codes with locality constructions and applications to
play

Codes with locality: constructions and applications to - PowerPoint PPT Presentation

Dec 07, 2023 •496 likes •1.54k views

Codes with locality: constructions and applications to cryptographic protocols Julien Lavauzelle cole Polytechnique & INRIA Saclay, Universit Paris-Saclay PhD defense 30/11/2018 Outline 1. Codes with locality Locality in coding

  1. Example: Reed-Muller codes RM q ( m , r ) : = { ( f ( x ) : x ∈ F m q ) , f ∈ F q [ X 1 , . . . , X m ] , deg f ≤ r } c x = f ( x ) Assume r ≤ q − 2 , and let: – c = ( f ( x ) : x ∈ F m q ) ∈ RM q ( m , r ) – φ : F q → F m q affine and injective c | L ⇒ affine line L : = φ ( F q ) ⊂ F m q Then, the restriction of c to L ( or to φ ): L c | L : = (( f ◦ φ )( t ) : t ∈ F q ) ∈ RS q ( r ) F m at coordinate i ∈ F m q Local correction of y ∈ F q : q 1. Pick at random a line L ⊂ F m q such that i ∈ L . 2. Correct y | L as a noisy RS q ( r ) codeword, and output ˜ y i . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 6/33

  2. Example: Reed-Muller codes RM q ( m , r ) : = { ( f ( x ) : x ∈ F m q ) , f ∈ F q [ X 1 , . . . , X m ] , deg f ≤ r } c x = f ( x ) Assume r ≤ q − 2 , and let: – c = ( f ( x ) : x ∈ F m q ) ∈ RM q ( m , r ) – φ : F q → F m q affine and injective c | L ⇒ affine line L : = φ ( F q ) ⊂ F m q Then, the restriction of c to L ( or to φ ): L c | L : = (( f ◦ φ )( t ) : t ∈ F q ) ∈ RS q ( r ) F m at coordinate i ∈ F m q Local correction of y ∈ F q : q 1. Pick at random a line L ⊂ F m q such that i ∈ L . 2. Correct y | L as a noisy RS q ( r ) codeword, and output ˜ y i . RM q ( m , r ) is locally correctable with ℓ = n 1/ m and ε = 2 1 − r / q · δ J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 6/33

  3. High-rate construction: lifted codes (1) Issue: if r ≤ q − 2, the rate of RM q ( m , r ) is ≃ ( r / q ) m . m ! J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 7/33

  4. High-rate construction: lifted codes (1) Issue: if r ≤ q − 2, the rate of RM q ( m , r ) is ≃ ( r / q ) m . m ! Idea: consider the set of all polynomials f satisfying the “restriction property”: for every affine line L given by φ , (( f ◦ φ )( t ) : t ∈ F q ) ∈ RS q ( r ) Are there more polynomials than in RM codes? J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 7/33

  5. High-rate construction: lifted codes (1) Issue: if r ≤ q − 2, the rate of RM q ( m , r ) is ≃ ( r / q ) m . m ! Idea: consider the set of all polynomials f satisfying the “restriction property”: for every affine line L given by φ , (( f ◦ φ )( t ) : t ∈ F q ) ∈ RS q ( r ) Are there more polynomials than in RM codes? Example ( q = 4, m = 2, r = 2). f ( X , Y ) = X 2 Y 2 ∈ F 4 [ X , Y ] , hence deg ( f ) = 4 > 2 Affine line L given by φ ( T ) = ( aT + b , cT + d ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 7/33

  6. High-rate construction: lifted codes (1) Issue: if r ≤ q − 2, the rate of RM q ( m , r ) is ≃ ( r / q ) m . m ! Idea: consider the set of all polynomials f satisfying the “restriction property”: for every affine line L given by φ , (( f ◦ φ )( t ) : t ∈ F q ) ∈ RS q ( r ) Are there more polynomials than in RM codes? Example ( q = 4, m = 2, r = 2). f ( X , Y ) = X 2 Y 2 ∈ F 4 [ X , Y ] , hence deg ( f ) = 4 > 2 Affine line L given by φ ( T ) = ( aT + b , cT + d ) ( f ◦ φ )( T ) = ( aT + b ) 2 ( cT + d ) 2 = ( a 2 T 2 + b 2 )( c 2 T 2 + d 2 ) = ( ac ) 2 T 4 + ( ad + bc ) 2 T 2 + ( bd ) 2 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 7/33

  7. High-rate construction: lifted codes (1) Issue: if r ≤ q − 2, the rate of RM q ( m , r ) is ≃ ( r / q ) m . m ! Idea: consider the set of all polynomials f satisfying the “restriction property”: for every affine line L given by φ , (( f ◦ φ )( t ) : t ∈ F q ) ∈ RS q ( r ) Are there more polynomials than in RM codes? Example ( q = 4, m = 2, r = 2). f ( X , Y ) = X 2 Y 2 ∈ F 4 [ X , Y ] , hence deg ( f ) = 4 > 2 Affine line L given by φ ( T ) = ( aT + b , cT + d ) ( f ◦ φ )( T ) = ( aT + b ) 2 ( cT + d ) 2 = ( a 2 T 2 + b 2 )( c 2 T 2 + d 2 ) = ( ac ) 2 T 4 + ( ad + bc ) 2 T 2 + ( bd ) 2 = ( ad + bc ) 2 T 2 + ( ac ) 2 T + ( bd ) 2 mod ( T 4 − T ) ⇒ for every φ , the “restriction” ( f ◦ φ )( T ) can be interpolated as a univariate polynomial of degree ≤ 2 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 7/33

  8. High-rate construction: lifted codes (2) ◮ A m : = F m q ) ∈ F A m ev A m ( f ) : = ( f ( x ) : x ∈ F m q q ◮ Emb A ( m ) : = { φ : F q → F m q , injective and affine } Definition (lifted Reed-Solomon code [GKS13] reformulated). Lift ( RS q ( r ) , m ) : = { ev A m ( f ) , f ∈ F q [ X ] | ∀ φ ∈ Emb A ( m ) , ev A 1 ( f ◦ φ ) ∈ RS q ( r ) } J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 8/33

