SLIDE 1
❆ P♦❧②♥♦♠✐❛❧✲❚✐♠❡ ❆❧❣♦r✐t❤♠ ❢♦r ❙♦❧✈✐♥❣ t❤❡ ❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
❏❡❛♥✲❙é❜❛st✐❡♥ ❈♦r♦♥ ❛♥❞ ❆❣♥❡s❡ ●✐♥✐
❯♥✐✈❡rs✐t② ♦❢ ▲✉①❡♠❜♦✉r❣
❈❘❨P❚❖✷✵✷✵
✶ ✴ ✶✽
❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
✇✐t❤ ❛♥❞ ✳
- ✐✈❡♥
❛♥❞ ✱ r❡❝♦✈❡r ✳
✷ ✴ ✶✽
P rt r - - PowerPoint PPT Presentation
P rt r - - PowerPoint PPT Presentation
P rt r t st Pr st r
SLIDE 2
SLIDE 3
❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
h = α1x1 + · · · + αnxn (mod Q) ✇✐t❤ x1, . . . , xn ∈ {0, 1} ❛♥❞ α1, . . . , αn ∈ Z/QZn✳
- ✐✈❡♥ Q, h ❛♥❞ α1, . . . , αn✱ r❡❝♦✈❡r x1, . . . , xn✳
✷ ✴ ✶✽
SLIDE 4
❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
h1 = α1x1,1 + · · · + αnxn,1 (mod Q) ✳ ✳ ✳ hm = α1x1,m + · · · + αnxn,m (mod Q) ✇✐t❤ xi,j ∈ {0, 1} ❛♥❞ α1, . . . , αn ∈ Z/QZn✳
- ✐✈❡♥ Q ❛♥❞ h1, . . . , hm✱ r❡❝♦✈❡r α1, . . . , αn ❛♥❞ xi,j ❢♦r
i ∈ [n] ❛♥❞ j ∈ [m]✳ The weights αi’s are hidden!!
✸ ✴ ✶✽
SLIDE 5
❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
h1 = α1x1,1 + · · · + αnxn,1 (mod Q) ✳ ✳ ✳ hm = α1x1,m + · · · + αnxn,m (mod Q) ✇✐t❤ xi,j ∈ {0, 1} ❛♥❞ α1, . . . , αn ∈ Z/QZn✳
- ✐✈❡♥ Q ❛♥❞ h1, . . . , hm✱ r❡❝♦✈❡r α1, . . . , αn ❛♥❞ xi,j ❢♦r
i ∈ [n] ❛♥❞ j ∈ [m]✳
h1 · · · · · · hm
- =
