Results 1  10
of
25
Cube Testers and Key Recovery Attacks On Reducedround MD6 and Trivium
"... CRYPTO 2008 saw the introduction of the hash function MD6 and of cube attacks, a type of algebraic attack applicable to cryptographic functions having a lowdegree algebraic normal form over GF(2). This paper applies cube attacks to reduced round MD6, finding the full 128bit key of a 14round MD6 w ..."
Abstract

Cited by 26 (6 self)
 Add to MetaCart
CRYPTO 2008 saw the introduction of the hash function MD6 and of cube attacks, a type of algebraic attack applicable to cryptographic functions having a lowdegree algebraic normal form over GF(2). This paper applies cube attacks to reduced round MD6, finding the full 128bit key of a 14round MD6 with complexity 2 22 (which takes less than a minute on a single PC). This is the best key recovery attack announced so far for MD6. We then introduce a new class of attacks called cube testers, based on efficient propertytesting algorithms, and apply them to MD6 and to the stream cipher Trivium. Unlike the standard cube attacks, cube testers detect nonrandom behavior rather than performing key extraction, but they can also attack cryptographic schemes described by nonrandom polynomials of relatively high degree. Applied to MD6, cube testers detect nonrandomness over 18 rounds in 2 17 complexity; applied to a slightly modified version of the MD6 compression function, they can distinguish 66 rounds from random in 2 24 complexity. Cube testers give distinguishers on Trivium reduced to 790 rounds from random with 2 30 complexity and detect nonrandomness over 885 rounds in 2 27, improving on the original 767round cube attack.
What is good mathematics
, 2007
"... Abstract. Some personal thoughts and opinions on what “good quality mathematics” is, and whether one should try to define this term rigorously. As a case study, the story of Szemerédi’s theorem is presented. 1. The many aspects of mathematical quality We all agree that mathematicians should strive t ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Some personal thoughts and opinions on what “good quality mathematics” is, and whether one should try to define this term rigorously. As a case study, the story of Szemerédi’s theorem is presented. 1. The many aspects of mathematical quality We all agree that mathematicians should strive to produce good mathematics. But how does one define “good mathematics”, and should one even dare to try at all? Let us first consider the former question. Almost immediately one realises that there are many different types of mathematics which could be designated “good”. For instance, “good mathematics ” could refer (in no particular order) to (i) Good mathematical problemsolving (e.g. a major breakthrough on an important mathematical problem); (ii) Good mathematical technique (e.g. a masterful use of existing methods, or the development of new tools); (iii) Good mathematical theory (e.g. a conceptual framework or choice of notation which systematically unifies and generalises an existing body of results);
A simple regularization of hypergraphs
"... Abstract. We give a simple and natural construction of hypergraph regularization. It yields a short proof of a hypergraph regularity lemma. Consequently, as an example of its applications, we have a short selfcontained proof of Szemerédi’s classic theorem on arithmetic progressions (1975) as well a ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
Abstract. We give a simple and natural construction of hypergraph regularization. It yields a short proof of a hypergraph regularity lemma. Consequently, as an example of its applications, we have a short selfcontained proof of Szemerédi’s classic theorem on arithmetic progressions (1975) as well as its multidimensional extension by FurstenbergKatznelson (1978). 1.
Removal lemma for infinitelymany forbidden hypergraphs and property testing
, 2008
"... We prove a removal lemma for infinitelymany forbidden hypergraphs. It affirmatively settles a question on property testing raised by Alon and Shapira (2005) [2, 3]. All monotone hypergraph properties and all hereditary partite hypergraph properties are testable. Our proof constructs a constanttim ..."
Abstract

Cited by 5 (4 self)
 Add to MetaCart
We prove a removal lemma for infinitelymany forbidden hypergraphs. It affirmatively settles a question on property testing raised by Alon and Shapira (2005) [2, 3]. All monotone hypergraph properties and all hereditary partite hypergraph properties are testable. Our proof constructs a constanttime probabilistic algorithm to edit a small number of edges. It also gives a quantitative bound in terms of a coloring number of the property. It is based on a new hypergraph regularity lemma [14].