  9. High-rate construction: lifted codes (2) ◮ A m : = F m q ) ∈ F A m ev A m ( f ) : = ( f ( x ) : x ∈ F m q q ◮ Emb A ( m ) : = { φ : F q → F m q , injective and affine } Definition (lifted Reed-Solomon code [GKS13] reformulated). Lift ( RS q ( r ) , m ) : = { ev A m ( f ) , f ∈ F q [ X ] | ∀ φ ∈ Emb A ( m ) , ev A 1 ( f ◦ φ ) ∈ RS q ( r ) } Lift ( RS q ( r ) , m ) is locally correctable with ℓ = n 1/ m and ε = 2 1 − r / q · δ . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 8/33

  10. High-rate construction: lifted codes (2) ◮ A m : = F m q ) ∈ F A m ev A m ( f ) : = ( f ( x ) : x ∈ F m q q ◮ Emb A ( m ) : = { φ : F q → F m q , injective and affine } Definition (lifted Reed-Solomon code [GKS13] reformulated). Lift ( RS q ( r ) , m ) : = { ev A m ( f ) , f ∈ F q [ X ] | ∀ φ ∈ Emb A ( m ) , ev A 1 ( f ◦ φ ) ∈ RS q ( r ) } Lift ( RS q ( r ) , m ) is locally correctable with ℓ = n 1/ m and ε = 2 1 − r / q · δ . What about the dimension/rate? Theorem (characteristic 2, simplified from [GKS13]). For every m ≥ 2 and 0 < R 0 < 1, there exists q > 0 and r ≤ q − 2 such that Lift ( RS q ( r ) , m ) is locally correctable with rate R ≥ R 0 . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 8/33

  11. Rate of lifted codes Bounds in [GKS13] are far from being tight . ◮ Ex: for m = 2 and R 0 = 1/2, GKS theorem requires n = q m ≥ 2 64 . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 9/33

  12. Rate of lifted codes Bounds in [GKS13] are far from being tight . ◮ Ex: for m = 2 and R 0 = 1/2, GKS theorem requires n = q m ≥ 2 64 . Theorem [characteristic 2, finite length n = q 2 = 2 2 e ]. For m = 2, q = 2 e and r = ( 1 − 2 − c ) q − 1, � 3 c − 1 � c � c R = 1 − 5 � 3 + 1 � 1 + 1 � . 4 4 4 4 2 e 2 c + 2 ◮ actually, n = q 2 ≥ 2 6 = 64 is enough to achieve R ≥ 1/2. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 9/33

  13. Degree sets Lifted codes are monomial , i.e. generated by evaluations of monomials 1 . . . X d m ev A m ( X d 1 m ) = ev A m ( X d ) Degree set of a monomial code [GKS13]: Deg ( C ) : = { d ∈ [ 0, q − 1 ] m , ev A m ( X d ) ∈ C} J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 10/33

  14. Degree sets Lifted codes are monomial , i.e. generated by evaluations of monomials 1 . . . X d m ev A m ( X d 1 m ) = ev A m ( X d ) Degree set of a monomial code [GKS13]: Deg ( C ) : = { d ∈ [ 0, q − 1 ] m , ev A m ( X d ) ∈ C} A representation for m = 2: d 2 d 2 d 2 d 1 d 1 d 1 RM 4 ( 2, 4 ) RM 4 ( 2, 2 ) Lift ( RS 4 ( 2 ) , 2 ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 10/33

  15. “Fractal” representation of degree sets q = 4, r = 2 q = 8, r = 6 q = 16, r = 14 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 11/33

  16. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 11/33

  17. Evaluation on projective spaces Projective space P m : = A m + 1 \ { 0 } where a ∼ b iff ∃ λ ∈ F × � � / ∼ q , a = λ b Defining an evaluation map over P m requires: ◮ homogeneous polynomials f ∈ F q [ X ] H v of fixed degree v , ◮ to choose a representative for every u ∈ P m (see [Lac86]): u = ( 0 : · · · : 0 : 1 : ∗ : · · · : ∗ ) ∈ P m We get: f ( u ) : = f ( 0, . . . , 0, 1, ∗ , . . . , ∗ ) ∈ F q ev P m ( f ) : = ( f ( u ) : u ∈ P m ) ∈ F P m q J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 12/33

  18. Projective lifted codes Example. Projective Reed-Solomon code: PRS q ( r ) = { ev P 1 ( f ) = ( f ( x ) : x ∈ P 1 ) , f ∈ F q [ X , Y ] H r } J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 13/33

  19. Projective lifted codes Example. Projective Reed-Solomon code: PRS q ( r ) = { ev P 1 ( f ) = ( f ( x ) : x ∈ P 1 ) , f ∈ F q [ X , Y ] H r } Let Emb P ( m ) : = { φ : F 2 q → F m + 1 linear and injective } . q Definition (lifted projective RS codes). Let v = r + ( m − 1 )( q − 1 ) . Lift ( PRS q ( r ) , m ) : = { ev P m ( f ) , f ∈ F q [ X ] H v | ∀ φ ∈ Emb P ( m ) , ev P 1 ( f ◦ φ ) ∈ PRS q ( r ) } J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 13/33

