on error correction in the exponent
play

On Error Correction in the Exponent Chris Peikert MIT Computer - PowerPoint PPT Presentation

Nov 20, 2023 •446 likes •1.04k views

On Error Correction in the Exponent Chris Peikert MIT Computer Science and AI Laboratory Theory of Cryptography Conference 5 March 2006 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 1 / 9 Error Correction (in the

  1. On Error Correction in the Exponent Chris Peikert MIT Computer Science and AI Laboratory Theory of Cryptography Conference 5 March 2006 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 1 / 9

  2. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. P 6 P 2 P 5 P 3 P 4 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  3. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. x 1 P 6 P 2 Reconstruction • P i announces x i . P 5 P 3 P 4 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  4. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. x 2 P 6 P 2 Reconstruction • P i announces x i . P 5 P 3 P 4 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  5. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. x i P 6 P 2 Reconstruction • P i announces x i . Interpolation: p ( α ) = � x i λ i for any α . P 5 P 3 P 4 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  6. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. P 6 P 2 Reconstruction • P i announces x i . Interpolation: p ( α ) = � x i λ i for any α . P 5 P 3 P 4 P 4 Error correction: [BeWe86, GuSu98] Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  7. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. g x 1 P 6 P 2 Placing Shares “in the Exponent” [CJKR96, PK96, RG03, NPR99, D03, CD04, CG99, BF99,. . . ] Cyclic group G = � g � , order q P 5 P 3 • P i announces g x i . P 4 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  8. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. g x 2 P 6 P 2 Placing Shares “in the Exponent” [CJKR96, PK96, RG03, NPR99, D03, CD04, CG99, BF99,. . . ] Cyclic group G = � g � , order q P 5 P 3 • P i announces g x i . P 4 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  9. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. g x i P 6 P 2 Placing Shares “in the Exponent” [CJKR96, PK96, RG03, NPR99, D03, CD04, CG99, BF99,. . . ] Cyclic group G = � g � , order q P 5 P 3 • P i announces g x i . P 4 g p ( α ) = � ( g x i ) λ i Interpolation: Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  10. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. P 6 P 2 Placing Shares “in the Exponent” ✔ [CJKR96, PK96, RG03, NPR99, D03, CD04, CG99, BF99,. . . ] Cyclic group G = � g � , order q P 5 P 3 • P i announces g x i . P 4 P 4 g p ( α ) = � ( g x i ) λ i Interpolation: Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  11. Error Correction (in the Exponent) Sharing Secrets (mod q ) • Random p ( · ) , deg ( p ) < k , s.t. p ( 0 ) = secret. • P i gets share x i = p ( i ) . P 7 P 7 P 1 ( x 1 , . . . , x n ) is Reed-Solomon codewd. P 6 P 2 Placing Shares “in the Exponent” g ? [CJKR96, PK96, RG03, NPR99, D03, CD04, CG99, BF99,. . . ] Cyclic group G = � g � , order q P 5 P 3 • P i announces g x i . P 4 P 4 g p ( α ) = � ( g x i ) λ i Interpolation: ERROR CORRECTION: ??? • Guess-and-check: n log n errors k Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 2 / 9

  12. Our Contributions ☞ The first detailed study of the complexity of ECE. Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 3 / 9

  13. Our Contributions ☞ The first detailed study of the complexity of ECE. Unconditional Results Errors Complexity √ n − nk EASY AS DH n − k − k 1 − ǫ HARD AS DLOG Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 3 / 9

  14. Our Contributions ☞ The first detailed study of the complexity of ECE. Unconditional Results Errors Complexity √ Gap n − nk EASY AS DH ≈ δ · k n − k − k 1 − ǫ HARD AS DLOG Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 3 / 9

  15. Our Contributions ☞ The first detailed study of the complexity of ECE. Unconditional Results Errors Complexity √ Gap n − nk EASY AS DH link DH to ≈ δ · k DLOG? n − k − k 1 − ǫ HARD AS DLOG Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 3 / 9

  16. Our Contributions ☞ The first detailed study of the complexity of ECE. Unconditional Results Errors Complexity √ Gap n − nk EASY AS DH link DH to ≈ δ · k DLOG? n − k − k 1 − ǫ HARD AS DLOG Results for Generic Algorithms • Guess-and-check is optimal — even if DDH is easy. Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 3 / 9

  17. Our Contributions ☞ The first detailed study of the complexity of ECE. Unconditional Results Errors Complexity √ Gap n − nk EASY AS DH link DH to ≈ δ · k DLOG? n − k − k 1 − ǫ HARD AS DLOG Results for Generic Algorithms • Guess-and-check is optimal — even if DDH is easy. Evidence for: A new approach for: < ≤ DDH ECE DH DLOG = < DDH ECE = = DH Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 3 / 9

