DOCSLIB.ORG

Multilinear Maps in Cryptography

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Multilinear Maps in Cryptography Multilinear Maps in Cryptography Travis Scholl November 20, 2018 Abstract Multilinear maps is a new hot topic in cryptography because they offer a significant number of applications. The main open problem in this area is constructing a secure and efficiently computable multilinear map. In this talk, we introduce cryptographic multilinear maps, go through several applications, and then discuss some possible obstructions to constructing one. The main reference for this talk is the paper \Applications of Mul- tilinear Forms to Cryptography" by Dan Boneh and Alice Silverberg. Contents 1 Introduction 1 2 Applications 2 2.1 Key Escrow . .2 2.2 n + 1 Key Exchange . .3 2.3 n-bit Unique Signature Scheme . .3 2.4 ID Based Encryption . .4 2.5 Broadcast Encryption . .4 2.6 Indistinguishability Obfuscation . .5 3 Results 5 3.1 Weil Pairing . .5 3.2 Negative Results . .6 3.2.1 Tensor Products . .6 3.2.2 Galois Equivariance . .6 1 Introduction We will introduce the idea of a cryptographic multilinear map. Let G1, G2 denote cyclic groups with prime order `. Let e : G1 × · · · × G1 ! G2: 1 be a non-degenerate multilinear map. Here non-degenerate means that if g is a generator for G1, then e(g; : : : ; g) is a generator for G2, and multilinear means a1 an a1···an that e(g1 ; : : : ; gn ) = e(g1; : : : ; gn) . Definition 1. We say e is a cryptographic multilinear map if the following hold: 1. We can efficiently compute products and inverses in G1 and G2. 2. We can efficiently compute the map e. 3. The DLP in G1 is difficult. Remark 2. We will avoid most subtleties when actually writing elements, which have to be represented by bit strings. Remark 3. In order for the DLP to be hard in G1, it must necessarily be hard in G2 since we can always map the problem to G2 via e: e(g; : : : ; g; ga) = e(g; : : : ; g)a: Open Problem 4. Construct a cryptographic multilinear map with n > 2. 2 Applications We will now look at some applications of multilinear maps. Fix a public generator g for G1. Recall the standard Diffie-Hellman key exchange: Alice Bob Choose a secret a 2 Z b 2 Z Publish ga gb Compute (gb)a = gab (ga)b = gab The security of this protocol is based on the Diffie-Hellman problem: Given ga find a. 2.1 Key Escrow Idea: The government wants to read everyone's messages. Alice Bob Government Choose a secret a 2 Z b 2 Z c 2 Z Publish ga gb gc Compute e(gc; gb)a e(gc; ga)b e(ga; gb)c The shared key is e(g; g)abc. The security of this protocol is based on the multlinear Diffie-Hellman prob- lem: Given ga; gb; gc find e(g; g; g)abc. 2 2.2 n + 1 Key Exchange Idea: n + 1 Alices want to come up with a shared key. Remark 5. A tripartite key exchange using the Weil pairing was first given by [Jou04]. Alicei Choose a secret ai 2 Z Publish gai a a ai Compute e g 1 ;:::; gcai ;:::;g n+1 The shared key is e(g; : : : ; g)a1···an+1 . The security of this protocol is based on the multilinear Diffie-Hellman prob- lem: Given ga1 ;:::;g an+1 find e(g; : : : ; g)a1···an+1 . 2.3 n-bit Unique Signature Scheme n Idea: We want to sign n-bit messages M = m1 ··· mn 2 f0; 1g . To sign M we do the following: 1. Pick random a1; : : : ; an; b1; : : : ; bn 2 Z. 2. Publish V = (ga1 ; : : : ; gan ; gb1 ; : : : ; gbn ). 3. The signature is S = gc1···cn where ( ai if mi = 1 ci = bi if mi = 0: 4. To verify a signature S, compare e(gc1 ; : : : ; gcn ) and e(g; : : : ; g; S). Remark 6. The signature is very short, it is a single group element. However, the public verifying key is 2n · poly(log `). The proof of security uses the generalized multilinear Diffie-Hellman prob- Q c c :::c lem: Given access to g i2I i for any proper subset I ( f1; : : : ; ng, find g 1 n . For more details, see the references in [BS03] This scheme also has a nice uniqueness property. Lemma 7. For a fixed message M and public key V , there is a unique signature S that works. a a Proof. e(g; : : : ; g; g ) = e(g; : : : ; g) so we must have a ≡ c1 ··· cn mod `. 