  20. Main results on projective lifted codes Projective lifted codes... ◮ are locally correctable , with parameters ( ℓ = q + 1, δ , ε = δ / τ ) , where τ is the relative correction capability of the small PRS code J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  21. Main results on projective lifted codes Projective lifted codes... ◮ are locally correctable , with parameters ( ℓ = q + 1, δ , ε = δ / τ ) , where τ is the relative correction capability of the small PRS code ◮ are monomial , with an explicit bijection between the degree sets of Lift ( RS q ( r − 1 ) , m ) , Lift ( PRS q ( r ) , m ) and Lift ( PRS q ( r ) , m − 1 ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  22. Main results on projective lifted codes Projective lifted codes... ◮ are locally correctable , with parameters ( ℓ = q + 1, δ , ε = δ / τ ) , where τ is the relative correction capability of the small PRS code ◮ are monomial , with an explicit bijection between the degree sets of Lift ( RS q ( r − 1 ) , m ) , Lift ( PRS q ( r ) , m ) and Lift ( PRS q ( r ) , m − 1 ) ◮ satisfy the puncturing/shortening relation 0 → Lift ( RS q ( r − 1 ) , m ) → Lift ( PRS q ( r ) , m ) π → Lift ( PRS q ( r ) , m − 1 ) → 0 , − where π is induced by P m → P m − 1 . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  23. Main results on projective lifted codes Projective lifted codes... ◮ are locally correctable , with parameters ( ℓ = q + 1, δ , ε = δ / τ ) , where τ is the relative correction capability of the small PRS code ◮ are monomial , with an explicit bijection between the degree sets of Lift ( RS q ( r − 1 ) , m ) , Lift ( PRS q ( r ) , m ) and Lift ( PRS q ( r ) , m − 1 ) ◮ satisfy the puncturing/shortening relation 0 → Lift ( RS q ( r − 1 ) , m ) → Lift ( PRS q ( r ) , m ) π → Lift ( PRS q ( r ) , m − 1 ) → 0 , − where π is induced by P m → P m − 1 . ◮ are (up to equivalence) if q − 1 and n = q m + 1 q − 1 are coprime cyclic codes quasi-cyclic codes if q − 1 and gcd ( n , q − 1 ) are coprime n J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  24. Main results on projective lifted codes Projective lifted codes... ◮ are locally correctable , with parameters ( ℓ = q + 1, δ , ε = δ / τ ) , where τ is the relative correction capability of the small PRS code ◮ are monomial , with an explicit bijection between the degree sets of Lift ( RS q ( r − 1 ) , m ) , Lift ( PRS q ( r ) , m ) and Lift ( PRS q ( r ) , m − 1 ) ◮ satisfy the puncturing/shortening relation 0 → Lift ( RS q ( r − 1 ) , m ) → Lift ( PRS q ( r ) , m ) π → Lift ( PRS q ( r ) , m − 1 ) → 0 , − where π is induced by P m → P m − 1 . ◮ are (up to equivalence) if q − 1 and n = q m + 1 q − 1 are coprime cyclic codes quasi-cyclic codes if q − 1 and gcd ( n , q − 1 ) are coprime n ◮ admit many explicit and easily computable information sets J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  25. Main results on projective lifted codes Projective lifted codes... ◮ are locally correctable , with parameters ( ℓ = q + 1, δ , ε = δ / τ ) , where τ is the relative correction capability of the small PRS code ◮ are monomial , with an explicit bijection between the degree sets of Lift ( RS q ( r − 1 ) , m ) , Lift ( PRS q ( r ) , m ) and Lift ( PRS q ( r ) , m − 1 ) ◮ satisfy the puncturing/shortening relation 0 → Lift ( RS q ( r − 1 ) , m ) → Lift ( PRS q ( r ) , m ) π → Lift ( PRS q ( r ) , m − 1 ) → 0 , − where π is induced by P m → P m − 1 . ◮ are (up to equivalence) if q − 1 and n = q m + 1 q − 1 are coprime cyclic codes quasi-cyclic codes if q − 1 and gcd ( n , q − 1 ) are coprime n ◮ admit many explicit and easily computable information sets Details in: Lifted Projective Reed-Solomon Codes , L., DCC, to appear 10.1007/s10623-018-0552-8 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  26. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 14/33

  27. Lifted codes when r = q − 2 Remark. Assume r = q − 2. Then, RS q ( q − 2 ) is the parity-check code. q a ∈ RS q ( q − 2 ) ⇐ ∑ a i = 0 ⇒ i = 1 q , ∑ ⇒ ∀ L ⊆ F m c ∈ Lift ( RS q ( q − 2 ) , m ) ⇐ c x = 0 x ∈ L J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 15/33

  28. Lifted codes when r = q − 2 Remark. Assume r = q − 2. Then, RS q ( q − 2 ) is the parity-check code. q a ∈ RS q ( q − 2 ) ⇐ ∑ a i = 0 ⇒ i = 1 q , ∑ ⇒ ∀ L ⊆ F m c ∈ Lift ( RS q ( q − 2 ) , m ) ⇐ c x = 0 x ∈ L A non-full-rank parity-check matrix for Lift ( RS q ( q − 2 ) , m ) : points in F m q                                               ∗            lines in F m 0 0 0 0 · · · · · · · · · indicator vector of line L 1 1   q          ∗     J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 15/33

  29. Block designs Point-line incidences in the affine space form the affine geometry 2 -design . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 16/33

  30. Block designs Point-line incidences in the affine space form the affine geometry 2 -design . Definition. A t-design of parameters ( n , ℓ , λ ) consists in: ◮ a set X of points, | X | = n , ◮ a set B of blocks B ⊂ X , | B | = ℓ such that every t -set in X appears in exactly λ blocks. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 16/33

  31. Block designs Point-line incidences in the affine space form the affine geometry 2 -design . Definition. A t-design of parameters ( n , ℓ , λ ) consists in: ◮ a set X of points, | X | = n , ◮ a set B of blocks B ⊂ X , | B | = ℓ such that every t -set in X appears in exactly λ blocks. Incidence matrix of a design: points in X                                               ∗            0 0 0 0 blocks in B · · · · · · · · · indicator vector of block B 1 1            ∗     J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 16/33

  32. Codes based on designs, and generalisation The code based on the design D = ( X , B ) is the code C = Code ( D ) ⊆ F X q admitting the incidence matrix of D as a parity-check matrix. Code ( D ) = { c ∈ F X q | ∀ B ∈ B , c | B ∈ Parity } Remark. The dimension of Code ( D ) is highly dependent on the field F q J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 17/33

  33. Codes based on designs, and generalisation The code based on the design D = ( X , B ) is the code C = Code ( D ) ⊆ F X q admitting the incidence matrix of D as a parity-check matrix. Code ( D ) = { c ∈ F X q | ∀ B ∈ B , c | B ∈ Parity } Remark. The dimension of Code ( D ) is highly dependent on the field F q Let F = ( F B ⊆ F B q : B ∈ B ) be a family of codes indexed by blocks B ∈ B . The generalised design-based code based on ( D , F ) is Code ( D , F ) : = { c ∈ F X q | ∀ B ∈ B , c | B ∈ F B } . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 17/33

