Results 11  20
of
414
Efficient Decoding of ReedSolomon Codes Beyond Half the Minimum Distance
 IEEE Transactions on Information Theory
, 2000
"... A list decoding algorithm is presented for [n; k] ReedSolomon (RS) codes over GF (q), which is capable of correcting more than b(n\Gammak)=2c errors. Based on a previous work of Sudan, an extended key equation (EKE) is derived for RS codes, which reduces to the classical key equation when the numbe ..."
Abstract

Cited by 49 (0 self)
 Add to MetaCart
A list decoding algorithm is presented for [n; k] ReedSolomon (RS) codes over GF (q), which is capable of correcting more than b(n\Gammak)=2c errors. Based on a previous work of Sudan, an extended key equation (EKE) is derived for RS codes, which reduces to the classical key equation when the number of errors is limited to b(n\Gammak)=2c. Generalizing Massey's algorithm that finds the shortest recurrence that generates a given sequence, an algorithm is obtained for solving the EKE in time complexity O(` \Delta (n\Gammak) 2 ), where ` is a design parameter, typically a small constant, which is an upper bound on the size of the list of decoded codewords (the case ` = 1 corresponds to classical decoding of up to b(n\Gammak)=2c errors where the decoding ends with at most one codeword). This improves on the time complexity O(n 3 ) needed for solving the equations of Sudan's algorithm by a naive Gaussian elimination. The polynomials found by solving the EKE are then used for reconstruct...
Towards 3query locally decodable codes of subexponential length
 In Proc. of the 39th ACM Symposium on Theory of Computing (STOC
, 2007
"... A qquery Locally Decodable Code (LDC) encodes an nbit message x as an Nbit codeword C(x), such that one can probabilistically recover any bit xi of the message by querying only q bits of the codeword C(x), even after some constant fraction of codeword bits has been corrupted. We give new construc ..."
Abstract

Cited by 48 (5 self)
 Add to MetaCart
A qquery Locally Decodable Code (LDC) encodes an nbit message x as an Nbit codeword C(x), such that one can probabilistically recover any bit xi of the message by querying only q bits of the codeword C(x), even after some constant fraction of codeword bits has been corrupted. We give new constructions of three query LDCs of vastly shorter length than that of previous constructions. Specifically, given any Mersenne prime p = 2 t − 1, we design three query LDCs of length N = exp � n 1/t �, for every n. Based on the largest known Mersenne prime, this translates to a length of less than exp n 10−7� compared to exp � n1/2 � in the previous constructions. It has often been conjectured that there are infinitely many Mersenne�primes. Under this conjecture, our constructions yield three query locally decodable codes of length N = exp n O
A Fast Software Implementation for Arithmetic Operations in GF(2^n)
, 1996
"... . We present a software implementation of arithmetic operations in a finite field GF(2 n ), based on an alternative representation of the field elements. An important application is in elliptic curve cryptosystems. Whereas previously reported implementations of elliptic curve cryptosystems use a s ..."
Abstract

Cited by 46 (2 self)
 Add to MetaCart
. We present a software implementation of arithmetic operations in a finite field GF(2 n ), based on an alternative representation of the field elements. An important application is in elliptic curve cryptosystems. Whereas previously reported implementations of elliptic curve cryptosystems use a standard basis or an optimal normal basis to perform field operations, we represent the field elements as polynomials with coefficients in the smaller field GF(2 16 ). Calculations in this smaller field are carried out using precalculated lookup tables. This results in rather simple routines matching the structure of computer memory very well. The use of an irreducible trinomial as the field polynomial, as was proposed at Crypto'95 by R. Schroeppel et al., can be extended to this representation. In our implementation, the resulting routines are slightly faster than standard basis routines. 1 Introduction Elliptic curve public key cryptosystems are rapidly gaining popularity [M93]. The use...
PseudoRandom Graphs
 IN: MORE SETS, GRAPHS AND NUMBERS, BOLYAI SOCIETY MATHEMATICAL STUDIES 15
"... ..."
Information flow decomposition for network coding
 IEEE TRANSACTIONS ON INFORMATION THEORY
, 2006
"... We propose a method to identify structural properties of multicast network configurations, by decomposing networks into regions through which the same information flows. This decomposition allows us to show that very different networks are equivalent from a coding point of view, and offers a means t ..."
Abstract

Cited by 42 (10 self)
 Add to MetaCart
We propose a method to identify structural properties of multicast network configurations, by decomposing networks into regions through which the same information flows. This decomposition allows us to show that very different networks are equivalent from a coding point of view, and offers a means to identify such equivalence classes. It also allows us to divide the network coding problem into two almost independent tasks: one of graph theory and the other of classical channel coding theory. This approach to network coding enables us to derive the smallest code alphabet size sufficient to code any network configuration with two sources as a function of the number of receivers in the network. But perhaps the most significant strength of our approach concerns future network coding practice. Namely, we propose deterministic algorithms to specify the coding operations at network nodes without the knowledge of the overall network topology. Such decentralized designs facilitate the construction of codes that can easily accommodate future changes in the network, e.g., addition of receivers and loss of links.
Searching for Primitive Roots in Finite Fields
, 1992
"... Let GF(p n ) be the finite field with p n elements where p is prime. We consider the problem of how to deterministically generate in polynomial time a subset of GF(p n ) that contains a primitive root, i.e., an element that generates the multiplicative group of nonzero elements in GF(p n ). ..."
Abstract

