Results 11  20
of
42
Communication complexity of simultaneous messages
 SIAM Journal on Computing
"... In the multiparty communication game (CFLgame) of Chandra, Furst, and Lipton (Proc. 15th ACM STOC, 1983, 94–99) k players collaboratively evaluate a function f(x0,..., xk−1) in which player i knows all inputs except xi. The players have unlimited computational power. The objective is to minimize co ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
In the multiparty communication game (CFLgame) of Chandra, Furst, and Lipton (Proc. 15th ACM STOC, 1983, 94–99) k players collaboratively evaluate a function f(x0,..., xk−1) in which player i knows all inputs except xi. The players have unlimited computational power. The objective is to minimize communication. In this paper, we study the Simultaneous Messages (SM) model of multiparty communication complexity. The SM model is a restricted version of the CFLgame in which the players are not allowed to communicate with each other. Instead, each of the k players simultaneously sends a message to a referee, who sees none of the inputs. The referee then announces the function value. We prove lower and upper bounds on the SMcomplexity of several classes of explicit functions. Our lower bounds extend to randomized SM complexity via an entropy argument. A lemma establishing a tradeoff between average Hamming distance and range size for transformations of the Boolean cube might be of independent interest. Our lower bounds on SMcomplexity imply an exponential gap between the SMmodel and
Bounds on the OBDDSize of Integer Multiplication via Universal Hashing
, 2005
"... Bryant [5] has shown that any OBDD for the function MULn−1,n, i.e. the middle bit of the nbit multiplication, requires at least 2 n/8 nodes. In this paper a stronger lower bound of essentially 2 n/2 /61 is proven by a new technique, using a universal family of hash functions. As a consequence, one ..."
Abstract

Cited by 13 (1 self)
 Add to MetaCart
Bryant [5] has shown that any OBDD for the function MULn−1,n, i.e. the middle bit of the nbit multiplication, requires at least 2 n/8 nodes. In this paper a stronger lower bound of essentially 2 n/2 /61 is proven by a new technique, using a universal family of hash functions. As a consequence, one cannot hope anymore to verify e.g. 128bit multiplication circuits using OBDDtechniques because the representation of the middle bit of such a multiplier requires more than 3 · 10 17 OBDDnodes. Further, a first nontrivial upper bound of 7/3 · 2 4n/3 for the OBDDsize of MULn−1,n is provided.
Authentication protocols based on lowbandwidth unspoofable channels: a comparative survey
, 2009
"... unspoofable channels: a comparative survey ..."
On Separating the ReadkTimes Branching Program Hierarchy
 In Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing
, 1998
"... We obtain an exponential separation between consecutive levels in the hierarchy of classes of functions computable by polynomialsize syntactic readktimes branching programs, for all k ? 0, as conjectured by various authors [Weg87, SS93, Pon95]. For every k, we exhibit two explicit functions that ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
We obtain an exponential separation between consecutive levels in the hierarchy of classes of functions computable by polynomialsize syntactic readktimes branching programs, for all k ? 0, as conjectured by various authors [Weg87, SS93, Pon95]. For every k, we exhibit two explicit functions that can be computed by linearsized read(k+1)times branching programs but require size exp n\Omega i n 1=k+1 2 \Gamma2k k \Gamma4 jo to be computed by any readktimes branching program. The result actually gives the strongest possible separation  the exponential lower bound applies to both nondeterministic readktimes branching programs and randomized readktimes branching programs with 2sided error ", for some " ? 0. The only previously known results are the separation between k = 1 and k = 2 [BRS93] and a separation of nondeterministic readk from deterministic read(k ln k= ln 2 +C), where C is some appropriate constant, for each k [Oko97]. A simple corollary of our result...