  34. Design-based codes and LCCs Generalised design-based code C = Code ( D , F ) , where – τ ∈ ( 0, 1 – D be a t - ( n , ℓ + 1, λ ) -design 2 ) is fixed – F = ( F B : B ∈ B ) s.t. every code in F corrects a fraction τ of errors Algorithm. Local correction of y ∈ F X q at i ∈ X ◮ Pick uniformly at random a block B ∈ B such that i ∈ B . ◮ Correct y | B as a noisy codeword from F B , and output ˜ y i . Proposition [ t = 2]. For every δ < τ /2, Code ( D , F ) is a ( ℓ , δ , ε ) -LCC, where ε = δ / τ . √ Proposition [ t = 3]. For every δ < τ − 1/ 2 ℓ , Code ( D , F ) is a ( ℓ , δ , ε ) -LCC where ε = δ ( 1 − δ ) ( τ − δ ) 2 · 1 1 τ 2 ℓ · δ . ℓ ≤ J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 18/33

  35. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 18/33

  36. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 18/33

  37. Problem statement Given a remote database F ∈ F k q and 1 ≤ i ≤ k , can we retrieve the entry F i , without leaking information on the index i ? J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 19/33

  38. Problem statement Given a remote database F ∈ F k q and 1 ≤ i ≤ k , can we retrieve the entry F i , without leaking information on the index i ? Trivial solution: full download. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 19/33

  39. Problem statement Given a remote database F ∈ F k q and 1 ≤ i ≤ k , can we retrieve the entry F i , without leaking information on the index i ? Trivial solution: full download. Solutions with better communication complexity: ◮ With 1 server, only computational privacy is possible [CGKS95, CG97]. ◮ With ℓ ≥ 2 servers, one can achieve information-theoretic privacy [CGKS95-98]. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 19/33

  40. Definition of PIR [CGKS95] Given a file F and ℓ servers S 1 , . . . , S ℓ , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 20/33

  41. Definition of PIR [CGKS95] Given a file F and ℓ servers S 1 , . . . , S ℓ , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q ℓ ) 1. U generates a query vector q = ( q 1 , . . . , q ℓ ) ← Q ( i ) and sends q j to server S j . . . U S 1 S 2 S ℓ J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 20/33

  42. Definition of PIR [CGKS95] Given a file F and ℓ servers S 1 , . . . , S ℓ , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q ℓ ) 1. U generates a query vector q = ( q 1 , . . . , q ℓ ) ← Q ( i ) and sends q j to server S j . . . U 2. Each server S j computes a j = A ( q j , F | S j ) and sends it back to U ( a 1 , . . . , a ℓ ) S 1 S 2 S ℓ J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 20/33

  43. Definition of PIR [CGKS95] Given a file F and ℓ servers S 1 , . . . , S ℓ , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q ℓ ) 1. U generates a query vector q = ( q 1 , . . . , q ℓ ) ← Q ( i ) and sends q j to server S j . . . U 2. Each server S j computes a j = A ( q j , F | S j ) and sends it back to U ( a 1 , . . . , a ℓ ) S 1 S 2 S ℓ 3. U recovers F i = R ( q , a , i ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 20/33

  44. Definition of PIR [CGKS95] Given a file F and ℓ servers S 1 , . . . , S ℓ , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q ℓ ) 1. U generates a query vector q = ( q 1 , . . . , q ℓ ) ← Q ( i ) and sends q j to server S j . . . U 2. Each server S j computes a j = A ( q j , F | S j ) and sends it back to U ( a 1 , . . . , a ℓ ) S 1 S 2 S ℓ 3. U recovers F i = R ( q , a , i ) Information-theoretic privacy: I ( i ; q j ) = 0, ∀ j = 1, . . . , ℓ . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 20/33

  45. Motivation Usual goals for PIR: ◮ Low communication complexity ◮ Low storage overhead for the servers ◮ Low computation complexity for algorithms A (server) and R (user) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 21/33

  46. Motivation Usual goals for PIR: ◮ Low communication complexity ◮ Low storage overhead for the servers ◮ Low computation complexity for algorithms A (server) and R (user) Most constructions focus on the download communication complexity – up to the PIR capacity [SJ17] – but require Ω ( k ) computation complexity for each server J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 21/33

  47. Motivation Usual goals for PIR: ◮ Low communication complexity ◮ Low storage overhead for the servers ◮ Low computation complexity for algorithms A (server) and R (user) Most constructions focus on the download communication complexity – up to the PIR capacity [SJ17] – but require Ω ( k ) computation complexity for each server We here focus on the computation complexity , crucial for practicality [OG10]. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 21/33

  48. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 21/33

  49. Transversal designs A transversal design TD ( ℓ , s ) = ( X , B , G ) is given by: ◮ X a set of points , | X | = n = s ℓ , • • • • • • • • • • • • . . . • • • • • • • • • • • • • • • • J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 22/33

  50. Transversal designs A transversal design TD ( ℓ , s ) = ( X , B , G ) is given by: ◮ X a set of points , | X | = n = s ℓ , G ℓ − 1 G ℓ G 1 G 2 • • • • ◮ groups G = { G j } 1 ≤ j ≤ ℓ satisfying • • • • ℓ ∐ G j and | G j | = s , X = • • • • . . . j = 1 • • • • • • • • • • • • • • • • J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 22/33

  51. Transversal designs A transversal design TD ( ℓ , s ) = ( X , B , G ) is given by: ◮ X a set of points , | X | = n = s ℓ , G ℓ − 1 G ℓ G 1 G 2 • • • • ◮ groups G = { G j } 1 ≤ j ≤ ℓ satisfying • • • • ℓ ∐ G j and | G j | = s , X = • • • • • i j = 1 • • • • ◮ blocks B ∈ B satisfying • • • • • – B ⊂ X and | B | = ℓ ; • • • • • j – for all { i , j } ⊂ X , { i , j } lie: • • • • • either in a single group G ∈ G , or in a unique block B ∈ B J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 22/33