Additive Combinatorics and Theoretical Computer Science
, 2009
"... Additive combinatorics is the branch of combinatorics where the objects of study are subsets of the integers or of other abelian groups, and one is interested in properties and patterns that can be expressed in terms of linear equations. More generally, arithmetic combinatorics deals with properties ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
Additive combinatorics is the branch of combinatorics where the objects of study are subsets of the integers or of other abelian groups, and one is interested in properties and patterns that can be expressed in terms of linear equations. More generally, arithmetic combinatorics deals with properties and patterns that can be expressed via additions and multiplications. In the past ten years, additive and arithmetic combinatorics have been extremely successful areas of mathematics, featuring a convergence of techniques from graph theory, analysis and ergodic theory. They have helped prove longstanding open questions in additive number theory, and they offer much promise of future progress. Techniques from additive and arithmetic combinatorics have found several applications in computer science too, to property testing, pseudorandomness, PCP constructions, lower bounds, and extractor constructions. Typically, whenever a technique from additive or arithmetic combinatorics becomes understood by computer scientists, it finds some application. Considering that there is still a lot of additive and arithmetic combinatorics that computer scientists do not understand (and, the field being very active, even more will be developed in the near future), there seems to be much potential for future connections and applications.
Asymptotic Abelianness, weak mixing, and property T
"... Abstract. LetG be a second countable locally compact group andH a closed subgroup. We characterize the lack of Kazhdan’s property T for the pair (G,H) by the genericity of Gactions on the hyperfinite II1 factor with a certain asymptotic Abelianness property relative toH, as well as by the genericit ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. LetG be a second countable locally compact group andH a closed subgroup. We characterize the lack of Kazhdan’s property T for the pair (G,H) by the genericity of Gactions on the hyperfinite II1 factor with a certain asymptotic Abelianness property relative toH, as well as by the genericity of measurepreserving Gactions on a nonatomic standard probability space that are weakly mixing for H. The latter furnishes a definitive generalization of a classical theorem of Halmos for single automorphisms and strengthens a recent result of Glasner, Thouvenot, and Weiss on generic ergodicity. We also establish a weak mixing version of Glasner and Weiss’s characterization of property T for discrete G in terms of the invariant state space of a Bernoulli shift and show that on the CAR algebra a type of norm asymptotic Abelianness is generic for Gactions when G is discrete and admits a nontorsion Abelian quotient. 1.
COMBINATORIAL INDEPENDENCE IN MEASURABLE DYNAMICS
"... Abstract. We develop a finescale local analysis of measure entropy and measure sequence entropy based on combinatorial independence. The concepts of measure IEtuples and measure INtuples are introduced and studied in analogy with their counterparts in topological dynamics. Local characterizations ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We develop a finescale local analysis of measure entropy and measure sequence entropy based on combinatorial independence. The concepts of measure IEtuples and measure INtuples are introduced and studied in analogy with their counterparts in topological dynamics. Local characterizations of the Pinsker von Neumann algebra and its sequence entropy analogue are given in terms of combinatorial independence, ℓ1 geometry, and Voiculescu’s completely positive approximation entropy. Among the novel features of our local study is the treatment of general discrete acting groups, with the structural assumption of amenability in the case of entropy. 1.
FROM HARMONIC ANALYSIS TO ARITHMETIC COMBINATORICS
, 2006
"... We will describe a certain line of research connecting classical harmonic analysis to PDE regularity estimates, an old question in Euclidean geometry, a variety of deep combinatorial problems, recent advances in analytic number theory, and more. Traditionally, restriction theory is a part of classi ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We will describe a certain line of research connecting classical harmonic analysis to PDE regularity estimates, an old question in Euclidean geometry, a variety of deep combinatorial problems, recent advances in analytic number theory, and more. Traditionally, restriction theory is a part of classical Fourier analysis that investigates the relationship between geometric and Fourieranalytic properties of singular measures. It became clear over the years that the theory would have to involve sophisticated geometric and combinatorial input. Two particularly important turning points were Fefferman’s work in the 1970s invoking the ”Kakeya problem” in this context, and Bourgain’s application of Gowers’s additive number theory techniques to the Kakeya problem almost 30 years later. All this led harmonic analysts to explore areas previously foreign to them, such as combinatorial geometry, graph theory, and additive number theory. Although the Kakeya and restriction problems remain stubbornly open, the