α1 · · · αn
-
x1,1 · · · · · · x1,m ✳ ✳ ✳ ✳ ✳ ✳ xn,1 · · · · · · xn,m (mod Q) ✸ ✴ ✶✽
SLIDE 6
❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
▲❡t Q ❜❡ ❛♥ ✐♥t❡❣❡r✱ ❛♥❞ ❧❡t α1, . . . , αn ❜❡ r❛♥❞♦♠ ✐♥t❡❣❡rs ✐♥ Z/QZ✳ ▲❡t x1, . . . , xn ∈ Zm ❜❡ r❛♥❞♦♠ ✈❡❝t♦rs ✇✐t❤ ❝♦♠♣♦♥❡♥ts ✐♥ {0, 1}✳ ▲❡t h ∈ Zm s❛t✐s❢②✐♥❣✿ h = α1x1 + · · · + αnxn (mod Q)
- ✐✈❡♥ Q ❛♥❞ h✱ r❡❝♦✈❡r t❤❡ ✐♥t❡❣❡rs αi✬s ❛♥❞ t❤❡ ✈❡❝t♦rs
xi✬s✳ h = α X (mod Q)
✸ ✴ ✶✽
SLIDE 7
❚✐♠❡❧✐♥❡
✶✾✾✽ ❇♦②❦♦✱ P❡✐♥❛❞♦ ❛♥❞ ❱❡♥❦❛t❡s❛♥ ♣r❡s❡♥t❡❞ ❛ ❢❛st ❣❡♥❡r❛t♦r ♦❢ r❛♥❞♦♠ ♣❛✐rs (x, gx (mod p)) ✐♥tr♦❞✉❝✐♥❣ t❤❡ ❍❙❙P✳ ✶✾✾✾ ◆❣✉②❡♥ ❛♥❞ ❙t❡r♥ ❞❡s❝r✐❜❡❞ ❛ ❧❛tt✐❝❡ ❜❛s❡❞ ❛❧❣♦r✐t❤♠ ❢♦r s♦❧✈✐♥❣ t❤❡ ❍❙❙P✳ ✷✵✷✵ ❖✉r ♠❛✐♥ ❝♦♥tr✐❜✉t✐♦♥s✿
- ❞❡t❛✐❧❡❞ ❛♥❛❧②s✐s ♦❢ t❤❡ ◆❣✉②❡♥✲❙t❡r♥
❛❧❣♦r✐t❤♠✱
- ✈❛r✐❛♥t ✇♦r❦✐♥❣ ✐♥ ♣♦❧②♥♦♠✐❛❧✲t✐♠❡✳
✹ ✴ ✶✽
SLIDE 8
❖✈❡r✈✐❡✇
- ❚❤❡ ◆❣✉②❡♥✲❙t❡r♥ ❛tt❛❝❦✳
- ❖✉r ♣♦❧②♥♦♠✐❛❧✲t✐♠❡ ❛tt❛❝❦✳
- ❚❤❡ ❛✣♥❡ ❤✐❞❞❡♥ s✉❜s❡t s✉♠✳
- ❋✐♥❛❧ r❡♠❛r❦s ❛♥❞ ♦♣❡♥ q✉❡st✐♦♥s✳
✺ ✴ ✶✽
SLIDE 9
❚❤❡ ◆❣✉②❡♥✲❙t❡r♥ ❆tt❛❝❦
h = α1x1 + · · · + αnxn (mod Q) ❚❤❡ ✐❞❡❛✿
- ■❢ ❛ ✈❡❝t♦r u ✐s ♦rt❤♦❣♦♥❛❧ t♦ h ♠♦❞✉❧♦ Q✿
u, h ≡ α1u, x1 + · · · + αnu, xn ≡ 0 (mod Q) ⇒ pu = (u, x1, . . . , u, xn) ✐s ♦rt❤♦❣♦♥❛❧ t♦ α ♠♦❞✉❧♦ Q✳
- ■❢ pu < λ1(Λ⊥
Q(α))✱ ✇❡ ♠✉st ❤❛✈❡ pu = 0✱ ❛♥❞ t❤❡r❡❢♦r❡
t❤❡ ✈❡❝t♦r u ✐s ♦rt❤♦❣♦♥❛❧ ✐♥ Z t♦ ❛❧❧ ✈❡❝t♦rs xi✳
