generalization of the ball collision algorithm
play

Generalization of the Ball-Collision Algorithm Violetta Weger joint - PowerPoint PPT Presentation

Apr 09, 2024 •714 likes •1.26k views

Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando, Karan Khathuria, Nicole Rohrer and Joachim Rosenthal University of Zurich Munich 18 July 2019 Violetta Weger Ball-Collision Algorithm Outline

  1. Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando, Karan Khathuria, Nicole Rohrer and Joachim Rosenthal University of Zurich Munich 18 July 2019 Violetta Weger Ball-Collision Algorithm

  2. Outline 1 Motivation 2 Introduction 3 Prange’s Algorithm 4 Improvements overview 5 Ball-collision Algorithm 6 New directions 7 Comparison of Complexities 8 Open questions 9 Surprise Violetta Weger Ball-Collision Algorithm

  3. Motivation Proposing a code-based cryptosystem Structural Attacks Nonstructural Attacks Have to consider Information Set Decoding (ISD) Violetta Weger Ball-Collision Algorithm

  4. Motivation Proposing a code-based cryptosystem Structural Attacks Nonstructural Attacks Have to consider Information Set Decoding (ISD) Violetta Weger Ball-Collision Algorithm

  5. ISD algorithms and syndome decoding problem 1978 Berlekamp, McEliece and van Tilborg: Decoding a random linear code is NP-complete Problem (Syndrome decoding problem) Given a parity check matrix H of a (binary) code of length n and dimension k and a syndrome s : s = Hx ⊺ ∈ F n − k 2 and the error correction capacity t , we want to find e ∈ F n 2 of weight t such that s = He ⊺ . Violetta Weger Ball-Collision Algorithm

  6. ISD algorithms and syndome decoding problem Syndrome decoding problem is equivalent to the decoding problem and Problem (Decoding problem) Given a generator matrix G of a (binary) code of length n and dimension k and a corrupted codeword c : c = mG + e ∈ F n 2 and the error correction capacity t , we want to find e ∈ F n 2 of weight t . equivalent to finding a minimum weight codeword, since in C + { 0 , c } the error vector e is now the minimum weight codeword. Violetta Weger Ball-Collision Algorithm

  7. Information set Notation Let c ∈ F n q and A ∈ F k × n , let S ⊂ { 1 , . . . , n } , then we denote by q c S the restriction of c to the entries indexed by S and by A S the columns of A indexed by S . For a code C ⊂ F n q , we denote by C S = { c S | c ∈ C} . Definition (Information set) Let C ⊂ F n q be a code of dimension k . If I ⊂ { 1 , . . . , n } of size k is such that | C | = | C I | , then we call I an information set of C . Violetta Weger Ball-Collision Algorithm

  8. Information set Notation Let c ∈ F n q and A ∈ F k × n , let S ⊂ { 1 , . . . , n } , then we denote by q c S the restriction of c to the entries indexed by S and by A S the columns of A indexed by S . For a code C ⊂ F n q , we denote by C S = { c S | c ∈ C} . Definition (Information set) Let C ⊂ F n q be a code of dimension k . If I ⊂ { 1 , . . . , n } of size k is such that | C | = | C I | , then we call I an information set of C . Violetta Weger Ball-Collision Algorithm

  9. Information set Definition (Information set) Let G be the k × n generator matrix of C . If I ⊂ { 1 , . . . , n } of size k is such that G I is invertible, then I is an information set of C . Definition (Information set) Let H be the n − k × n parity check matrix of C . If I ⊂ { 1 , . . . , n } of size k is such that H I c is invertible, then I is an information set of C . Violetta Weger Ball-Collision Algorithm

  10. Information set Definition (Information set) Let G be the k × n generator matrix of C . If I ⊂ { 1 , . . . , n } of size k is such that G I is invertible, then I is an information set of C . Definition (Information set) Let H be the n − k × n parity check matrix of C . If I ⊂ { 1 , . . . , n } of size k is such that H I c is invertible, then I is an information set of C . Violetta Weger Ball-Collision Algorithm