  52. Transversal designs A transversal design TD ( ℓ , s ) = ( X , B , G ) is given by: ◮ X a set of points , | X | = n = s ℓ , G ℓ − 1 G ℓ G 1 G 2 • • • • ◮ groups G = { G j } 1 ≤ j ≤ ℓ satisfying • • • • ℓ ∐ G j and | G j | = s , X = • • • • • i j = 1 • • • • ◮ blocks B ∈ B satisfying • • • • • – B ⊂ X and | B | = ℓ ; • • • • • j – for all { i , j } ⊂ X , { i , j } lie: • • • • • either in a single group G ∈ G , or in a unique block B ∈ B Its incidence matrix (between points and blocks) defines a code. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 22/33

  53. Example The transversal design TD ( 3, 3 ) represented by: G 1 G 2 G 3 B 1 ∪ B 2 ∪ B 3 B = • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • gives an incidence matrix 1 1 1 0 0 0 0 0 0   0 0 0 1 1 1 0 0 0   0 0 0 0 0 0 1 1 1   1 0 0 0 0 1 0 1 0     0 1 0 1 0 0 0 0 1 H =     0 0 1 0 1 0 1 0 0   1 0 0 0 1 0 0 0 1     0 1 0 0 0 1 1 0 0   0 0 1 1 0 0 0 1 0 Its rank over F 3 is 6 the associated code C is a [ 9, 3 ] 3 code. = ⇒ J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 23/33

  54. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 23/33

  55. The PIR scheme Let C ⊆ F n q be a code based on a TD ( ℓ , s ) . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 24/33

  56. The PIR scheme Let C ⊆ F n q be a code based on a TD ( ℓ , s ) . • Initialisation. User U encodes F �→ c ∈ C , and gives c | G j to server S j . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 24/33

  57. The PIR scheme Let C ⊆ F n q be a code based on a TD ( ℓ , s ) . • Initialisation. User U encodes F �→ c ∈ C , and gives c | G j to server S j . • To recover F i = c i , with i ∈ X : 1. User U randomly picks a block B ∈ B containing i . Then U defines: � unique ∈ B ∩ G j if i / ∈ G j q j = Q ( i ) j : = a random point in G j otherwise. 2. Each server S j sends back c q j 3. U recovers c i = − ∑ c q j = − ∑ c b j : i / ∈ G j b ∈ B \{ i } J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 24/33

  58. Privacy and parameters Theorem. This PIR protocol is information-theoretically private. Proof: – the only server which holds F i received a random query; – for each other server S j , query q j gives no information on the block B which has been picked ⇒ no information leaks on i . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 25/33

  59. Privacy and parameters Theorem. This PIR protocol is information-theoretically private. Proof: – the only server which holds F i received a random query; – for each other server S j , query q j gives no information on the block B which has been picked ⇒ no information leaks on i . Features. ◮ communication complexity: ℓ log s uploaded bits, ℓ log q dowloaded bits ◮ computational complexity: ◮ only 1 read for each server (somewhat optimal) ◮ ≤ ℓ additions over F q for the user ◮ storage overhead: ( n − k ) log q bits J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 25/33

  60. Privacy and parameters Theorem. This PIR protocol is information-theoretically private. Proof: – the only server which holds F i received a random query; – for each other server S j , query q j gives no information on the block B which has been picked ⇒ no information leaks on i . Features. ◮ communication complexity: ℓ log s uploaded bits, ℓ log q dowloaded bits ◮ computational complexity: ◮ only 1 read for each server (somewhat optimal) ◮ ≤ ℓ additions over F q for the user ◮ storage overhead: ( n − k ) log q bits Question: transversal designs with good k depending on ( ℓ , s ) ? J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 25/33

  61. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 25/33

  62. Instances with geometric designs T A , the classical affine transversal design : ◮ X = F m q , m ≥ 2, ◮ G a set of q disjoint hyperplanes partitionning X , ◮ B = { affine lines L secant to each group of G} . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 26/33

  63. Instances with geometric designs T A , the classical affine transversal design : ◮ X = F m q , m ≥ 2, ◮ G a set of q disjoint hyperplanes partitionning X , ◮ B = { affine lines L secant to each group of G} . Proposition. The code based on T A is identical to the code based on the affine geometry design ( i.e. the lifted code with r = q − 2). J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 26/33

  64. Instances with geometric designs T A , the classical affine transversal design : ◮ X = F m q , m ≥ 2, ◮ G a set of q disjoint hyperplanes partitionning X , ◮ B = { affine lines L secant to each group of G} . Proposition. The code based on T A is identical to the code based on the affine geometry design ( i.e. the lifted code with r = q − 2). Instances: – 3.2% storage overhead if #entries ≤ ( #servers ) 2 – 27% storage overhead if #entries ≤ ( #servers ) 3 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 26/33

  65. Instances with geometric designs T A , the classical affine transversal design : ◮ X = F m q , m ≥ 2, ◮ G a set of q disjoint hyperplanes partitionning X , ◮ B = { affine lines L secant to each group of G} . Proposition. The code based on T A is identical to the code based on the affine geometry design ( i.e. the lifted code with r = q − 2). Instances: – 3.2% storage overhead if #entries ≤ ( #servers ) 2 – 27% storage overhead if #entries ≤ ( #servers ) 3 Question: better instances? J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 26/33

  66. Instances with orthogonal arrays An orthogonal array OA ( t , ℓ , s ) of strength t is a list A of words – of length ℓ , – over a finite set S , | S | = s , – such that, for every I ⊂ [ 1, ℓ ] of size t , A | I = S t . Equivalently, an OA ( t , ℓ , s ) is a code A ⊂ S ℓ with dual distance t + 1. S = { a , b }   a b b b b a OA ( 2, 3, 2 ) =     b a b   a a a J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 27/33