3 2.4 ID Based Encryption Idea: Alice should be able to send Bob an encrypted message using nothing but his public ID. This system requires a trusted third party to give out keys. Setup: The government chooses c 2 Z and publishes gc. They also publish a hash function H : fIDsg ! G1. A user's public key is H(ID) and their private key is H(ID)c. A user can only get their private by authenticating with the government. For Alice to send message to Bob, she: 1. Compute the hash of Bob's ID: hB. 2. Pick random r 2 Z. c r 3. Encrypt their message with e(hB; g ) . 4. Send the encrypted message and gr. For Bob to read the message, he: c 1. Authenticates with the government to get his secret key hB. c r 2. Decrypts the message with e(hB;g ). Remark 8. This system also has escrow because the government can compute r c e(hB;g ) . The security of this system is again based on the multilinear Diffie-Hellman problem. 2.5 Broadcast Encryption Idea: Alice wants to send a message to a certain subset of Bobs B1;:::;Bn. For example, Alice may be starting a cable company and wants only Bobs who pay to receive channels. Setup: Alice chooses secret a 2 Z and some random g1; : : : ; gn 2 G1. Then a Alice gives Bi the key hi = gi . Now to send to a subset S ⊆ fB1;:::;Bng, she encrypts it with K = a e(x1; : : : ; xn) where ( gi if Bi 2 S xi = g if Bi 2= S: For decryption, Bob i computes K = e(x1; : : : ; xi1 ;h i;x i; : : : ; xn). The security of this protocol is again based on the generalized multilinear Diffie-Hellman problem. Remark 9. The key size here is independent of n. However, everyone involved needs to know the set S, which is of size n. The security of this system relies on the difficulty of the inverse multilinear Diffie-Hellman problem: given ga, find e(g; : : : ; g)1=a. 4 2.6 Indistinguishability Obfuscation Idea: We want an obfuscator O which takes a program P to a functionally equivalent program O(P ) such that if P1 and P2 are functionally equivalent programs, then it is computationally infeasible to distinguish O(P1) from O(P2). There are reasons people want to do this: https://simons.berkeley.edu/ talks/craig-gentry-2015-05-20a [GGH+16]. It turns out most programs (e.g. circuits) can be modeled by \oblivious (b) matrix products". We can think of a program P as a set of matrices Mi with 1 ≤ i ≤ k and b 2 f0; 1g. Then for any k-bits x = x1 ··· xk, (x1) (xk) P (x) = 0 , M1 ··· Mk = I: We can obfuscate the matrices by encoding the entries by α 7! gα. Now we can still evaluate the product using multilinear maps. For example, we can test if x2 + x + 1 = 0 without knowing x as follows. First suppose we know gx, then compute 2 e(gx; gx)e(gx; g)e(g; g) = e(g; g)x +x+1: The left side is 1 if and only if x2 + x + 1 = 0. Generalizing this extensively we can obfuscate matrix multiplication. Remark 10. It's actually much more complicated and I don't fully understand how this all works together. 3 Results 3.1 Weil Pairing We can construct a cryptographic bilinear map using the Weil pairing on an elliptic curve. ∼ Let E=Fp be an elliptic curve. Recall that E[`] := E(Fp)[`] = Z=`Z × Z=`Z. Definition 11. The Weil pairing is a non-degenerate alternating bilinear form e : E[`] × E[`] ! µ`(Fp): Remark 12. Up to scaling, there is only one non-degenerate alternating bilinear form on E[`]2, namely the determinate. Definition 13. The Weil pairing is the pairing on E[`] given by f (Q) e(P; Q) = P fQ(P ) where fP is a function on E such that div fP = `[P ] − `[O], and fQ is similar. 5 Remark 14. In order to fit into our framework, we actually need to modify e because otherwise e(P; P ) = 1. We do this by defininge ^(P; Q) = e(P; '(Q)) where ' 2 End E such that '(P ) and P are Z=`Z-independent. This may mean that ' is not defined over Fp. Remark 15. There is an efficient algorithm to evaluate the Weil pairing due to Victor Miller. Definition 16. The smallest k such that µ`(Fp) ⊆ Fpk is called the embedding degree of `. It is equivalently the multiplicative order of p mod `. It is important for pairing based crypto to find curves where the embedding degree is not too large. For a random curve, it is on the order of ` (most elements of Z=`Z have large order). Example 17. Suppose E=Fp is supersingular and p is large. Then #E(Fp) = 2 × p + 1 j p − 1 = #Fp2 . Therefore the embedding degree of any ` is 2. If the embedding degree is small enough and p is large enough, then this gives us a cryptographic bilinear map.
