Results 11  20
of
31
Randomized NPCompleteness for padic Rational Roots of Sparse Polynomials in One Variable
"... Relative to the sparse encoding, we show that deciding whether a univariate polynomial has a padic rational root can be done in NP for most inputs. We also prove a sharper complexity upper bound of P for polynomials with suitably generic padic Newton polygon. We thus improve the best previous comp ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Relative to the sparse encoding, we show that deciding whether a univariate polynomial has a padic rational root can be done in NP for most inputs. We also prove a sharper complexity upper bound of P for polynomials with suitably generic padic Newton polygon. We thus improve the best previous complexity upper bound of EXPTIME. We also prove an unconditional complexity lower bound of NPhardness with respect to randomized reductions, for general univariate polynomials. The best previous lower bound assumed an unproved hypothesis on the distribution of primes in arithmetic progression. We also discuss how our results complement analogous results over the real numbers. Categories and Subject Descriptors
Asymptotically optimal hitting sets against polynomials
 in: Proc. 35th ICALP
, 2008
"... Abstract. Our main result is an efficient construction of a hitting set generator against the class of polynomials of degree di in the ith variable. The seed length of this generator is log D + Õ(log1/2 D). Here, log D = P i log(di + 1) is a lower bound on the seed length of any hitting set generat ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Abstract. Our main result is an efficient construction of a hitting set generator against the class of polynomials of degree di in the ith variable. The seed length of this generator is log D + Õ(log1/2 D). Here, log D = P i log(di + 1) is a lower bound on the seed length of any hitting set generator against this class. Our construction is the first to achieve asymptotically optimal seed length for every choice of the parameters di. In fact, we present a nearly linear time construction with this asymptotic guarantee. Furthermore, our results extend to classes of polynomials parameterized by upper bounds on the number of nonzero terms in each variable. Underlying our constructions is a general and novel framework that exploits the product structure common to the classes of polynomials we consider. This framework allows us to obtain efficient and asymptotically optimal hitting set generators from primitives that need not be optimal or efficient by themselves. As our main corollary, we obtain the first blackbox polynomial identity tests with an asymptotically optimal randomness consumption. 1
Algorithmic analysis of Parity games
, 2006
"... Parity games are discrete infinite games of two players with complete information. There are two main motivations to study parity games. Firstly the problem of deciding a winner in a parity game is polynomially equivalent to the modal µcalculus model checking, and therefore is very important in the ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Parity games are discrete infinite games of two players with complete information. There are two main motivations to study parity games. Firstly the problem of deciding a winner in a parity game is polynomially equivalent to the modal µcalculus model checking, and therefore is very important in the field of computer aided verification. Secondly it is the intriguing status of parity games from the point of view of complexity theory. Solving parity games is one of the few natural problems in the class NP∩coNP (even in UP∩coUP), and there is no known polynomial time algorithm, despite the substantial amount of effort to find one. In this thesis we add to the body of work on parity games. We start by presenting parity games and explaining the concepts behind them, giving a survey of known algorithms, and show their relationship to other problems. In the second part of the thesis we want to answer the following question: Are there classes of graphs on which we can solve parity games in polyno
Primeless FactoringBased Cryptography –Solving the complexity bottlenecks of publickey encryption with ephemeral keys–
"... Abstract. Factoringbased publickey cryptosystems have an overall complexity which is dominated by the keyproduction algorithm, which requires the generation of prime numbers. This is most inconvenient in settings where the keygeneration is not an oneoff process, e.g., secure delegation of compu ..."
Abstract
 Add to MetaCart
Abstract. Factoringbased publickey cryptosystems have an overall complexity which is dominated by the keyproduction algorithm, which requires the generation of prime numbers. This is most inconvenient in settings where the keygeneration is not an oneoff process, e.g., secure delegation of computation or EKE passwordbased key exchange protocols. To this end, we extend the GoldwasserMicali (GM) cryptosystem to a provably secure system, denoted SIS, where the generation of primes is bypassed. By developing on the correct choice of the parameters of SIS, we align SIS’s security guarantees (i.e., resistance to factoring of moduli, etc.) to those of other wellknown factoringbased cryptosystems. Taking into consideration different possibilities to implement the fundamental operations, we explicitly compare and contrast the asymptotic complexity of wellknown publickey cryptosystems (e.g., GM and/or RSA) with that of SIS’s. The latter shows that once we are ready to accept an increase in the size of the moduli, SIS offers a generally lower asymptotic complexity than, e.g., GM or even RSA (when scaling correctly the number of encrypted bits). This would yield most significant speedups to applications like the aforementioned secure delegation of computation or protocols where a fresh key needs to be generated with every new session, e.g., EKE passwordbased key exchange protocols. 1
BOOK REVIEW: INEVITABLE RANDOMNESS IN DISCRETE MATHEMATICS
"... The beauty and utility of randomness is more than matched by its mysteries. How can we tell if a putative source of randomness (such as the frequency of the emission of electrons from a decaying radioactive material) is truly random? Indeed, how does one define randomness? ..."