Cryptography with Constant Computational Overhead
 STOC 2008
, 2008
"... Current constructions of cryptographic primitives typically involve a large multiplicative computational overhead that grows with the desired level of security. We explore the possibility of implementing basic cryptographic primitives, such as encryption, authentication, signatures, and secure twop ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
Current constructions of cryptographic primitives typically involve a large multiplicative computational overhead that grows with the desired level of security. We explore the possibility of implementing basic cryptographic primitives, such as encryption, authentication, signatures, and secure twoparty computation, while incurring only a constant computational overhead compared to insecure implementations of the same tasks. Here we make the usual security requirement that the advantage of any polynomialtime attacker must be negligible in the input length. We obtain affirmative answers to this question for most central cryptographic primitives under plausible, albeit sometimes nonstandard, intractability assumptions. • We start by showing that pairwiseindependent hash functions can be computed by linearsize circuits, disproving a conjecture of Mansour, Nisan, and Tiwari (STOC 1990). This construction does not rely on any unproven assumptions and is of independent interest. Our hash functions can be used to construct message authentication schemes with constant overhead from any oneway function. • Under an intractability assumption that generalizes a previous assumption of Alekhnovich (FOCS 2003), we get (public and private key) encryption schemes with constant overhead. Using an exponentially
Linear Hash Functions
, 1999
"... Consider the set # of all linear (or affine) transformations between two vector spaces over a finite field F. We study how good # is as a class of hash functions, namely we consider hashing a set S of size n into a range having the same cardinality n by a randomly chosen function from # and look at ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
Consider the set # of all linear (or affine) transformations between two vector spaces over a finite field F. We study how good # is as a class of hash functions, namely we consider hashing a set S of size n into a range having the same cardinality n by a randomly chosen function from # and look at the expected size of the largest hash bucket. # is a universal class of hash functions for any finite field, but with respect to our measure different fields behave differently. If the
Communicationspace tradeoffs for unrestricted protocols
 SIAM Journal on Computing
, 1994
"... This paper introduces communicating branching programs, and develops a general technique for demonstrating communicationspace tradeoffs for pairs of communicating branching programs. This technique is then used to prove communicationspace tradeoffs for any pair of communicating branching programs ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
This paper introduces communicating branching programs, and develops a general technique for demonstrating communicationspace tradeoffs for pairs of communicating branching programs. This technique is then used to prove communicationspace tradeoffs for any pair of communicating branching programs that hashes according to a universal family of hash functions. Other tradeoffs follow from this result. As an example, any pair of communicating Boolean branching programs that computes matrixvector products over GF(2) requires communicationspace product Ω(n 2), provided the space used is o(n / log n). These are the first examples of communicationspace tradeoffs on a completely general model of communicating processes.
Hb#: Increasing the security and efficiency of hb
 of LNCS
"... Abstract. The innovative HB + protocol of Juels and Weis [10] extends device authentication to lowcost RFID tags. However, despite the very simple ontag computation there remain some practical problems with HB + and despite an elegant proof of security against some limited active attacks, there is ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
Abstract. The innovative HB + protocol of Juels and Weis [10] extends device authentication to lowcost RFID tags. However, despite the very simple ontag computation there remain some practical problems with HB + and despite an elegant proof of security against some limited active attacks, there is a simple maninthemiddle attack due to Gilbert et al. [8]. In this paper we consider improvements to HB + in terms of both security and practicality. We introduce a new protocol that we denote randomHB #. This proposal avoids many practical drawbacks of HB +, remains provably resistant to attacks in the model of Juels and Weis, and at the same time is provably resistant to a broader class of active attacks that includes the attack of [8]. We then describe an enhanced variant called HB # which offers practical advantages over HB +. Key words: HB +, RFID tags, authentication, LPN, Toeplitz matrix. 1
Streaming Computation of Combinatorial Objects
 In Proceedings of the Seventeenth Annual IEEE Conference on Computational Complexity
, 2002
"... We prove (mostly tight) space lower bounds for "streaming " (or "online") computations of four fundamental combinatorial objects: errorcorrecting codes, universal hash functions, extractors, and dispersers. Streaming computations for these objects are motivated algorithmically by massive data set ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
We prove (mostly tight) space lower bounds for "streaming " (or "online") computations of four fundamental combinatorial objects: errorcorrecting codes, universal hash functions, extractors, and dispersers. Streaming computations for these objects are motivated algorithmically by massive data set applications and complexitytheoretically by pseudorandomness and derandomization for spacebounded probabilistic algorithms.
Quantum and Classical CommunicationSpace Tradeoffs from Rectangle Bounds
"... We derive bounds on the product of the communication C and space S for communicating circuits. The first bound applies to quantum circuits and follows from a "bipartite product" result for the discrepancy of communication problems. If for any problem f : XY the multicolor discrepancy of the co ..."
Abstract

Cited by 6 (2 self)
 Add to MetaCart
We derive bounds on the product of the communication C and space S for communicating circuits. The first bound applies to quantum circuits and follows from a "bipartite product" result for the discrepancy of communication problems. If for any problem f : XY the multicolor discrepancy of the communication matrix of f is 1/2 then the problem in which Alice receives some l inputs, Bob r inputs, and their task is to compute f(x i , y j ) for the l r pairs of inputs (x i , y j ), has a quantum communicationspace tradeo# CS (lrd log Z).