms that are essential to the design of efficient streaming algorithms through reductions. Our results include a suite of listefficient streaming algorithms for basic statistical primitives. Using the reduction paradigm along with these tools, we design streaming algorithms for approximately counting the number of triangles in a graph presented as a stream. A specific highlight of our work is the first algorithm for the number of distinct elements in a data stream that achieves arbitrary approximation factors. (Independently, Trevisan [Tre01] has solved this problem via a different approach; our algorithm has the advantage of being listefficient.)
Denial of Service via Algorithmic Complexity Attacks
, 2003
"... We present a new class of lowbandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures. Frequently used data structures have "averagecase" expected running time that's far more efficient than the worst case. For examp ..."
Abstract

Cited by 115 (2 self)
 Add to MetaCart
We present a new class of lowbandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures. Frequently used data structures have "averagecase" expected running time that's far more efficient than the worst case. For example, both binary trees and hash tables can degenerate to linked lists with carefully chosen input. We show how an attacker can effectively compute such input, and we demonstrate attacks against the hash table implementations in two versions of Perl, the Squid web proxy, and the Bro intrusion detection system. Using bandwidth less than a typical dialup modem, we can bring a dedicated Bro server to its knees; after six minutes of carefully chosen packets, our Bro server was dropping as much as 71% of its traffic and consuming all of its CPU. We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks.
Simulating BPP Using a General Weak Random Source
 ALGORITHMICA
, 1996
"... We show how to simulate BPP and approximation algorithms in polynomial time using the output from a ffisource. A ffisource is a weak random source that is asked only once for R bits, and must output an Rbit string according to some distribution that places probability no more than 2 \GammaffiR on ..."
Abstract

Cited by 111 (18 self)
 Add to MetaCart
We show how to simulate BPP and approximation algorithms in polynomial time using the output from a ffisource. A ffisource is a weak random source that is asked only once for R bits, and must output an Rbit string according to some distribution that places probability no more than 2 \GammaffiR on any particular string. We also give an application to the unapproximability of Max Clique.
Towards realizing random oracles: Hash functions that hide all partial information
, 1997
"... The random oracle model is a very convenient setting for designing cryptographic protocols. In this idealized model all parties have access to a common, public random function, called a random oracle. Protocols in this model are often very simple and efficient; also the analysis is often clearer. ..."
Abstract

Cited by 110 (11 self)
 Add to MetaCart
The random oracle model is a very convenient setting for designing cryptographic protocols. In this idealized model all parties have access to a common, public random function, called a random oracle. Protocols in this model are often very simple and efficient; also the analysis is often clearer. However, we do not have a general mechanism for transforming protocols that are secure in the random oracle model into protocols that are secure in real life. In fact, we do not even know how to meaningfully specify the properties required from such a mechanism. Instead, it is a common practice to simply replace  often without mathematical justification  the random oracle with a `cryptographic hash function' (e.g., MD5 or SHA). Consequently, the resulting protocols have no meaningful proofs of security. We propose a research program aimed at rectifying this situation by means of identifying, and subsequently realizing, the useful properties of random oracles. As a first step, we introduce a new primitive that realizes a specific aspect of random oracles. This primitive, called oracle hashing, is a hash function that, like random oracles, `hides all partial information on its input'. A salient property of oracle hashing is that it is probabilistic: different applications to the same input result in different hash values. Still, we maintain the ability to verify whether a given hash value was generated from a given input. We describe constructions of oracle hashing, as well as applications where oracle hashing successfully replaces random oracles.
On the Theory of Average Case Complexity
 Journal of Computer and System Sciences
, 1997
"... This paper takes the next step in developing the theory of average case complexity initiated by Leonid A Levin. Previous works [Levin 84, Gurevich 87, Venkatesan and Levin 88] have focused on the existence of complete problems. We widen the scope to other basic questions in computational complexity. ..."
Abstract

Cited by 108 (7 self)
 Add to MetaCart
This paper takes the next step in developing the theory of average case complexity initiated by Leonid A Levin. Previous works [Levin 84, Gurevich 87, Venkatesan and Levin 88] have focused on the existence of complete problems. We widen the scope to other basic questions in computational complexity. Our results include: ffl the equivalence of search and decision problems in the context of average case complexity; ffl an initial analysis of the structure of distributionalNP (i.e. NP problems coupled with "simple distributions") under reductions which preserve average polynomialtime; ffl a proof that if all of distributionalNP is in average polynomialtime then nondeterministic exponentialtime equals deterministic exponential time (i.e., a collapse in the worst case hierarchy); ffl definitions and basic theorems regarding other complexity classes such as average logspace. An exposition of the basic definitions suggested by Levin and suggestions for some alternative definitions ...
Faster algorithms for the shortest path problem
, 1990
"... Efficient implementations of Dijkstra's shortest path algorithm are investigated. A new data structure, called the radix heap, is proposed for use in this algorithm. On a network with n vertices, mn edges, and nonnegative integer arc costs bounded by C, a onelevel form of radix heap gives a t ..."
Abstract

Cited by 105 (10 self)
 Add to MetaCart
Efficient implementations of Dijkstra's shortest path algorithm are investigated. A new data structure, called the radix heap, is proposed for use in this algorithm. On a network with n vertices, mn edges, and nonnegative integer arc costs bounded by C, a onelevel form of radix heap gives a time bound for Dijkstra's algorithm of O(m + n log C). A twolevel form of radix heap gives a bound of O(m + n log C/log log C). A combination of a radix heap and a previously known data structure called a Fibonacci heap gives a bound of O(m + n /log C). The best previously known bounds are O(m + n log n) using Fibonacci heaps alone and O(m log log C) using the priority queue structure of Van Emde Boas et al. [17].
Chernoffhoeffding bounds for applications with limited independence
 ACMSIAM Symposium on Discrete Algorithms
, 1993
"... ..."