  11. Prange’s algorithm 1962 Prange proposes the first ISD algorithm. Assumption: All t errors occur outside of the information set. Input: H ∈ F n − k × n , s ∈ F n − k , t ∈ N 2 2 2 , wt ( e ) = t and He ⊺ = s . Output: e ∈ F n 1 Choose an information set I ⊂ { 1 , . . . , n } of size k . 2 Find an invertible matrix U ∈ F n − k × n − k such that 2 ( UH ) I = A and ( UH ) I c = Id n − k . 3 If wt ( Us ) = t , then e I = 0 and e I c = Us . 4 Else start over. Violetta Weger Ball-Collision Algorithm

  12. Prange’s algorithm 1 Choose an information set I ⊂ { 1 , . . . , n } of size k . Let us assume for simplicity that I = { 1 , . . . , k } . Violetta Weger Ball-Collision Algorithm

  13. Prange’s algorithm 1 Choose an information set I ⊂ { 1 , . . . , n } of size k . 2 Find an invertible matrix U ∈ F n − k × n − k such that 2 ( UH ) I = A and ( UH ) I c = Id n − k . Let us assume for simplicity that I = { 1 , . . . , k } . � � UH = A Id n − k , hence � � 0 � UHe ⊺ = � A Id n − k = Us. e I c Violetta Weger Ball-Collision Algorithm

  14. Prange’s algorithm 1 Choose an information set I ⊂ { 1 , . . . , n } of size k . 2 Find an invertible matrix U ∈ F n − k × n − k such that 2 ( UH ) I = A and ( UH ) I c = Id n − k . 3 If wt ( Us ) = t , then e I = 0 and e I c = Us . Let us assume for simplicity that I = { 1 , . . . , k } . � � UH = A Id n − k , hence � � 0 � UHe ⊺ = � A Id n − k = Us. e I c From which we get the condition e I c = Us . Violetta Weger Ball-Collision Algorithm

  15. Prange’s algorithm The cost of an ISD algorithm is given by the product of the cost of one iteration, inverted success probability = average number of iterations needed. The success probability is given by the weight distribution of the error vector. Example (Success probability of Prange’s algorithm) � − 1 � n − k �� n . t t Remark Brute force � = ISD. Violetta Weger Ball-Collision Algorithm

  16. Prange’s algorithm The cost of an ISD algorithm is given by the product of the cost of one iteration, inverted success probability = average number of iterations needed. The success probability is given by the weight distribution of the error vector. Example (Success probability of Prange’s algorithm) � − 1 � n − k �� n . t t Remark Brute force � = ISD. Violetta Weger Ball-Collision Algorithm

  17. Prange’s algorithm The cost of an ISD algorithm is given by the product of the cost of one iteration, inverted success probability = average number of iterations needed. The success probability is given by the weight distribution of the error vector. Example (Success probability of Prange’s algorithm) � − 1 � n − k �� n . t t Remark Brute force � = ISD. Violetta Weger Ball-Collision Algorithm

  18. Prange’s algorithm The cost of an ISD algorithm is given by the product of the cost of one iteration, inverted success probability = average number of iterations needed. The success probability is given by the weight distribution of the error vector. Example (Success probability of Prange’s algorithm) � − 1 � n − k �� n . t t Remark Brute force � = ISD. Violetta Weger Ball-Collision Algorithm

  19. Improvements Overview Violetta Weger Ball-Collision Algorithm

  20. Ball-collision Algorithm Violetta Weger Ball-Collision Algorithm

  21. Ball-collision Algorithm 1 Choose an information set I . Let us assume for simplicity that I = { 1 , . . . , k } . Violetta Weger Ball-Collision Algorithm

  22. Ball-collision Algorithm 1 Choose an information set I . 2 Partition I into X 1 and X 2 . Let us assume for simplicity that I = { 1 , . . . , k } . Violetta Weger Ball-Collision Algorithm

  23. Ball-collision Algorithm 1 Choose an information set I . 2 Partition I into X 1 and X 2 . 3 Partition Y into Y 1 , Y 2 , Y 3 . Let us assume for simplicity that I = { 1 , . . . , k } . Violetta Weger Ball-Collision Algorithm