Load more

Recommended publications
  • Multilinear Algebra and Applications July 15, 2014
    Multilinear Algebra and Applications July 15, 2014. Contents Chapter 1. Introduction 1 Chapter 2. Review of Linear Algebra 5 2.1. Vector Spaces and Subspaces 5 2.2. Bases 7 2.3. The Einstein convention 10 2.3.1. Change of bases, revisited 12 2.3.2. The Kronecker delta symbol 13 2.4. Linear Transformations 14 2.4.1. Similar matrices 18 2.5. Eigenbases 19 Chapter 3. Multilinear Forms 23 3.1. Linear Forms 23 3.1.1. Definition, Examples, Dual and Dual Basis 23 3.1.2. Transformation of Linear Forms under a Change of Basis 26 3.2. Bilinear Forms 30 3.2.1. Definition, Examples and Basis 30 3.2.2. Tensor product of two linear forms on V 32 3.2.3. Transformation of Bilinear Forms under a Change of Basis 33 3.3. Multilinear forms 34 3.4. Examples 35 3.4.1. A Bilinear Form 35 3.4.2. A Trilinear Form 36 3.5. Basic Operation on Multilinear Forms 37 Chapter 4. Inner Products 39 4.1. Definitions and First Properties 39 4.1.1. Correspondence Between Inner Products and Symmetric Positive Definite Matrices 40 4.1.1.1. From Inner Products to Symmetric Positive Definite Matrices 42 4.1.1.2. From Symmetric Positive Definite Matrices to Inner Products 42 4.1.2. Orthonormal Basis 42 4.2. Reciprocal Basis 46 4.2.1. Properties of Reciprocal Bases 48 4.2.2. Change of basis from a basis to its reciprocal basis g 50 B B III IV CONTENTS 4.2.3.
    [Show full text]
  • 28. Exterior Powers
    28. Exterior powers 28.1 Desiderata 28.2 Definitions, uniqueness, existence 28.3 Some elementary facts 28.4 Exterior powers Vif of maps 28.5 Exterior powers of free modules 28.6 Determinants revisited 28.7 Minors of matrices 28.8 Uniqueness in the structure theorem 28.9 Cartan's lemma 28.10 Cayley-Hamilton Theorem 28.11 Worked examples While many of the arguments here have analogues for tensor products, it is worthwhile to repeat these arguments with the relevant variations, both for practice, and to be sensitive to the differences. 1. Desiderata Again, we review missing items in our development of linear algebra. We are missing a development of determinants of matrices whose entries may be in commutative rings, rather than fields. We would like an intrinsic definition of determinants of endomorphisms, rather than one that depends upon a choice of coordinates, even if we eventually prove that the determinant is independent of the coordinates. We anticipate that Artin's axiomatization of determinants of matrices should be mirrored in much of what we do here. We want a direct and natural proof of the Cayley-Hamilton theorem. Linear algebra over fields is insufficient, since the introduction of the indeterminate x in the definition of the characteristic polynomial takes us outside the class of vector spaces over fields. We want to give a conceptual proof for the uniqueness part of the structure theorem for finitely-generated modules over principal ideal domains. Multi-linear algebra over fields is surely insufficient for this. 417 418 Exterior powers 2. Definitions, uniqueness, existence Let R be a commutative ring with 1.