Abstract
 Add to MetaCart
The beauty and utility of randomness is more than matched by its mysteries. How can we tell if a putative source of randomness (such as the frequency of the emission of electrons from a decaying radioactive material) is truly random? Indeed, how does one define randomness?
Cryptographic Accelerators on the UltraSPARC T2 with the Solaris Cryptographic Framework
"... As the both the requirement and demand for secure systems increases, so to will the ubiquitousness of cryptography. The most secure cryptographic schemes often involve complicated algorithms and are by no means cheap to implement on standard hardware, and it is this that has led to the development o ..."
Abstract
 Add to MetaCart
As the both the requirement and demand for secure systems increases, so to will the ubiquitousness of cryptography. The most secure cryptographic schemes often involve complicated algorithms and are by no means cheap to implement on standard hardware, and it is this that has led to the development of cryptographic hardware accelerators. Optimizing software to take advantage of these hardware devices is a problem akin to that of effective parallelization and this project aims to determine how these accelerators perform and under what conditions their use is costeffective. Through the development of code designed to exercise the particular accelerators existing on the Solaris UltraSPARC T2 via the Solaris Cryptographic Framework (SCF) the system’s performance under a variety of different conditions was assessed. A suggestion for the possible design of a benchmark exclusively for hardware accelerated cryptography is also given. The results indicate that substantial performance gains can be had with
Galaxy Cutsets in Graphs
"... Abstract. Given a network G = (V, E), we say that a subset of vertices S ⊆ V has radius r if it is spanned by a tree of depth r. We are interested in determining whether G has a cutset that can be written as the union of k sets of radius r. This generalizes the notion of kvertex connectivity, since ..."
Abstract
 Add to MetaCart
Abstract. Given a network G = (V, E), we say that a subset of vertices S ⊆ V has radius r if it is spanned by a tree of depth r. We are interested in determining whether G has a cutset that can be written as the union of k sets of radius r. This generalizes the notion of kvertex connectivity, since in the special case r = 0, a set spanned by a tree of depth r is a single vertex. Our motivation for considering this problem is that it constitutes a simple model for viruslike malicious attacks on G: An attack occurs at a subset of k vertices and begins to spread through the network. Any vertex within distance r of one of the initially attacked vertices can be infected. Thus an attack corresponds to a subset of vertices that is spanned by k trees of depth at most r. The question we focus on is whether a given network has a cutset of this particular form. The main results of this paper are the following. If r = 1, an attack corresponds to a subset of vertices which is the union of at most k stars. We call such a set a galaxy of order k. We show that it is NPhard to determine whether a given network contains a cutset which is a galaxy of order k, if k is part of the input. This is in stark contrast to the case r = 0, since testing whether a graph is kvertex connected can be done in polynomial time, using standard maxflowmincut type results. In contrast, testing whether a graph can be disconnected by a single attack (i.e. k = 1) can be done efficiently. Such an attack corresponds to a set of vertices spanned by a tree of depth r. We present an O(rnm) algorithm that determines if a given network contains such a set as a cutset.
Algorithmic Arithmetic Fewnomial Theory I: One Variable (Extended Abstract)
, 2007
"... We show that deciding whether a sparse polynomial in one variable has a root in Fp (for p prime) is NPhard with respect to BPP reductions. As a consequence, we answer open questions on the factorization of sparse polynomials posed by Karpinski and Shparlinski, and Cox. We also derive analogous resu ..."
Abstract
 Add to MetaCart
We show that deciding whether a sparse polynomial in one variable has a root in Fp (for p prime) is NPhard with respect to BPP reductions. As a consequence, we answer open questions on the factorization of sparse polynomials posed by Karpinski and Shparlinski, and Cox. We also derive analogous results for detecting padic rational roots, thus paralleling a recent complexity phase transition over the real numbers. A related new result is that detecting padic rational roots for a sparse polynomial in one variable is in NP for most inputs. Along the way, we also develop an efficient method for generating random primes in certain arithmetic progressions In the sequel to this paper, we extend our complexity results to systems of multivariate polynomials.