  24. Ball-collision Algorithm 1 Choose an information set I . 2 Partition I into X 1 and X 2 . 3 Partition Y into Y 1 , Y 2 , Y 3 . 4 Bring H in systematic form. �  e 1  � A 1 � s 1 � Id ℓ 1 + ℓ 2 0 UHe ⊺ =  = e 2 = Us.  A 2 0 Id ℓ 3 s 2 e 3 We get the conditions A 1 e 1 + e 2 = s 1 , A 2 e 1 + e 3 = s 2 . Violetta Weger Ball-Collision Algorithm

  25. Ball-collision Algorithm 1 Choose an information set I . 2 Partition I into X 1 and X 2 . 3 Partition Y into Y 1 , Y 2 , Y 3 . 4 Bring H in systematic form. �  e 1  � A 1 � s 1 � Id ℓ 1 + ℓ 2 0 UHe ⊺ =  = e 2 = Us.  A 2 0 Id ℓ 3 s 2 e 3 We get the conditions A 1 e 1 + e 2 = s 1 , A 2 e 1 + e 3 = s 2 . Violetta Weger Ball-Collision Algorithm

  26. Ball-collision Algorithm Conditions: A 1 e 1 + e 2 = s 1 , A 2 e 1 + e 3 = s 2 . Assumptions: a e 1 has support in I = X 1 ∪ X 2 and weight 2 v b e 2 has support in Y 1 ∪ Y 2 and weight 2 w c e 3 has support in Y 3 and weight t − 2 v − 2 w Violetta Weger Ball-Collision Algorithm

  27. Ball-collision Algorithm a e 1 has support in I = X 1 ∪ X 2 and weight 2 v Violetta Weger Ball-Collision Algorithm

  28. Ball-collision Algorithm a e 1 has support in I = X 1 ∪ X 2 and weight 2 v b e 2 has support in Y 1 ∪ Y 2 and weight 2 w Violetta Weger Ball-Collision Algorithm

  29. Ball-collision Algorithm A 1 e 1 + e 2 = s 1 , (1) A 2 e 1 + e 3 = s 2 . (2) Condition (1): Go through all choices of e 1 and e 2 and check with collision if (1) is satisfied. Condition (2): Define e 3 = s 2 − A 2 e 1 and check if e 3 has weight t − 2 v − 2 w . Violetta Weger Ball-Collision Algorithm

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando,

Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando,

Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando, Karan Khathuria, Nicole Rohrer and Joachim Rosenthal University of Zurich SIAM AG 19 11 July 2019 Violetta Weger Ball-Collision Algorithm

398 views • 36 slides
Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando,

Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando,

Generalization of the Ball-Collision Algorithm Violetta Weger joint work with Carmelo Interlando, Karan Khathuria, Nicole Rohrer and Joachim Rosenthal University of Zurich 7th Code-Based Cryptography Workshop 19 May 2019 Violetta Weger

522 views • 34 slides
Notes Rigid Collision Algorithms Use the same collision response algorithm as Assignment 2

Notes Rigid Collision Algorithms Use the same collision response algorithm as Assignment 2

Notes Rigid Collision Algorithms Use the same collision response algorithm as Assignment 2 instability - dont worry with particles about it right now Identify colliding points as perhaps the deepest Please read penetrating

499 views • 5 slides
An Efficient Quantum Collision Search Algorithm and Implications on Symmetric Cryptography

An Efficient Quantum Collision Search Algorithm and Implications on Symmetric Cryptography

Cryptographic context Quantum collision search: a brief state of the art Our collision algorithm An Efficient Quantum Collision Search Algorithm and Implications on Symmetric Cryptography Andr Chailloux, Mara Naya-Plasencia, Andr

321 views • 28 slides
Smaller decoding exponents: ball-collision decoding D. J. Bernstein University of Illinois at

Smaller decoding exponents: ball-collision decoding D. J. Bernstein University of Illinois at

Smaller decoding exponents: ball-collision decoding D. J. Bernstein University of Illinois at Chicago Joint work with: Tanja Lange Technische Universiteit Eindhoven Christiane Peters University of Illinois at Chicago Context: speed What is

500 views • 36 slides
A Voxel-Based Parallel Collision Detection Algorithm Orion Sky Lawlor Univ. of Illinois at

A Voxel-Based Parallel Collision Detection Algorithm Orion Sky Lawlor Univ. of Illinois at