    [Show full text]
  • Multilinear Algebra
    Appendix A Multilinear Algebra This chapter presents concepts from multilinear algebra based on the basic properties of finite dimensional vector spaces and linear maps. The primary aim of the chapter is to give a concise introduction to alternating tensors which are necessary to define differential forms on manifolds. Many of the stated definitions and propositions can be found in Lee [1], Chaps. 11, 12 and 14. Some definitions and propositions are complemented by short and simple examples. First, in Sect. A.1 dual and bidual vector spaces are discussed. Subsequently, in Sects. A.2–A.4, tensors and alternating tensors together with operations such as the tensor and wedge product are introduced. Lastly, in Sect. A.5, the concepts which are necessary to introduce the wedge product are summarized in eight steps. A.1 The Dual Space Let V be a real vector space of finite dimension dim V = n.Let(e1,...,en) be a basis of V . Then every v ∈ V can be uniquely represented as a linear combination i v = v ei , (A.1) where summation convention over repeated indices is applied. The coefficients vi ∈ R arereferredtoascomponents of the vector v. Throughout the whole chapter, only finite dimensional real vector spaces, typically denoted by V , are treated. When not stated differently, summation convention is applied. Definition A.1 (Dual Space)Thedual space of V is the set of real-valued linear functionals ∗ V := {ω : V → R : ω linear} . (A.2) The elements of the dual space V ∗ are called linear forms on V . © Springer International Publishing Switzerland 2015 123 S.R.
    [Show full text]
  • Vector Calculus and Differential Forms
    Vector Calculus and Differential Forms John Terilla Math 208 Spring 2015 1 Vector fields Definition 1. Let U be an open subest of Rn.A tangent vector in U is a pair (p; v) 2 U × Rn: We think of (p; v) as consisting of a vector v 2 Rn lying at the point p 2 U. Often, we denote a tangent vector by vp instead of (p; v). For p 2 U, the set of all tangent vectors at p is denoted by Tp(U). The set of all tangent vectors in U is denoted T (U) For a fixed point p 2 U, the set Tp(U) is a vector space with addition and scalar multiplication defined by vp + wp = (v + w)p and αvp = (αv)p: Note n that as a vector space, Tp(U) is isomorphic to R . Definition 2. A vector field on U is a function X : U ! T (Rn) satisfying X(p) 2 Tp(U). Remark 1. Notice that any function f : U ! Rn defines a vector field X by the rule X(p) = f(p)p: Denote the set of vector fields on U by Vect(U). Note that Vect(U) is a vector space with addition and scalar multiplication defined pointwise (which makes sense since Tp(U) is a vector space): (X + Y )(p) := X(p) + Y (p) and (αX)(p) = α(X(p)): Definition 3. Denote the set of functions on the set U by Fun(U) = ff : U ! Rg. Let C1(U) be the subset of Fun(U) consisting of functions with continuous derivatives and let C1(U) be the subset of Fun(U) consisting of smooth functions, i.e., infinitely differentiable functions.
    [Show full text]
  • Ring (Mathematics) 1 Ring (Mathematics)
    Ring (mathematics) 1 Ring (mathematics) In mathematics, a ring is an algebraic structure consisting of a set together with two binary operations usually called addition and multiplication, where the set is an abelian group under addition (called the additive group of the ring) and a monoid under multiplication such that multiplication distributes over addition.a[›] In other words the ring axioms require that addition is commutative, addition and multiplication are associative, multiplication distributes over addition, each element in the set has an additive inverse, and there exists an additive identity. One of the most common examples of a ring is the set of integers endowed with its natural operations of addition and multiplication. Certain variations of the definition of a ring are sometimes employed, and these are outlined later in the article. Polynomials, represented here by curves, form a ring under addition The branch of mathematics that studies rings is known and multiplication. as ring theory. Ring theorists study properties common to both familiar mathematical structures such as integers and polynomials, and to the many less well-known mathematical structures that also satisfy the axioms of ring theory. The ubiquity of rings makes them a central organizing principle of contemporary mathematics.[1] Ring theory may be used to understand fundamental physical laws, such as those underlying special relativity and symmetry phenomena in molecular chemistry. The concept of a ring first arose from attempts to prove Fermat's last theorem, starting with Richard Dedekind in the 1880s. After contributions from other fields, mainly number theory, the ring notion was generalized and firmly established during the 1920s by Emmy Noether and Wolfgang Krull.[2] Modern ring theory—a very active mathematical discipline—studies rings in their own right.