  18. Relation to Discrete Log Theorem Decoding (in the exponent) to distance n − k − k 1 − ǫ is as hard as computing discrete logs in G . Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 4 / 9

  19. Relation to Discrete Log Theorem Decoding (in the exponent) to distance n − k − k 1 − ǫ is as hard as computing discrete logs in G . Proof Sketch 1 Finding a representation on uniform w ∈ G n is as hard as dlog. 2 Uniform w is close (in the exponent) to some codeword. 3 Decoding w yields a representation on w . Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 4 / 9

  20. Relation to Discrete Log Theorem Decoding (in the exponent) to distance n − k − k 1 − ǫ is as hard as computing discrete logs in G . Proof Sketch 1 Finding a representation on uniform w ∈ G n is as hard as dlog. 2 Uniform w is close (in the exponent) to some codeword. 3 Decoding w yields a representation on w . - Representation on w : nonzero a = ( a 1 , . . . , a n ) ∈ Z n q s.t. � w a i i = 1 . i - [Bra93] showed hardness. Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 4 / 9

  21. Relation to Discrete Log Theorem Decoding (in the exponent) to distance n − k − k 1 − ǫ is as hard as computing discrete logs in G . Proof Sketch 1 Finding a representation on uniform w ∈ G n is as hard as dlog. 2 Uniform w is close (in the exponent) to some codeword. 3 Decoding w yields a representation on w . We show ∃ ℓ = k + k 1 − ǫ points w i = g x i , with x i on poly of deg < k . � n � - There are distinct events (each very rare). ℓ - These events have limited dependence. Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 4 / 9

  22. Relation to Discrete Log Theorem Decoding (in the exponent) to distance n − k − k 1 − ǫ is as hard as computing discrete logs in G . Proof Sketch 1 Finding a representation on uniform w ∈ G n is as hard as dlog. 2 Uniform w is close (in the exponent) to some codeword. 3 Decoding w yields a representation on w . We show ∃ ℓ = k + k 1 − ǫ points w i = g x i , with x i on poly of deg < k . � n � - There are distinct events (each very rare). ℓ - These events have limited dependence. Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 4 / 9

  23. Relation to Discrete Log Theorem Decoding (in the exponent) to distance n − k − k 1 − ǫ is as hard as computing discrete logs in G . Proof Sketch 1 Finding a representation on uniform w ∈ G n is as hard as dlog. 2 Uniform w is close (in the exponent) to some codeword. 3 Decoding w yields a representation on w . - Decode w to ( g x 1 , . . . , g x n ) , where x i lie on poly of deg < k . - There are ≫ k points w i = g x i . wlog: w 1 , . . . , w k + 1 . - Interpolate in the exponent: k � w λ i w k + 1 = ⇒ representation! i i = 1 Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 4 / 9

  24. Generic Algorithms [Sho97] Intuition Treat group as “black-box” — don’t use element representations Chris Peikert (MIT) On Error Correction in the Exponent TCC 2006 5 / 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ERROR DETECTON &amp; CORRECTION Error Detection EDC= Error Detection and Correction bits

ERROR DETECTON &amp; CORRECTION Error Detection EDC= Error Detection and Correction bits

ERROR DETECTON &amp; CORRECTION Error Detection EDC= Error Detection and Correction bits (redundancy) D = Data protected by error checking, may include header fields Error detection not 100% reliable! protocol may miss some errors,

320 views • 18 slides
QEC11 Quantum Error Correction and Quantum Error-Correcting Codes Todd A. Brun Center for

QEC11 Quantum Error Correction and Quantum Error-Correcting Codes Todd A. Brun Center for

QEC11 Quantum Error Correction and Quantum Error-Correcting Codes Todd A. Brun Center for Quantum Information Science and Technology (CQIST) Outline 1. What is Quantum Error Correction? 2. Classical Error-Correcting Codes 3. Does Encoding Copy

811 views • 35 slides
Using Timing-Error Detection and Correction for Transient-Error Tolerance and Adaptation to PVT

Using Timing-Error Detection and Correction for Transient-Error Tolerance and Adaptation to PVT

A Power-Efficient 32b ARM ISA Processor Using Timing-Error Detection and Correction for Transient-Error Tolerance and Adaptation to PVT Variation David Bull 1 , Shidhartha Das 1 , Karthik Shivashankar 1 , Ganesh Dasika 2 , Krisztian Flautner 1 ,

778 views • 41 slides
Constructing Error- -Correction Codes Correction Codes Constructing Error from Scale- -Free

Constructing Error- -Correction Codes Correction Codes Constructing Error from Scale- -Free

International Workshop on Complex Systems and Networks 2007 Guilin, China Constructing Error- -Correction Codes Correction Codes Constructing Error from Scale- -Free Networks Free Networks from Scale Francis C.M. Lau Francis C.M. Lau