A Voxel-Based Parallel Collision Detection Algorithm Orion Sky Lawlor Univ. of Illinois at Urbana-Champaign ICS 2002 Introduction Simulated objects can occupy the same space at the same time. Physical objects cant. Collision Detection (

782 views • 22 slides
10-Collision Response Collision Response Collision Response [Moore and Wilhelms 88]:

10-Collision Response Collision Response Collision Response [Moore and Wilhelms 88]:

10-Collision Response Collision Response Collision Response [Moore and Wilhelms 88]: automatic suggestions about the motions of objects immediately following a collision; animation systems using dynamical simulation inherently must respond

767 views • 53 slides
The EM Algorithm 0.6 s 1 {A: .3 ,B: .2 ,C: .5 } 0.30.3 0.20.10.3 p ( O | ) o 1 ,o 2

The EM Algorithm 0.6 s 1 {A: .3 ,B: .2 ,C: .5 } 0.30.3 0.20.10.3 p ( O | ) o 1 ,o 2

The EM Algorithm 0.6 s 1 {A: .3 ,B: .2 ,C: .5 } 0.30.3 0.20.10.3 p ( O | ) o 1 ,o 2 ,,o T 0.7 s 2 s 3 0.7 0.2 p ( O | ) > p ( O | ) {A: .7 ,B: .1 ,C: .2 } {A: .3 ,B: .6 ,C: .1 } A B Observed data : O : ball

589 views • 19 slides
A New Dynamic Frame Slotted Aloha Anti-Collision Algorithm for the Internet of Things Rafael

A New Dynamic Frame Slotted Aloha Anti-Collision Algorithm for the Internet of Things Rafael

A New Dynamic Frame Slotted Aloha Anti-Collision Algorithm for the Internet of Things Rafael Perazzo Barbosa Mota IME - USP 05 de junho de 2013 Agenda 1 Motivation and relevance 2 Background 3 Related Work 4 Our Proposal 5 Results and

691 views • 39 slides
Ball and Cup Contest Newtons Toy Box Activity 6 microgravity Have you ever played with a ball

Ball and Cup Contest Newtons Toy Box Activity 6 microgravity Have you ever played with a ball

Ball and Cup Contest Newtons Toy Box Activity 6 microgravity Have you ever played with a ball and cup toy? How does it work? What do you have to do to capture the ball? How does gravity affect the ball and cup game? As the ball reaches the

354 views • 9 slides
Community-Preserving Generalization of Social Networks Jordi Casas-Roma 1 and Fran cois Rousseau

Community-Preserving Generalization of Social Networks Jordi Casas-Roma 1 and Fran cois Rousseau

Introduction Preliminary concepts Graph Generalization Algorithm Experimental Set Up Results Conclusions Community-Preserving Generalization of Social Networks Jordi Casas-Roma 1 and Fran cois Rousseau 2 1 Universitat Oberta de Catalunya,

388 views • 24 slides
Collision Detection Part 2. Narrow Phase Collision Detection The Narrow Phase Exact collision

Collision Detection Part 2. Narrow Phase Collision Detection The Narrow Phase Exact collision

Collision Detection Part 2. Narrow Phase Collision Detection The Narrow Phase Exact collision detection: Where precisely have objects touched, where to apply forces, torques? Collision Response The following is an equation for Rigid Body

1.06k views • 79 slides
Q44.2 Consider the collision p + p -> p + p + 0 p + p + Consider the collision p + p

Q44.2 Consider the collision p + p -> p + p + 0 p + p + Consider the collision p + p

Q44.2 Consider the collision p + p -> p + p + 0 p + p + Consider the collision p + p A. It is exoergic. g B. It is endoergic C These terms dont apply to this type of collision C. These terms don t apply to this type of collision

596 views • 20 slides
Hand Ball Hand Ball What?? Handling the Ball Handling the Ball Goal - Consistent Calls

Hand Ball Hand Ball What?? Handling the Ball Handling the Ball Goal - Consistent Calls

Hand Ball Hand Ball What?? Handling the Ball Handling the Ball Goal - Consistent Calls Across the State Across the Country Across the World Handling the Ball Three Criteria to Determine if Hand/Arm contact is Handling

360 views • 15 slides
Collision Detection Collision detection weaknesses Naive collision detection suffers from 3 known