    [Show full text]
  • Chapter IX. Tensors and Multilinear Forms
    Notes c F.P. Greenleaf and S. Marques 2006-2016 LAII-s16-quadforms.tex version 4/25/2016 Chapter IX. Tensors and Multilinear Forms. IX.1. Basic Definitions and Examples. 1.1. Definition. A bilinear form is a map B : V V C that is linear in each entry when the other entry is held fixed, so that × → B(αx, y) = αB(x, y)= B(x, αy) B(x + x ,y) = B(x ,y)+ B(x ,y) for all α F, x V, y V 1 2 1 2 ∈ k ∈ k ∈ B(x, y1 + y2) = B(x, y1)+ B(x, y2) (This of course forces B(x, y)=0 if either input is zero.) We say B is symmetric if B(x, y)= B(y, x), for all x, y and antisymmetric if B(x, y)= B(y, x). Similarly a multilinear form (aka a k-linear form , or a tensor− of rank k) is a map B : V V F that is linear in each entry when the other entries are held fixed. ×···×(0,k) → We write V = V ∗ . V ∗ for the set of k-linear forms. The reason we use V ∗ here rather than V , and⊗ the⊗ rationale for the “tensor product” notation, will gradually become clear. The set V ∗ V ∗ of bilinear forms on V becomes a vector space over F if we define ⊗ 1. Zero element: B(x, y) = 0 for all x, y V ; ∈ 2. Scalar multiple: (αB)(x, y)= αB(x, y), for α F and x, y V ; ∈ ∈ 3. Addition: (B + B )(x, y)= B (x, y)+ B (x, y), for x, y V .
    [Show full text]
  • Tensor Complexes: Multilinear Free Resolutions Constructed from Higher Tensors
    Tensor complexes: Multilinear free resolutions constructed from higher tensors C. Berkesch, D. Erman, M. Kummini and S. V. Sam REPORT No. 7, 2010/2011, spring ISSN 1103-467X ISRN IML-R- -7-10/11- -SE+spring TENSOR COMPLEXES: MULTILINEAR FREE RESOLUTIONS CONSTRUCTED FROM HIGHER TENSORS CHRISTINE BERKESCH, DANIEL ERMAN, MANOJ KUMMINI, AND STEVEN V SAM Abstract. The most fundamental complexes of free modules over a commutative ring are the Koszul complex, which is constructed from a vector (i.e., a 1-tensor), and the Eagon– Northcott and Buchsbaum–Rim complexes, which are constructed from a matrix (i.e., a 2-tensor). The subject of this paper is a multilinear analogue of these complexes, which we construct from an arbitrary higher tensor. Our construction provides detailed new examples of minimal free resolutions, as well as a unifying view on a wide variety of complexes including: the Eagon–Northcott, Buchsbaum– Rim and similar complexes, the Eisenbud–Schreyer pure resolutions, and the complexes used by Gelfand–Kapranov–Zelevinsky and Weyman to compute hyperdeterminants. In addition, we provide applications to the study of pure resolutions and Boij–S¨oderberg theory, including the construction of infinitely many new families of pure resolutions, and the first explicit description of the differentials of the Eisenbud–Schreyer pure resolutions. 1. Introduction In commutative algebra, the Koszul complex is the mother of all complexes. David Eisenbud The most fundamental complex of free modules over a commutative ring R is the Koszul a complex, which is constructed from a vector (i.e., a 1-tensor) f = (f1, . , fa) R . The next most fundamental complexes are likely the Eagon–Northcott and Buchsbaum–Rim∈ complexes, which are constructed from a matrix (i.e., a 2-tensor) ψ Ra Rb.