1.26k views • 114 slides
Parametric Linear System Solving with Error Correction. Cleveland Waddell S YMBOLIC -N UMERIC C

Parametric Linear System Solving with Error Correction. Cleveland Waddell S YMBOLIC -N UMERIC C

Parametric Linear System Solving with Error Correction. Cleveland Waddell S YMBOLIC -N UMERIC C OMPUTING S EMINAR September 26, 2019 2 Overview Error Correction: Parametric Linear System Solving Relating Error Correction to

1.08k views • 83 slides
MapReduce for accurate error correction of next-generation sequencing data Assoc. Prof . Liang

MapReduce for accurate error correction of next-generation sequencing data Assoc. Prof . Liang

MapReduce for accurate error correction of next-generation sequencing data Assoc. Prof . Liang Zhao School of Computing and Electronic Information Guangxi University &amp; Taihe Hospital Oct 5th, 2016 (GXU, THH) error correction GIW2016 1

530 views • 27 slides
Quantum Error Correction by Optimal Control Basic Systems Concepts, Applications,

Quantum Error Correction by Optimal Control Basic Systems Concepts, Applications,

Quantum Error Correction by Optimal Control Basic Systems Concepts, Applications, Perspectives Theory DYNAMO Platform Applications I: Error Correction Thomas Schulte-Herbrggen Applications II: TU-Munich Fixed-Point Engineering

2.1k views • 152 slides
The Capability of Error Correction for Burst-noise Channels Using Error Estimating Code Yaoyu

The Capability of Error Correction for Burst-noise Channels Using Error Estimating Code Yaoyu

The Capability of Error Correction for Burst-noise Channels Using Error Estimating Code Yaoyu Wang Nanjing University yaoyu.wang.nju@gmail.com June 10, 2016 Yaoyu Wang (NJU) Error correction with EEC June 10, 2016 1 / 22 Overview Error

419 views • 22 slides
Physical layer Error detection, correction Martin Heusse X L A TEX E Error detection

Physical layer Error detection, correction Martin Heusse X L A TEX E Error detection

Physical layer Error detection, correction Martin Heusse X L A TEX E Error detection Idea = Add redundant information in the transmitted data to check for errors or even correct them Also used for data storage, memory (Am I

229 views • 11 slides
Private quantum subsystems and error Tomas Jochym- OConnor correction Privacy &amp; error

Private quantum subsystems and error Tomas Jochym- OConnor correction Privacy &amp; error

Private quantum subsystems and error correction Private quantum subsystems and error Tomas Jochym- OConnor correction Privacy &amp; error correction Restrictions of operator privacy Tomas Jochym-OConnor Generalization of subsystem

806 views • 28 slides
Finite-Blocklength and Error-Exponent Analyses for LDPC Codes in Point-to-Point and Multiple

Finite-Blocklength and Error-Exponent Analyses for LDPC Codes in Point-to-Point and Multiple

Finite-Blocklength and Error-Exponent Analyses for LDPC Codes in Point-to-Point and Multiple Access Communication* Yuxin Liu and Michelle Effros Department of Electrical Engineering, California Institute of Technology June 21-26, 2020 IEEE

667 views • 23 slides
Quantum error correction and fault tolerance John Preskill, Caltech 1 July 2004

Quantum error correction and fault tolerance John Preskill, Caltech 1 July 2004

Quantum error correction and fault tolerance John Preskill, Caltech 1 July 2004 http://www.theory.caltech.edu/~preskill/ph219/ph219_2004.html Quantum error correction Can large-scale quantum computers really be built and operated? Surely

668 views • 51 slides
RNA-seq nanopore read correction R. Chikhi, L. Lima, C. Marchet, ASTER Consortium December 2017

RNA-seq nanopore read correction R. Chikhi, L. Lima, C. Marchet, ASTER Consortium December 2017

RNA-seq nanopore read correction R. Chikhi, L. Lima, C. Marchet, ASTER Consortium December 2017 Motivation Emerging cDNA and RNA nanopore data No dedicated error-correction tool yet We evaluate existing DNA error-correction tools on

939 views • 47 slides
Quantum Error Correction and Quantum Information Theory Vinod Sharma Arun Padakandla Dept. of

Quantum Error Correction and Quantum Information Theory Vinod Sharma Arun Padakandla Dept. of

Quantum Error Correction and Quantum Information Theory Vinod Sharma Arun Padakandla Dept. of ECE Dept. of EE and CS IISc Bangalore University of Tennessee Bangalore, India Knoxville, USA July 20, 2020 1/71 Classical Error Correction

1.12k views • 71 slides
Quantum Error Correction Shyam Sundhar R Department of EE Mid Term Presentation, CS 682 Mid