Collision Detection Collision detection weaknesses Naive collision detection suffers from 3 known

07 Tutorial: Broadphase Collision Detection Collision detection weaknesses Naive collision detection suffers from 3 known weaknesses Fixed-timestep weakness All-pairs weakness Pair-processing weakness Two-phase collision detection

833 views • 20 slides
An Adaptive Tree Algorithm to Approach Collision-Free Transmission in Slotted ALOHA Molly Zhang,

An Adaptive Tree Algorithm to Approach Collision-Free Transmission in Slotted ALOHA Molly Zhang,

An Adaptive Tree Algorithm to Approach Collision-Free Transmission in Slotted ALOHA Molly Zhang, Luca de Alfaro, JJ Garcia-Luna Aceves University of California, Santa Cruz Outline Problem Statement Adaptive Tree ALOHA Performance Setting:

796 views • 31 slides
MP System-on-Chip: MP System-on-Chip: Embedded Test, Diagnosis and Embedded Test, Diagnosis and

MP System-on-Chip: MP System-on-Chip: Embedded Test, Diagnosis and Embedded Test, Diagnosis and

MP System-on-Chip: MP System-on-Chip: Embedded Test, Diagnosis and Embedded Test, Diagnosis and Repair in Practice Repair in Practice Yervant Zorian Virage Logic Corp zorian@viragelogic.com Contents Contents Introduction SoC yield

729 views • 62 slides
EPL606 Transport Layer Outline Transport Layer Services TCP Overview Segment

EPL606 Transport Layer Outline Transport Layer Services TCP Overview Segment

EPL606 Transport Layer Outline Transport Layer Services TCP Overview Segment structure Sequence/Acknowledgement numbers TCP connection management RTT acks, events, fast retransmit Flow Control Congestion Control

1.33k views • 119 slides
1 Why Why flow flow control? control? sender

1 Why Why flow flow control? control? sender

Lecture 7. Lecture 7. TCP mechanisms for: TCP mechanisms for: data transfer control / flow control error control congestion control Graphical examples (applet java) of several algorithms at:

589 views • 13 slides
social dynamics of economic performance in a creative industry motion picture and video production

social dynamics of economic performance in a creative industry motion picture and video production

social dynamics of economic performance in a creative industry motion picture and video production in Montreal, Toronto and Vancouver Charles Davis, Trevor Barnes, Neil Coe, and Diane Gabrielle Tremblay ISRN 10, Toronto, May 2010 Our

691 views • 31 slides
Stabilizer quantum codes via the CWS framework Leonid Pryadko University of California,

Stabilizer quantum codes via the CWS framework Leonid Pryadko University of California,

Stabilizer quantum codes via the CWS framework Leonid Pryadko University of California, Riverside Y. Li, I. Dumer, & LPP, PRL (2010) Y. Li, I. Dumer, M. Grassl, & LPP, PRA (2010) A. Kovalev, I. Dumer, & LPP, PRA (accepted) NSF ARO

675 views • 29 slides
The Transport Layer: TCP and UDP

The Transport Layer: TCP and UDP

COLE POLYTECHNIQUE FDRALE DE LAUSANNE The Transport Layer: TCP and UDP Contents

666 views • 41 slides
How I treat high-risk MDS Matteo G Della Porta Cancer Center IRCCS Humanitas Research Hospital

How I treat high-risk MDS Matteo G Della Porta Cancer Center IRCCS Humanitas Research Hospital

How I treat high-risk MDS Matteo G Della Porta Cancer Center IRCCS Humanitas Research Hospital & Humanitas University Milano, Italy matteo.della_porta@hunimed.eu Clinical decision making in MDS - Critical issues How we can define

540 views • 22 slides
Requirements Validation Lectures 6, DAT230, Requirements Engineering Robert Feldt, 2012-09-18

Requirements Validation Lectures 6, DAT230, Requirements Engineering Robert Feldt, 2012-09-18

Requirements Validation Lectures 6, DAT230, Requirements Engineering Robert Feldt, 2012-09-18 tisdag 18 september 12 Recap from last lecture tisdag 18 september 12 Recap Specification to refine/specify reqs and reduce risks SRS is

513 views • 30 slides

More recommend