✻ ✴ ✶✽
SLIDE 10
❚❤❡ ◆❣✉②❡♥✲❙t❡r♥ ❆tt❛❝❦
h
=
α X
(mod Q) ❚❤❡ ❛❧❣♦r✐t❤♠✿
h
=
γ C X (mod Q) ❙t❡♣ ✶ ❙t❡♣ ✷ α
✼ ✴ ✶✽
SLIDE 11
❚❤❡ ◆❣✉②❡♥✲❙t❡r♥ ❆tt❛❝❦
h
=
α X
(mod Q) ❚❤❡ ❛❧❣♦r✐t❤♠✿
❙t❡♣ ✶ ❋r♦♠ t❤❡ s❛♠♣❧❡s h ❛♥❞ Q✱ ❞❡t❡r♠✐♥❡ t❤❡ ❧❛tt✐❝❡
¯ Lx = (L⊥
x )⊥✱ ✇❤❡r❡ Lx ✐s t❤❡ ❧❛tt✐❝❡ ❣❡♥❡r❛t❡❞ ❜② t❤❡
xi✬s✳ h C
❙t❡♣ ✷ ❋r♦♠ ¯
Lx ⊇ Lx✱ r❡❝♦✈❡r t❤❡ ❤✐❞❞❡♥ ✈❡❝t♦rs xi✬s✳ ❋r♦♠ h✱ t❤❡ xi✬s ❛♥❞ Q✱ r❡❝♦✈❡r t❤❡ ✇❡✐❣❤ts αi✬s✳ X C
α
✼ ✴ ✶✽
SLIDE 12
❖✉r ❛♥❛❧②s✐s✿ ❙t❡♣ ✶✿
- ❲✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ❧❡❛st 1/2 ♦✈❡r t❤❡ ❝❤♦✐❝❡ ♦❢ α✱ t❤❡
❛❧❣♦r✐t❤♠ r❡❝♦✈❡rs ❛ ❜❛s✐s ♦❢ ¯ Lx ✐♥ ♣♦❧②♥♦♠✐❛❧ t✐♠❡✱ ❛ss✉♠✐♥❣ t❤❛t Q ✐s ❛ ♣r✐♠❡ ✐♥t❡❣❡r ♦❢ ❜✐ts✐③❡ ❛t ❧❡❛st 2mn log m✳
- ❋♦r m = 2n✱ ✐❢ t❤❡ ❞❡♥s✐t② ✐s d = n/ log Q = O(1/(n log n))
✇❡ r❡❝♦✈❡r ¯ Lx ✐♥ ♣♦❧②♥♦♠✐❛❧ t✐♠❡✳
- ❍❡✉r✐st✐❝❛❧❧②✱ d = O(1/n) ✐s s✉✣❝✐❡♥t✳
❙t❡♣ ✷✿
- ❚❤❡ xi✬s ❛r❡ s❤♦rt ✈❡❝t♦rs ♦❢ ¯
Lx✳
- ❯s✐♥❣ ❇❑❩ t❤❡ ❛s②♠♣t♦t✐❝ ❝♦♠♣❧❡①✐t② ✐s 2Ω(n/ log n)✳
✽ ✴ ✶✽
SLIDE 13
❖✉r ♣♦❧②♥♦♠✐❛❧✲t✐♠❡ ❛❧❣♦r✐t❤♠
h
=
γ C X (mod Q) ❙t❡♣ ✶ ❙t❡♣ ✷ α
- ❲❡ r❡q✉✐r❡ m ≈ (n2 + n)/2 ✐♥st❡❛❞ ♦❢ m = 2n✳
- ■♠♣r♦✈❡❞ st❡♣ ✶✿ ❢❛st ❣❡♥❡r❛t✐♦♥ ♦❢ ♦rt❤♦❣♦♥❛❧ ✈❡❝t♦rs✳
- ◆❡✇ st❡♣ ✷✿ r❡❝♦✈❡r ❜✐♥❛r② ✈❡❝t♦rs✳
✾ ✴ ✶✽
SLIDE 14
◆❡✇ st❡♣ ✷✿ ♠✉❧t✐✈❛r✐❛t❡ ❛♣♣r♦❛❝❤
■♥❣r❡❞✐❡♥ts✿