Quantum Error Correction Shyam Sundhar R Department of EE Mid Term Presentation, CS 682 Mid

Quantum Error Correction Shyam Sundhar R Department of EE Mid Term Presentation, CS 682 Mid Term Presentation, CS 682 1 / Shyam Sundhar R (IIT K) Quantum Error Correction 32 Outline Shor Code 1 Decoherence Tackling Decoherence Error

761 views • 54 slides
Online Error Correction for the Tracking of Laparoscopic Ultrasound Diploma Thesis Tobias Reichl

Online Error Correction for the Tracking of Laparoscopic Ultrasound Diploma Thesis Tobias Reichl

Introduction Methods Results Discussion Online Error Correction for the Tracking of Laparoscopic Ultrasound Diploma Thesis Tobias Reichl (reichl@in.tum.de) 20th July 2007 Tobias Reichl Online Error Correction for the Tracking of

513 views • 33 slides
Jupyter in HPC 1 Matthias Bussonnier A Physicist/Bio-Physicist About Me Core developer

Jupyter in HPC 1 Matthias Bussonnier A Physicist/Bio-Physicist About Me Core developer

Feb 28th, 2018 Matthias Bussonnier bussonniermatthias@gmail.com GitHub: @carreau Twitter: @mbussonn Jupyter in HPC 1 Matthias Bussonnier A Physicist/Bio-Physicist About Me Core developer of IPython/Jupyter since 2012

789 views • 56 slides
Wrapping It Up Jilles Vreeken 31 July 2015 What did we do? Introduction Patterns Correlation

Wrapping It Up Jilles Vreeken 31 July 2015 What did we do? Introduction Patterns Correlation

Wrapping It Up Jilles Vreeken 31 July 2015 What did we do? Introduction Patterns Correlation and Causation (Subjective) Interestingness Graphs Wrap-up + &lt; ask-me-anything&gt; T ake Home: ove overa rall Overview of the hot topics in

778 views • 31 slides
Subgroup Discovery Exploratory Data Analysis Exploratory Data Analysis Classification:

Subgroup Discovery Exploratory Data Analysis Exploratory Data Analysis Classification:

Subgroup Discovery Exploratory Data Analysis Exploratory Data Analysis Classification: model the dependence of the target on the remaining attributes. problem: sometimes uses only some of the available dependencies, or classifier is

1.64k views • 77 slides
Sequential data analysis with TraMineR, Part 1 Gilbert Ritschard Department of Econometrics and

Sequential data analysis with TraMineR, Part 1 Gilbert Ritschard Department of Econometrics and

Sequential data analysis - 1 Sequential data analysis with TraMineR, Part 1 Gilbert Ritschard Department of Econometrics and Laboratory of Demography University of Geneva http://mephisto.unige.ch/biomining APA-ATI Workshop on Exploratory Data

1.42k views • 95 slides
CS133 Computational Geometry Instructor: Ahmed Eldawy 4/3/2018 Welcome back to UCR! 4/3/2018

CS133 Computational Geometry Instructor: Ahmed Eldawy 4/3/2018 Welcome back to UCR! 4/3/2018

CS133 Computational Geometry Instructor: Ahmed Eldawy 4/3/2018 Welcome back to UCR! 4/3/2018 Class information Classes: Tuesday and Thursday 8:10 AM 9:30 AM at WCH 139 Instructor: Ahmed Eldawy TA: Saheli Ghosh Office hours: Tuesday and

556 views • 26 slides
Slides for Lecture 17 ENCM 501: Principles of Computer Architecture Winter 2014 Term Steve

Slides for Lecture 17 ENCM 501: Principles of Computer Architecture Winter 2014 Term Steve

Slides for Lecture 17 ENCM 501: Principles of Computer Architecture Winter 2014 Term Steve Norman, PhD, PEng Electrical &amp; Computer Engineering Schulich School of Engineering University of Calgary 13 March, 2014 slide 2/20 ENCM 501 W14

211 views • 20 slides
Programming Languages First Class Func3ons, con3nued Material

Programming Languages First Class Func3ons, con3nued Material

Programming Languages First Class Func3ons, con3nued Material adapted from Dan Grossman's PL class, U. Washington Review A first-class ci3zen is a

214 views • 18 slides
Digital Design Discussion: Numbers Binary to Decimal Conversion Decimal to Binary Conversion

Digital Design Discussion: Numbers Binary to Decimal Conversion Decimal to Binary Conversion

Principles Of Digital Design Discussion: Numbers Binary to Decimal Conversion Decimal to Binary Conversion Floating-Point Conversion Positional Number System Each number is represented by a string of digits, in which the position of each

533 views • 6 slides

More recommend