We consider the authentication of digital streams over a lossy network. The overall approach taken is graph-based, as this yields simple methods for controlling overhead, delay, and the ability to authenticate, while serving to unify many previously known hash- and MAC-based techniques. The loss pattern of the network is defined probabilistically, allowing both bursty and random packet loss to be modeled. Our authentication schemes are customizable by the sender of the stream; that is, within reasonable constraints on the input parameters, we provide schemes that achieve the desired authentication probability while meeting the input upper bound on the overhead per packet. In addition, we demonstrate that some of the shortcomings of previously known schemes correspond to easily identifiable properties of a graph, and hence, may be more easily avoided by taking a graph-based approach to designing authentication schemes.

Abstract. We use powerful new techniques for list decoding errorcorrecting codes to efficiently trace traitors. Although much work has focused on constructing traceability schemes, the complexity of the tracing algorithm has received little attention. Because the TA tracing algorithm has a runtime of O(N) in general, where N is the number of users, it is inefficient for large populations. We produce schemes for which the TA algorithm is very fast. The IPP tracing algorithm, though less efficient, can list all coalitions capable of constructing a given pirate. We give evidence that when using an algebraic structure, the ability to trace with the IPP algorithm implies the ability to trace with the TA algorithm. We also construct schemes with an algorithm that finds all possible traitor coalitions faster than the IPP algorithm. Finally, we suggest uses for other decoding techniques in the presence of additional information about traitor behavior. 1

In this paper I try to present my field, combinatorics, via five examples of combinatorial studies which have some geometric flavor. The first topic is Tverberg's theorem, a gem in combinatorial geometry, and various of its combinatorial and topological extensions. McMullen's upper bound theorem for the face numbers of convex polytopes and its many extensions is the second topic. Next are general properties of subsets of the vertices of the discrete n-dimensional cube and some relations with questions of extremal and probabilistic combinatorics. Our fourth topic is tree enumeration and random spanning trees, and finally, some combinatorial and geometrical aspects of the simplex method for linear programming are considered.

We prove the first non-trivial (super linear) lower bound in the noisy broadcast model, defined by El Gamal in [6]. In this model there are n + 1 processors P0, P1,..., Pn, each of which is initially given a private input bit xi. The goal is for P0 to learn the value of f(x1,..., xn), for some specified function f, using a series of noisy broadcasts. At each step a designated processor broadcasts one bit to all of the other processors, and the bit received by each processor is flipped with fixed probability (independently for each recipient). In 1988, Gallager [16] gave a noise-resistant protocol that allows P0 to learn the entire input with constant probability in O(n log log n) broadcasts. We prove that Gallager’s protocol is optimal, up to a constant factor. Our lower bound follows by reduction from a lower bound for generalized noisy decision trees, a new model which may be of independent interest. For this new model we show a lower bound of Ω(n log n) on the depth of a tree that learns the entire input. We also show an Ω(n log log n) lower bound for the number of broadcasts required to compute certain explicit boolean-valued functions, when the correct output must be attained with probability at least 1 − n −α for a constant parameter α> 0 (this bound applies to all threshold functions, as well as any other boolean-valued function with linear sensitivity). This bound also follows by reduction from a lower bound of Ω(n log n) on the depth of generalized noisy decision trees that compute the same functions with the same error. We also show a (non-trivial) Ω(n) lower bound on the depth of generalized noisy decision trees that compute such functions with small constant error. Finally, we show the first protocol in the noisy broadcast model that computes the Hamming weight of the input using a linear number of broadcasts.

We consider functions on binary vector spaces which are far from linear functions in di#erent senses. We compare three existing notions: almost perfect nonlinear #APN# functions, almost bent #AB# functions, and crooked #CR# functions. Such functions are of importance in cryptography because of their resistance to linear and di#erential attacks on certain cryptosystems. We give a new combinatorial characterization of almost bent functions in terms of the number of solutions to a certain system of equations, and a characterization of crooked functions in terms of the Fourier transform. We also showhow these functions can be used to construct several combinatorial structures; such as semi-biplanes, di#erence sets, distance regular graphs, symmetric association schemes, and uniformly packed #BCH and Preparata# codes. 1 Almost perfect nonlinear, almost bent, and crooked functions We consider functions on binary vector spaces which are far from linear functions in di#erent senses. We compar...

Abstract — We apply results from algebraic coding theory to solve problems in cryptography, by using recent results on list decoding of error-correcting codes to efficiently find traitors who collude to create pirates. We produce schemes for which the TA (traceability) traitor tracing algorithm is very fast. We compare the TA and IPP (identifiable parent property) traitor tracing algorithms, and give evidence that when using an algebraic structure, the ability to trace traitors with the IPP algorithm implies the ability to trace with the TA algorithm. We also demonstrate that list decoding techniques can be used to find all possible pirate coalitions. Finally, we raise some related open questions about linear codes, and suggest uses for other decoding techniques in the presence of additional information about traitor behavior. Index Terms — Algebraic geometry code, identifiable parent property, list decoding, traceability code, traitor tracing, Reed-Solomon code. I.

Abstract. We develop general methods to obtain fast (polynomial time) estimates of the cardinality of a combinatorially defined set via solving some randomly generated optimization problems on the set. Geometrically, we estimate the cardinality of a subset of the Boolean cube via the average distance from a point in the cube to the subset. As an application, we present a new randomized polynomial time algorithm which approximates the permanent of a 0-1 matrix by solving a small number of Assignment problems. 1.

This article reviews some of the principal and recently-discovered lower and upper bounds on the maximum size of (n, r)-arcs in PG(2, q), sets of n points with at most r points on a line. Some of the upper bounds are used to improve the Griesmer bound for linear codes in certain cases. Also, a table is included showing the current best upper and lower bounds for q ≤ 19, and a number of open problems are discussed. 1

Consider the symmetric group Sn equipped with the Hamming metric dH. Packing and covering problems in the finite metric space (Sn,dH) are surveyed, including a combination of both. 1

Algebra Review 45 A.1. Groups 45 A.2. Rings, Fields, Ideals, and Factor Rings 46 A.3. Vector Spaces 51 A.4. Homomorphisms and Isomorphisms 52 Appendix B. Finite Fields 55 B.1. Background and Terminology 55 B.2. Classification of Finite Fields 56 B.3. Optional Exercises 59 Appendix C. Projects 61 C.1. Dual Codes and Parity Check Matrices 61 C.2. BCH Codes 61 C.3. Hamming Codes 62 C.4. Golay Codes 62 C.5. MDS Codes 62 C.6. Nonlinear Codes 62 Bibliography 65 IAS/Park City Mathematics Institute AMS will insert this ix Preface These notes summarize a series of lectures I gave as part of the IAS/PCMI Mentoring Program for Women in Mathematics, held May 17-27, 1999 at the Institute for Advanced Study in Princeton, NJ with funding from the National Science Foundation. The material included is not original, but the exposition is new. The booklet [LG] also contains an introduction to algebraic geometric coding theory, but its intended audience is researchers specializing in eith...