- Lx ✐s ❛ s✉❜❧❛tt✐❝❡ ♦❢ ¯
Lx✿ t❤❡r❡ ❡①✐sts W ∈ Zn×n ∩ GL(Q, n) X = W C
- ❇❡✐♥❣ ❜✐♥❛r② ✐s ❛♥ ❛❧❣❡❜r❛✐❝ ❝♦♥❞✐t✐♦♥✿
y ∈ {0, 1} ⇐ ⇒ y2 − y = 0
✶✵ ✴ ✶✽
SLIDE 15
▼✐①✐♥❣✳✳✳ xi = wi ˜ c1 · · · ˜ cm ❋♦r ❡❛❝❤ i = 1, . . . , n ❛♥❞ j = 1, . . . , m ✇❡ ❤❛✈❡
- xi,j ∈ {0, 1}
- wi · ˜
cj = xi,j = ⇒ (wi · ˜ cj)2 − wi · ˜ cj = 0
✶✶ ✴ ✶✽
SLIDE 16
❚❤❡ r♦✇s ♦❢ W ❛r❡ s♦❧✉t✐♦♥s ♦❢ ♠✉❧t✐✈❛r✐❛t❡ q✉❛❞r❛t✐❝ ♣♦❧②♥♦♠✐❛❧ s②st❡♠ w · ˜ c1˜ c⊺
1 · w⊺ − w · ˜
c1 = 0 ✳ ✳ ✳ w · ˜ cm˜ c⊺
m · w⊺ − w · ˜
cm = 0
- ❋♦r m ≈ (n2 + n)/2 ✇❡ ❡①♣❡❝t t♦ s♦❧✈❡ t❤✐s s②st❡♠ ❛♥❞
r❡❝♦✈❡r t❤❡ xi✬s ❜② O(n6) ❜✐t ♦♣❡r❛t✐♦♥s ❛♥❞ O(n4) s♣❛❝❡ ❝♦♠♣❧❡①✐t②✱ ✈✐❛ ❧✐♥❡❛r ❛❧❣❡❜r❛✳
✶✷ ✴ ✶✽
SLIDE 17
❚❤❡ ❝♦❡✣❝✐❡♥t ♦❢ wiwk ✐♥ t❤❡ jt❤ ❡q✉❛t✐♦♥ ✐s (2 − δi,k)CijCkj✳ C R
- −C
E
- E ✐s t❤❡ ♠❛tr✐① ♦❢ t❤❡ ❝♦❡✣❝✐❡♥ts ♦❢ t❤❡ s②st❡♠✳
- ❚❤❡ r♦✇s ♦❢ W ❛r❡ ❡✐❣❡♥✈❡❝t♦rs ♦❢ ❝❡rt❛✐♥ s✉❜♠❛tr✐❝❡s ♦❢ ❛
❜❛s✐s ♦❢ ker E✳
✶✸ ✴ ✶✽
SLIDE 18
▲❡♠♠❛
■❢ R ❤❛s r❛♥❦ n2+n
2
✱ t❤❡♥ t❤❡ ✈❡❝t♦rs xi✬s ❝❛♥ ❜❡ r❡❝♦✈❡r❡❞ ✐♥ O(n6) ❛r✐t❤♠❡t✐❝ ♦♣❡r❛t✐♦♥s✳ ❘❡❞✉❝✐♥❣ t❤❡ ♠❛tr✐① r❡❧❛t✐♦♥ X = WC mod p ✇❡ ❝❛♥ ♦❜t❛✐♥ ❛ s②st❡♠ ❞❡✜♥❡❞ ♦✈❡r Fp✳ ⇒ ❋♦r m ≈ (n2 + n)/2 ✇❡ ❡①♣❡❝t t♦ s♦❧✈❡ t❤✐s s②st❡♠ ❛♥❞ r❡❝♦✈❡r t❤❡ xi✬s ❜② O(n6) ❜✐t ♦♣❡r❛t✐♦♥s ❛♥❞ O(n4) s♣❛❝❡ ❝♦♠♣❧❡①✐t②✱ ✈✐❛ ❧✐♥❡❛r ❛❧❣❡❜r❛✳
✶✹ ✴ ✶✽
SLIDE 19
❈♦♠♣❛r✐s♦♥