  67. Instances with orthogonal arrays An orthogonal array OA ( t , ℓ , s ) of strength t is a list A of words – of length ℓ , – over a finite set S , | S | = s , – such that, for every I ⊂ [ 1, ℓ ] of size t , A | I = S t . Equivalently, an OA ( t , ℓ , s ) is a code A ⊂ S ℓ with dual distance t + 1. S = { a , b }   a b b Construction OA → TD : b b a OA ( 2, 3, 2 ) =   ◮ X = S × [ 1, ℓ ]   b a b   a a a ◮ G = { S × { i } , 1 ≤ i ≤ ℓ } ( a , 1 ) ( a , 2 ) ( a , 3 ) ( b , 1 ) ( b , 2 ) ( b , 3 ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 27/33

  68. Instances with orthogonal arrays An orthogonal array OA ( t , ℓ , s ) of strength t is a list A of words – of length ℓ , – over a finite set S , | S | = s , – such that, for every I ⊂ [ 1, ℓ ] of size t , A | I = S t . Equivalently, an OA ( t , ℓ , s ) is a code A ⊂ S ℓ with dual distance t + 1. S = { a , b }   a b b Construction OA → TD : b b a OA ( 2, 3, 2 ) =   ◮ X = S × [ 1, ℓ ]   b a b   a a a ◮ G = { S × { i } , 1 ≤ i ≤ ℓ } ◮ B = {{ ( c i , i ) , 1 ≤ i ≤ ℓ } , c ∈ OA } ( a , 1 ) ( a , 2 ) ( a , 3 ) ( b , 1 ) ( b , 2 ) ( b , 3 ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 27/33

  69. Instances with orthogonal arrays An orthogonal array OA ( t , ℓ , s ) of strength t is a list A of words – of length ℓ , – over a finite set S , | S | = s , – such that, for every I ⊂ [ 1, ℓ ] of size t , A | I = S t . Equivalently, an OA ( t , ℓ , s ) is a code A ⊂ S ℓ with dual distance t + 1. S = { a , b }   a b b Construction OA → TD : b b a OA ( 2, 3, 2 ) =   ◮ X = S × [ 1, ℓ ]   b a b   a a a ◮ G = { S × { i } , 1 ≤ i ≤ ℓ } ◮ B = {{ ( c i , i ) , 1 ≤ i ≤ ℓ } , c ∈ OA } ( a , 1 ) ( a , 2 ) ( a , 3 ) ( b , 1 ) ( b , 2 ) ( b , 3 ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 27/33

  70. Instances with orthogonal arrays An orthogonal array OA ( t , ℓ , s ) of strength t is a list A of words – of length ℓ , – over a finite set S , | S | = s , – such that, for every I ⊂ [ 1, ℓ ] of size t , A | I = S t . Equivalently, an OA ( t , ℓ , s ) is a code A ⊂ S ℓ with dual distance t + 1. S = { a , b }   a b b Construction OA → TD : b b a OA ( 2, 3, 2 ) =   ◮ X = S × [ 1, ℓ ]   b a b   a a a ◮ G = { S × { i } , 1 ≤ i ≤ ℓ } ◮ B = {{ ( c i , i ) , 1 ≤ i ≤ ℓ } , c ∈ OA } ( a , 1 ) ( a , 2 ) ( a , 3 ) ( b , 1 ) ( b , 2 ) ( b , 3 ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 27/33

  71. Resisting collusions Proposition. For t = 2, an OA ( t , ℓ , s ) gives a TD ( ℓ , s ) . J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 28/33

  72. Resisting collusions Proposition. For t = 2, an OA ( t , ℓ , s ) gives a TD ( ℓ , s ) . Experimentally, for t = 2 and small ℓ and s , codes based on classical affine TDs have the largest dimension. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 28/33

  73. Resisting collusions Proposition. For t = 2, an OA ( t , ℓ , s ) gives a TD ( ℓ , s ) . Experimentally, for t = 2 and small ℓ and s , codes based on classical affine TDs have the largest dimension. For t ≥ 3, we get TDs such that: for every t -set T of points lying in t different groups, there exists a unique block B ∈ B such that T ⊂ B . ⇒ The PIR protocol resists t − 1 colluding servers. J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 28/33

  74. Resisting collusions Proposition. For t = 2, an OA ( t , ℓ , s ) gives a TD ( ℓ , s ) . Experimentally, for t = 2 and small ℓ and s , codes based on classical affine TDs have the largest dimension. For t ≥ 3, we get TDs such that: for every t -set T of points lying in t different groups, there exists a unique block B ∈ B such that T ⊂ B . ⇒ The PIR protocol resists t − 1 colluding servers. ◮ OAs with t > 2 exist ( e.g. from Reed-Solomon codes) ◮ But associated TDs lead to codes with poor rates except for t ≪ ℓ J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 28/33

  75. Resisting collusions Proposition. For t = 2, an OA ( t , ℓ , s ) gives a TD ( ℓ , s ) . Experimentally, for t = 2 and small ℓ and s , codes based on classical affine TDs have the largest dimension. For t ≥ 3, we get TDs such that: for every t -set T of points lying in t different groups, there exists a unique block B ∈ B such that T ⊂ B . ⇒ The PIR protocol resists t − 1 colluding servers. ◮ OAs with t > 2 exist ( e.g. from Reed-Solomon codes) ◮ But associated TDs lead to codes with poor rates except for t ≪ ℓ Details in: Private Information Retrieval from Transversal Designs , L., IEEE TIT, to appear 10.1109/TIT.2018.2861747 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 28/33

  76. Outline 1. Codes with locality Locality in coding theory, examples Lifted projective Reed-Solomon codes A combinatorial point of view 2. Private information retrieval from transversal designs Private information retrieval (PIR) Transversal designs and codes A new PIR construction Instances 3. Proofs-of-retrievability 4. Conclusion J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 28/33

  77. Proofs-of-retrievability [Juels, Kaliski ’07] Issue: a client wants to verify if a file stored on a server is still retrievable, with a low communication challenge-response protocol “can I get my file?” ? a few bits J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 29/33

  78. Proofs-of-retrievability [Juels, Kaliski ’07] Issue: a client wants to verify if a file stored on a server is still retrievable, with a low communication challenge-response protocol “can I get my file?” ? a few bits Additional constraints: unbounded-use, low client storage, low computation J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 29/33