    [Show full text]
  • Multilinear Algebra a Bilinear Map in Chapter I
    ·~ ...,... .chapter II 1 60 MULTILINEAR ALGEBRA Here a:"~ E v,' a:J E VJ for j =F i, and X EF. Thus, a function rjl: v 1 X ••• X v n --+ v is a multilinear mapping if for all i e { 1, ... , n} and for all vectors a: 1 e V 1> ... , a:1_ 1 eV1_h a:1+ 1eV1+ 1 , ••. , a:.ev•• we have rjl(a: 1 , ... ,a:1_ 1, ··, a 1+ 1, ... , a:.)e HomJ>{V" V). Before proceeding further, let us give a few examples of multilinear maps. Example 1. .2: Ifn o:= 1, then a function cf>: V 1 ..... Vis a multilinear mapping if and only if r/1 is a linear transformation. Thus, linear tra~sformations are just special cases of multilinear maps. 0 Example 1.3: If n = 2, then a multilinear map r/1: V 1 x V 2 ..... V is what we called .Multilinear Algebra a bilinear map in Chapter I. For a concrete example, we have w: V x v• ..... F given by cv(a:, T) = T(a:) (equation 6.6 of Chapter 1). 0 '\1 Example 1.4: The determinant, det{A), of an n x n matrix A can be thought of .l as a multilinear mapping cf>: F .. x · · · x P--+ F in the following way: If 1. MULTILINEAR MAPS AND TENSOR PRODUCTS a: (a , ... , a .) e F" for i 1, ... , o, then set rjl(a: , ... , a:.) det(a J)· The fact "'I 1 = 11 1 = 1 = 1 that rJ> is multilinear is an easy computation, which we leave as an exercise at the In Chapter I, we dealt mainly with functions of one variable.
    [Show full text]
  • Cross Products, Automorphisms, and Gradings 3
    CROSS PRODUCTS, AUTOMORPHISMS, AND GRADINGS ALBERTO DAZA-GARC´IA, ALBERTO ELDUQUE, AND LIMING TANG Abstract. The affine group schemes of automorphisms of the multilinear r- fold cross products on finite-dimensional vectors spaces over fields of character- istic not two are determined. Gradings by abelian groups on these structures, that correspond to morphisms from diagonalizable group schemes into these group schemes of automorphisms, are completely classified, up to isomorphism. 1. Introduction Eckmann [Eck43] defined a vector cross product on an n-dimensional real vector space V , endowed with a (positive definite) inner product b(u, v), to be a continuous map X : V r −→ V (1 ≤ r ≤ n) satisfying the following axioms: b X(v1,...,vr), vi =0, 1 ≤ i ≤ r, (1.1) bX(v1,...,vr),X(v1,...,vr) = det b(vi, vj ) , (1.2) There are very few possibilities. Theorem 1.1 ([Eck43, Whi63]). A vector cross product exists in precisely the following cases: • n is even, r =1, • n ≥ 3, r = n − 1, • n =7, r =2, • n =8, r =3. Multilinear vector cross products X on vector spaces V over arbitrary fields of characteristic not two, relative to a nondegenerate symmetric bilinear form b(u, v), were classified by Brown and Gray [BG67]. These are the multilinear maps X : V r → V (1 ≤ r ≤ n) satisfying (1.1) and (1.2). The possible pairs (n, r) are again those in Theorem 1.1. The exceptional cases: (n, r) = (7, 2) and (8, 3), are intimately related to the arXiv:2006.10324v1 [math.RT] 18 Jun 2020 octonion, or Cayley, algebras.
    [Show full text]
  • Singularities of Hyperdeterminants Annales De L’Institut Fourier, Tome 46, No 3 (1996), P
    ANNALES DE L’INSTITUT FOURIER JERZY WEYMAN ANDREI ZELEVINSKY Singularities of hyperdeterminants Annales de l’institut Fourier, tome 46, no 3 (1996), p. 591-644 <http://www.numdam.org/item?id=AIF_1996__46_3_591_0> © Annales de l’institut Fourier, 1996, tous droits réservés. L’accès aux archives de la revue « Annales de l’institut Fourier » (http://annalif.ujf-grenoble.fr/) implique l’accord avec les conditions gé- nérales d’utilisation (http://www.numdam.org/conditions). Toute utilisa- tion commerciale ou impression systématique est constitutive d’une in- fraction pénale. Toute copie ou impression de ce fichier doit conte- nir la présente mention de copyright. Article numérisé dans le cadre du programme Numérisation de documents anciens mathématiques http://www.numdam.org/ Ann. Inst. Fourier, Grenoble 46, 3 (1996), 591-644 SINGULARITIES OF HYPERDETERMINANTS by J. WEYMAN (1) and A. ZELEVINSKY (2) Contents. 0. Introduction 1. Symmetric matrices with diagonal lacunae 2. Cusp type singularities 3. Eliminating special node components 4. The generic node component 5. Exceptional cases: the zoo of three- and four-dimensional matrices 6. Decomposition of the singular locus into cusp and node parts 7. Multi-dimensional "diagonal" matrices and the Vandermonde matrix 0. Introduction. In this paper we continue the study of hyperdeterminants recently undertaken in [4], [5], [12]. The hyperdeterminants are analogs of deter- minants for multi-dimensional "matrices". Their study was initiated by (1) Partially supported by the NSF (DMS-9102432). (2) Partially supported by the NSF (DMS- 930424 7). Key words: Hyperdeterminant - Singular locus - Cusp type singularities - Node type singularities - Projectively dual variety - Segre embedding. Math. classification: 14B05.