◆❙✾✾ ❈●✷✵ m 2n (n2 + n)/2 log Q O(n2) O(n2) t✐♠❡ 2Ω(n/ log n) O(n9)
Nguyen-Stern Coron-Gini
18 26820
sec
100 150 200 250 number of variables
Experimental timing comparison
✶✺ ✴ ✶✽
SLIDE 20
❆✣♥❡ ❍✐❞❞❡♥ ❙✉❜s❡t ❙✉♠ Pr♦❜❧❡♠
h + se = α1x1 + · · · + αnxn (mod Q)
- ✐✈❡♥ Q✱ h ❛♥❞ e✱ r❡❝♦✈❡r t❤❡ αi✬s ❛♥❞ s ❛♥❞ t❤❡ ✈❡❝t♦rs xi✬s✳
❙t❡♣ ✶ ❋r♦♠ (h, e)✱ ❞❡t❡r♠✐♥❡ t❤❡ ❧❛tt✐❝❡ ¯
Lx✱ ✇❤❡r❡ Lx ✐s t❤❡ ❧❛tt✐❝❡ ❣❡♥❡r❛t❡❞ ❜② t❤❡ xi✬s✳
❙t❡♣ ✷ ❋r♦♠ ¯
Lx ⊇ Lx✱ r❡❝♦✈❡r t❤❡ ❤✐❞❞❡♥ ✈❡❝t♦rs xi✬s✳ ❋r♦♠ h✱ t❤❡ xi✬s ❛♥❞ Q✱ r❡❝♦✈❡r t❤❡ ✇❡✐❣❤ts αi✬s ❛♥❞ s✳
✶✻ ✴ ✶✽
SLIDE 21
❈♦♥❝❧✉s✐♦♥s
- ❲❡ ❛r❣✉❡ t❤❛t t❤❡ ❛s②♠♣t♦t✐❝ ❝♦♠♣❧❡①✐t② ♦❢ t❤❡ ❢✉❧❧
◆❣✉②❡♥✲❙t❡r♥ ❛❧❣♦r✐t❤♠ ✐s 2Ω(n/ log n)✳
- ❲❡ ♣r♦♣♦s❡ ❛ ♥❡✇ s❡❝♦♥❞ st❡♣ t♦ r❡❝♦✈❡r s❤♦rt ✭❜✐♥❛r②✮
✈❡❝t♦rs ✉s✐♥❣ m ≃ n2/2 s❛♠♣❧❡s✱ ✈✐❛ ❛ ♠✉❧t✐✈❛r✐❛t❡ t❡❝❤♥✐q✉❡✳
- ❆s②♠♣t♦t✐❝❛❧❧② t❤❡ ❤❡✉r✐st✐❝ ❝♦♠♣❧❡①✐t② ♦❢ ♦✉r ❢✉❧❧
❛❧❣♦r✐t❤♠ ✐s O(n9)✳ ❈❛♥ ✇❡ ❢✉rt❤❡r r❡❞✉❝❡ m❄ ❛♥❞ log Q❄ ■♥ ❛❞❞✐t✐♦♥✱ ✇❡ s❤♦✇ ❤♦✇ t♦ s❧✐❣❤t❧② r❡❞✉❝❡ t❤❡ ♥✉♠❜❡r ♦❢ s❛♠♣❧❡s m r❡q✉✐r❡❞ ❢♦r ♦✉r ❛tt❛❝❦✱ ✇✐t❤ t✇♦ ❞✐✛❡r❡♥t ♠❡t❤♦❞s❀ ✐♥ ❜♦t❤ ❝❛s❡s t❤❡ ❛tt❛❝❦ r❡♠❛✐♥s ❤❡✉r✐st✐❝❛❧❧② ♣♦❧②♥♦♠✐❛❧ t✐♠❡ ✉♥❞❡r t❤❡ ❝♦♥❞✐t✐♦♥ m = n2/2 − O(n log n)✳
✶✼ ✴ ✶✽
SLIDE 22
❚❤❛♥❦ ②♦✉ ❢♦r ②♦✉r ❛tt❡♥t✐♦♥✦
❋✉❧❧ ♣❛♣❡r ❛t ❤tt♣s✿✴✴✐❛✳❝r✴✷✵✷✵✴✹✻✶ ❈♦❞❡ ❛t ❤tt♣s✿✴✴♣❛st❡❜✐♥✳❝♦♠✴❩❋❦✶q❥❢P
✶✽ ✴ ✶✽