  79. PoR with lifted codes C = Lift ( RS q ( r ) , m ) Assumption: one can compute independent pseudo-random permutations σ ( κ ) ∈ S ( F q ) , 1 ≤ i ≤ n , κ ∈ K i Initialisation: ◮ User picks κ ∈ K at random ◮ File F is encoded and permuted as follows: F �→ c ∈ C �→ w = σ ( c ) = ( σ ( κ ) 1 ( c 1 ) , . . . , σ ( κ ) n ( c n )) ∈ F n q ◮ User stores κ , server stores w Verification: ◮ User picks a line L ⊂ F m q at random and sends it to the server ◮ Server reads w | L and sends it back to the user ◮ User accepts iff σ − 1 ( w | L ) ∈ RS q ( r ) J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 30/33

  80. Results Informal result (for the lifted code with m = 2): For every ε ≤ ε 0 ≃ 1, we have: the server answers correctly to a fraction ≥ 1 − ε of the challenges, if 1 then with probability ≥ 1 − O the file is extractable from the server. � � n ( ε 0 − ε ) 2 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 31/33

  81. Results Informal result (for the lifted code with m = 2): For every ε ≤ ε 0 ≃ 1, we have: the server answers correctly to a fraction ≥ 1 − ε of the challenges, if 1 then with probability ≥ 1 − O the file is extractable from the server. � � n ( ε 0 − ε ) 2 Details in: New Proofs of Retrievability using Locally Decodable Codes, L. & Levy-dit-Vehel IEEE International Symposium on Information Theory, 2016 J. Lavauzelle – Codes with locality: constructions and applications to cryptographic protocols – PhD defense 31/33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Constructions of Codes with the Locality Property Alexander Barg University of Maryland DIMACS

Constructions of Codes with the Locality Property Alexander Barg University of Maryland DIMACS

Constructions of Codes with the Locality Property Alexander Barg University of Maryland DIMACS Workshop Network Coding: The Next 15 years A. Barg (UMD) LRC codes 1 / 30 Acknowledgment Based on joint works with Itzhak Tamo Alexey

803 views • 30 slides
Maximum rank distance codes: constructions, classifications, and applications John Sheekey UCD,

Maximum rank distance codes: constructions, classifications, and applications John Sheekey UCD,

Maximum rank distance codes: constructions, classifications, and applications John Sheekey UCD, Dublin, Ireland Dagstuhl, August 2016 Rank metric codes A rank metric code is a set C M m n ( F q ) of m n matrices ( m n ) over F q

1.02k views • 85 slides
Constructions for constant dimension codes Tao ( ) Feng ( ) Department of Mathematics Beijing

Constructions for constant dimension codes Tao ( ) Feng ( ) Department of Mathematics Beijing

Constructions for constant dimension codes Tao ( ) Feng ( ) Department of Mathematics Beijing Jiaotong University Joint work with Shuangqing Liu and Yanxun Chang July 1, 2019 1 / 71 Outline 1 Background and Definitions 2 Constructions for

1.03k views • 84 slides
APPLICATIONS For applications of Constructions I and II we implicitly use the following result

APPLICATIONS For applications of Constructions I and II we implicitly use the following result

C ONSTRUCTION OF SIMPLE 3- DESIGNS USING RESOLUTION Tran van Trung Institut fr Experimentelle Mathematik Universitt Duisburg-Essen ALCOMA15 Kloster Banz, Germany March 1520, 2015 O UTLINE Generic constructions Applications (

468 views • 34 slides
outline introduction locality in fault-tolerant quantum comp. topological codes &amp;

outline introduction locality in fault-tolerant quantum comp. topological codes &amp;

outline introduction locality in fault-tolerant quantum comp. topological codes &amp; local operations results single-shot error correction self-correction gauge color codes universality via gauge-fixing

687 views • 44 slides
Some constructions of maximal witness codes Bertrand M EYER Tlcom ParisTech Aachen, August

Some constructions of maximal witness codes Bertrand M EYER Tlcom ParisTech Aachen, August

Some constructions of maximal witness codes Bertrand M EYER Tlcom ParisTech Aachen, August 25th 2011 B. Meyer (Tlcom Paris) Witness codes Aachen, 25.IX.2011 1 / 24 Introduction Progression Introduction 1 Some constructions 2

926 views • 24 slides
Lecture 11: Parallelism and Locality in Scientific Codes David Bindel 1 Mar 2010 Logistics

Lecture 11: Parallelism and Locality in Scientific Codes David Bindel 1 Mar 2010 Logistics

Lecture 11: Parallelism and Locality in Scientific Codes David Bindel 1 Mar 2010 Logistics Thinking about projects: Informal proposal in one week (March 8) Free-for-all at end of class HW 2 notes (how I spent my weekend) Code

430 views • 30 slides
Lecture 5: Parallelism and Locality in Scientific Codes David Bindel 13 Sep 2011 Logistics

Lecture 5: Parallelism and Locality in Scientific Codes David Bindel 13 Sep 2011 Logistics

Lecture 5: Parallelism and Locality in Scientific Codes David Bindel 13 Sep 2011 Logistics Course assignments: The cluster is online. Should receive your accounts today. Short assignment 1 is due by Friday, 9/16 on CMS Project 1

588 views • 29 slides
Lecture 10: Parallelism and Locality in Scientific Codes David Bindel 22 Feb 2010 Logistics

Lecture 10: Parallelism and Locality in Scientific Codes David Bindel 22 Feb 2010 Logistics

Lecture 10: Parallelism and Locality in Scientific Codes David Bindel 22 Feb 2010 Logistics HW 2 posted due March 10. Groups of 13; use the wiki to coordinate. Thinking about projects: Small teams (23, 1 by special

887 views • 13 slides
Lecture 8: Parallelism and Locality in Scientific Codes David Bindel 22 Feb 2010 Logistics

Lecture 8: Parallelism and Locality in Scientific Codes David Bindel 22 Feb 2010 Logistics

Lecture 8: Parallelism and Locality in Scientific Codes David Bindel 22 Feb 2010 Logistics HW 1 timing done (next slide) And thanks for the survey feedback! Those with projects: I will ask for pitches individually HW 2 posted

471 views • 34 slides
Different facets of the repair problem Alexander Barg University of Maryland, College Park

Different facets of the repair problem Alexander Barg University of Maryland, College Park

Different facets of the repair problem Alexander Barg University of Maryland, College Park LAWCI, July 2018 Overview 1. Motivation 2. Codes with hierarchical locality LRC codes on curves Codes on curves with hierarchical locality 3.