    [Show full text]
  • Multibraces on the Hochschild Space  Fusun( Akman Department of Mathematics and Statistics, Coastal Carolina University, P.O
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Elsevier - Publisher Connector Journal of Pure and Applied Algebra 167 (2002) 129–163 www.elsevier.com/locate/jpaa Multibraces on the Hochschild space Fusun( Akman Department of Mathematics and Statistics, Coastal Carolina University, P.O. Box 261954, Conway, SC 29528-6054, USA Received 24 March 1997; received in revised form8 January 2001 Communicated by J. Huebschmann Abstract We generalize the coupled braces {x}{y} of Gerstenhaber and {x}{y1;:::;yn} of Gersten- haber and Getzler depicting compositions of multilinear maps in the Hochschild space C•(A)= Hom(T •A; A) of a graded vector space A to expressions of the form {x(1);:::;x(1)}··· 1 i1 {x(m);:::;x(m)} on the extended space C•;•(A) = Hom(T •A; T •A). We apply multibraces to 1 im study associative and Lie algebras, Batalin–Vilkovisky algebras, and A∞ and L∞ algebras: most importantly, we introduce a new variant of the master identity for L∞ algebras in the form {m˜ ◦ m˜}{sa1}{sa2}···{san} = 0. Using the new language, we also explain the signiÿcance of this notation for bialgebras (coassociativity is simply ◦=0), comment on the bialgebra coho- mology di>erential of Gerstenhaber and Schack, and deÿne multilinear higher-order di>erential operators with respect to multilinear maps. c 2002 Elsevier Science B.V. All rights reserved. MSC: 17A30; 17A40; 17A42; 16W55; 16W30 1. Introduction Occasionally, an algebraic identity we encounter in mathematical physics or homo- logical algebra boils down to the following: the composition of a multilinear map with another one, or a sumof such compositions,is identically zero.
    [Show full text]
  • Lecture Notes on Linear and Multilinear Algebra 2301-610
    Lecture Notes on Linear and Multilinear Algebra 2301-610 Wicharn Lewkeeratiyutkul Department of Mathematics and Computer Science Faculty of Science Chulalongkorn University August 2014 Contents Preface iii 1 Vector Spaces 1 1.1 Vector Spaces and Subspaces . 2 1.2 Basis and Dimension . 10 1.3 Linear Maps . 18 1.4 Matrix Representation . 32 1.5 Change of Bases . 42 1.6 Sums and Direct Sums . 48 1.7 Quotient Spaces . 61 1.8 Dual Spaces . 65 2 Multilinear Algebra 73 2.1 Free Vector Spaces . 73 2.2 Multilinear Maps and Tensor Products . 78 2.3 Determinants . 95 2.4 Exterior Products . 101 3 Canonical Forms 107 3.1 Polynomials . 107 3.2 Diagonalization . 115 3.3 Minimal Polynomial . 128 3.4 Jordan Canonical Forms . 141 i ii CONTENTS 4 Inner Product Spaces 161 4.1 Bilinear and Sesquilinear Forms . 161 4.2 Inner Product Spaces . 167 4.3 Operators on Inner Product Spaces . 180 4.4 Spectral Theorem . 190 Bibliography 203 Preface This book grew out of the lecture notes for the course 2301-610 Linear and Multilinaer Algebra given at the Deparment of Mathematics, Faculty of Science, Chulalongkorn University that I have taught in the past 5 years. Linear Algebra is one of the most important subjects in Mathematics, with numerous applications in pure and applied sciences. A more theoretical linear algebra course will emphasize on linear maps between vector spaces, while an applied-oriented course will mainly work with matrices. Matrices have an ad- vantage of being easier to compute, while it is easier to establish the results by working with linear maps.
    [Show full text]