Cited by 40 (3 self)
 Add to MetaCart
Let GF(p n ) be the finite field with p n elements where p is prime. We consider the problem of how to deterministically generate in polynomial time a subset of GF(p n ) that contains a primitive root, i.e., an element that generates the multiplicative group of nonzero elements in GF(p n ). We present three results. First, we present a solution to this problem for the case where p is small, i.e., p = n O(1) . Second, we present a solution to this problem under the assumption of the Extended Riemann Hypothesis (ERH) for the case where p is large and n = 2. Third, we give a quantitative improvement of a theorem of Wang on the least primitive root for GF(p) assuming the ERH. Appeared in Mathematics of Computation 58, pp. 369380, 1992. An earlier version of this paper appeared in the 22nd Annual ACM Symposium on Theory of Computing (1990), pp. 546554. 1980 Mathematics Subject Classification (1985 revision): 11T06. 1. Introduction Consider the problem of finding a primitive ...
Inversive Congruential Pseudorandom Numbers: Distribution Of Triples
, 1997
"... This paper deals with the inversive congruential method with power of two modulus m for generating uniform pseudorandom numbers. Statistical independence properties of the generated sequences are studied based on the distribution of triples of successive pseudorandom numbers. It is shown that, on th ..."
Abstract

Cited by 39 (0 self)
 Add to MetaCart
This paper deals with the inversive congruential method with power of two modulus m for generating uniform pseudorandom numbers. Statistical independence properties of the generated sequences are studied based on the distribution of triples of successive pseudorandom numbers. It is shown that, on the average over the parameters in the inversive congruential method, the discrepancy of the corresponding point sets in the unit cube is of an order of magnitude between m \Gamma1=2 and m \Gamma1=2 (log m)³. The method of proof relies on a detailed discussion of the properties of certain exponential sums.
A Public Key System With Signature And Master Key Functions
, 1999
"... Let K be a finite field of 2 m elements. Let OE 4 ; OE 3 ; OE 2 ; OE 1 be tame automorphisms of the n + rdimensional affine space K n+r . Let the composition OE 4 OE 3 OE 2 OE 1 be ß. The automorphism ß and some of the OE i 's will be hidden. Let the component expression of ß be (ß 1 (x 1 ; \De ..."
Abstract

Cited by 38 (8 self)
 Add to MetaCart
Let K be a finite field of 2 m elements. Let OE 4 ; OE 3 ; OE 2 ; OE 1 be tame automorphisms of the n + rdimensional affine space K n+r . Let the composition OE 4 OE 3 OE 2 OE 1 be ß. The automorphism ß and some of the OE i 's will be hidden. Let the component expression of ß be (ß 1 (x 1 ; \Delta \Delta \Delta ; xn+r ); \Delta \Delta \Delta ; ßn+r (x 1 ; \Delta \Delta \Delta ; xn+r )). Let the restriction of ß to a subspace be ß as ß = (ß 1 (x 1 ; \Delta \Delta \Delta ; xn ; 0; \Delta \Delta \Delta ; 0); \Delta \Delta \Delta ; ßn+r (x 1 ; \Delta \Delta \Delta ; xn ; 0; \Delta \Delta \Delta ; 0)) =(f 1 ; \Delta \Delta \Delta ; fn+r ) :K n 7!K n+r . The field K and the polynomial map (f 1 ; \Delta \Delta \Delta ; fn+r ) will be announced as the public key. Given a plaintext (x 0 1 ; \Delta \Delta \Delta ; x 0 n ) 2 K n , let y 0 i = f i (x 0 1 ; \Delta \Delta \Delta ; x 0 n ), then the ciphertext will be (y 0 1 ; \Delta \Delta \Delta ; y 0 n+r ) 2 K n+r . Gi...
On the Maximum Average Degree and the Oriented Chromatic Number of a Graph
 Discrete Math
, 1995
"... The oriented chromatic number o(H) of an oriented graph H is defined as the minimum order of an oriented graph H 0 such that H has a homomorphism to H 0 . The oriented chromatic number o(G) of an undirected graph G is then defined as the maximum oriented chromatic number of its orientations. In ..."
Abstract

Cited by 30 (15 self)
 Add to MetaCart
The oriented chromatic number o(H) of an oriented graph H is defined as the minimum order of an oriented graph H 0 such that H has a homomorphism to H 0 . The oriented chromatic number o(G) of an undirected graph G is then defined as the maximum oriented chromatic number of its orientations. In this paper we study the links between o(G) and mad(G) defined as the maximum average degree of the subgraphs of G. 1 Introduction and statement of results For every graph G we denote by V (G), with vG = jV (G)j, its set of vertices and by E(G), with e G = jE(G)j, its set of arcs or edges. A homomorphism from a graph G to a graph On leave of absence from the Institute of Mathematics, Novosibirsk, 630090, Russia. With support from Engineering and Physical Sciences Research Council, UK, grant GR/K00561, and from the International Science Foundation, grant NQ4000. y This work was partially supported by the Network DIMANET of the European Union and by the grant 960101614 of the Russian F...
On the statistical properties of Diffie–Hellman distributions
 MR 2001k:11258 Zbl 0997.11066
"... Let p be a large prime such that p−1 has some large prime factors, and let ϑ ∈ Z ∗ p be an rth power residue for all small factors of p − 1. The corresponding DiffieHellman (DH) distribution is (ϑ x, ϑ y, ϑ xy) where x, y are randomly chosen from Z ∗ p. A recently formulated assumption is that giv ..."
Abstract

Cited by 29 (10 self)
 Add to MetaCart
Let p be a large prime such that p−1 has some large prime factors, and let ϑ ∈ Z ∗ p be an rth power residue for all small factors of p − 1. The corresponding DiffieHellman (DH) distribution is (ϑ x, ϑ y, ϑ xy) where x, y are randomly chosen from Z ∗ p. A recently formulated assumption is that given p, ϑ of the above form it is infeasible to distinguish in reasonable time between DH distribution and triples of numbers chosen