2k views • 182 slides
ON NETWORK LOCALITY IN MPI-BASED HPC APPLICATIONS Felix Zahn, Holger Frning 49th International

ON NETWORK LOCALITY IN MPI-BASED HPC APPLICATIONS Felix Zahn, Holger Frning 49th International

ON NETWORK LOCALITY IN MPI-BASED HPC APPLICATIONS Felix Zahn, Holger Frning 49th International Conference on Parallel Processing - ICPP August, 20th 2020, Edmonton, AB, Canada MOTIVATION &quot;Locality is efficiency, Efficiency is power,

516 views • 18 slides
CONTEXT LOCALITY LOCALITY LOCALITY LOCALITY LAYOUTS M E E R L U S T R O A D PICK

CONTEXT LOCALITY LOCALITY LOCALITY LOCALITY LAYOUTS M E E R L U S T R O A D PICK

CONTEXT LOCALITY LOCALITY LOCALITY LOCALITY LAYOUTS M E E R L U S T R O A D PICK N PAY HOTEL RETAIL RETAIL PORTE COCHERE ) m RETAIL 9 E 4 C RETAIL PARKING N . A 1 R 3 T N ( E T T N E E E M E R S A

568 views • 19 slides
A microscopic approach to Souslin trees constructions Forcing and its Applications Retrospective

A microscopic approach to Souslin trees constructions Forcing and its Applications Retrospective

A microscopic approach to Souslin trees constructions Forcing and its Applications Retrospective Workshop The Fields Institute, Toronto, Canada 01-April-2015 Assaf Rinot Bar-Ilan University 1 / 32 This is joint work with Ari M. Brodsky , and

2.24k views • 159 slides
Applications of gluing constructions in General Relativity Daniel Pollack University of

Applications of gluing constructions in General Relativity Daniel Pollack University of

Applications of gluing constructions in General Relativity Daniel Pollack University of Washington From Geometry to Numerics Institut Henri Poincar e (IHP) Paris, France Based on joint work with Piotr Chru sciel, James Isenberg and Rafe

310 views • 16 slides
locality.org.uk Locality is the national network of ambitious and enterprising community-led

locality.org.uk Locality is the national network of ambitious and enterprising community-led

locality.org.uk Locality is the national network of ambitious and enterprising community-led organisations, working together to help neighbourhoods thrive locality.org.uk @localitynews Session Aims To demystify business planning for

830 views • 50 slides
Cryptanalysis of the Sidelnikov cryptosystem Lorenz Minder, Amin Shokrollahi {

Cryptanalysis of the Sidelnikov cryptosystem Lorenz Minder, Amin Shokrollahi {

Cryptanalysis of the Sidelnikov cryptosystem Lorenz Minder, Amin Shokrollahi { lorenz.minder,amin.shokrollahi } @epfl.ch. LMA, EPFL Cryptanalysis of the Sidelnikov cryptosystem p.1/18 McEliece type cryptosystems PKCS based on

785 views • 18 slides
storage of Q info in a volume of space Jeongwan Haah Microsoft Research QMath13, Geogia Tech.

storage of Q info in a volume of space Jeongwan Haah Microsoft Research QMath13, Geogia Tech.

Limits on storage of Q info in a volume of space Jeongwan Haah Microsoft Research QMath13, Geogia Tech. Oct. 8, 2016 Based on joint work with S. Flammia, M. Kastoryano, I. Kim; arXiv:1610.????? What is Code? Scheme of storing/processing

642 views • 20 slides
Filesystem Reliability OS Lecture 18 UdS/TUKL WS 2015 MPI-SWS 1 What could go wrong?

Filesystem Reliability OS Lecture 18 UdS/TUKL WS 2015 MPI-SWS 1 What could go wrong?

Filesystem Reliability OS Lecture 18 UdS/TUKL WS 2015 MPI-SWS 1 What could go wrong? Expectation: stored data is persistent and correct. 1. Device failure : disk crash (permanent failure) bit flips on storage medium ( What about host

594 views • 13 slides
Chapter 2 Data Representation in Computer Systems Chapter 2 Objectives Understand the

Chapter 2 Data Representation in Computer Systems Chapter 2 Objectives Understand the

Chapter 2 Data Representation in Computer Systems Chapter 2 Objectives Understand the fundamentals of numerical data representation and manipulation in digital computers. Master the skill of converting between various radix systems.

1.26k views • 123 slides
t tr rts

t tr rts

t tr rts tr Ptr rst r

902 views • 62 slides
Cryptanalysis techniques in algebraic codebased cryptography Alain Couvreur 1,2 1 INRIA 2 LIX,

Cryptanalysis techniques in algebraic codebased cryptography Alain Couvreur 1,2 1 INRIA 2 LIX,

Cryptanalysis techniques in algebraic codebased cryptography Alain Couvreur 1,2 1 INRIA 2 LIX, cole polytechnique Nutmic 2019 A. Couvreur Cryptanalysis in codebased crypto Nutmic 2019 1 / 80 History of codebased cryptography 1

1.47k views • 116 slides
Digital Data Communication Techniques Error Correction ITS323: Introduction to Data

Digital Data Communication Techniques Error Correction ITS323: Introduction to Data

ITS323 Digital Data Bit Errors Error Detection Digital Data Communication Techniques Error Correction ITS323: Introduction to Data Communications Sirindhorn International Institute of Technology Thammasat University Prepared by Steven

458 views • 16 slides
The Detection of Defective Members of Large Populations November 21, 2019 This is me PhD

The Detection of Defective Members of Large Populations November 21, 2019 This is me PhD

The Detection of Defective Members of Large Populations November 21, 2019 This is me PhD Student at Stanford, ex-engineer Outline The paper What makes the paper work? How its ideas can be reused Group Testing The setting is World

1.21k views • 95 slides

More recommend