DOCSLIB.ORG

Part I Basics, CHAP 01 Geometric and Computational Backgrounds

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Part I Basics, CHAP 01 Geometric and Computational Backgrounds Lattice Based Cryptography Part I Basics, CHAP 01 Geometric and Computational Backgrounds Wenling Liu, Shanghai Jiao Tong University. Wenling Liu @ SJTU Table of Contents Introduction to Lattice Computational Problems on Lattice Introduction to Hardness of Lattice Problems Wenling Liu @ SJTU Section 1 Introduction to Lattice Wenling Liu @ SJTU Lattice A Lattice is a set of points in n-dimensional space with a periodic structure, like: n Or we say, a lattice is an infinite additive subgroup of R . n Lattice can be generated by vectors. Let b1, b2, ··· , bm ∈ R and be linear independent. Let B = [b1 b2 ··· bm], then we write X Λ = L(B) = { xi bi |xi ∈ Z} i∈[m] We call B a basis of lattice Λ. Wenling Liu @ SJTU Lattice n Furthermore if m = n, we call Λ a full-rank lattice in R . A lattice can have different basis: Figure: Different Basis of same Lattice From now on, unless otherwise specified, we always talk about full-rank lattice by default. Wenling Liu @ SJTU Fundamental Parallelepiped Define the fundamental parallelepiped of a basis B as n n P(B) = {y ∈ R |y = Bx for some x ∈ [0, 1) } Figure: Fundamental Parallelepiped of different Basis Fact The fundamental parallelepiped contains no lattice point except 0. Wenling Liu @ SJTU Fundamental Parallelepiped The volume of the fundamental parallelepiped can be computed by Vol(B) = det B Here we abuse the notion to simplify Vol(P(B)) to V(B). Fact Different basis of the same lattice have equal volume. We can now use det(Λ) instead of volume to study lattice, we define det(Λ) = | det B|, where B is any basis of Λ. Wenling Liu @ SJTU Gram-Schmidt Orthogonalization Gram-Schmidt orthogonalization are used to transfer a basis to a orthogonal basis. Let n B = [b1, ··· , bn] be a basis of R , the Gram-Schmidt orthogonal basis of B can be compute by b~1 = b1 b~ = b − proj (b ) 2 2 b~1 2 b~ = b − proj (b ) − proj (b ) 3 3 b~1 3 b~2 3 . n−1 b~ = b − X proj (b ) n n b~i n j=1 Wenling Liu @ SJTU Gram-Schmidt Orthogonalization And Let B~ = [b~1, ··· , b~n]. Fact For any B, we have max kbi k ≥ max kb~i k i∈[b] i∈[n] Note Usually, B~ is not a basis of L(B). Gram-Schmidt Orthogonalization of a lattice basis will be used in 1. Bound the smoothing parameter of a lattice; 2. Sampling from discrete Galussians on a given lattice; Wenling Liu @ SJTU Successive Minima Define λ1(Λ) = min kxk x∈Λ,x6=0 Let v1 be lattice vector that being linear independent to v1, ··· , vi−1 and kvi k = λi (Λ), then for i ≤ n − 1 we can define λi+1(Λ) = min kxk x∈Λ,x∈/span(v1,··· ,vi ) Also, we can abuse the notion to allow the parameter to be basis of lattice, like λi (B). Fact λ1(Λ) ≤ λ2(Λ) ≤ · · · ≤ λn(Λ) Wenling Liu @ SJTU Minkowski Theorem Minkowski’s First Theorem (Convex Body Theorem) For any lattice Λ and any convex set S ⊂ span(Λ) symmetric about the origin, if vol(S) > 2n det Λ, then S contains a nonzero lattice point v ∈ S ∩ Λ \{0}. Minkowski’s Second Theorem For any lattice Λ = L(B), the successive minima (in the `2 norm) λ1, ··· , λn satisfy n !1/n Y √ 1/n λi < n det(B) i=1 Wenling Liu @ SJTU Dual Lattice Let Λ be a lattice, the dual lattice of Λ can be defined as ∗ n Λ = {x ∈ R |∀y ∈ Λ: hx, yi ∈ Z} Fact Let B be arbitrary basis of Λ, then Λ0 is the dual lattice of λ iff 0 ∀i ∈ [n], x ∈ Λ : hx, bi i ∈ Z. n Since {x ∈ R |hx, bi i} construct a set of equidistant paralleled n − 1-dimensional hyperplanes which are perpendicular to bi , dual lattice can be regarded as points of intersections of n sets of hyperplanes. Wenling Liu @ SJTU Dual Lattice: Example and Intuition Fact n ∗ n 1. (Z ) = Z . n ∗ 1 n ∗ 2. (qZ ) = ( q Z ) . ”The parse the lattice, the dense the dual lattice.” Different basis of lattice with their perpendicular hyperplane sets construct the same dual lattice. Wenling Liu @ SJTU Dual Lattice: Other Facts Fact 1 For any lattce Λ, we have det(Λ) = 1/ det(Λ∗) Wenling Liu @ SJTU Section 2 Computational Problems on Lattice Wenling Liu @ SJTU Shortest Vector Problem Algebraic problems on lattices are easier due to the simple algebraic structure of lattices. We mainly talk about geometric problems on lattices. Geometric problems on lattices are discrete geometry problems. Like other combinatorial problems, these problems are hard. We mainly talk about three categories of problems, they are: • Search Prolem: Asks to find the (usually unique) solution to the given problem. • Optimization Problem: Asks to find a solution of the given problem with approximate factor. • Promise Problem: Asks to whether decide the given statement is true. Usually the input is promised to the in some range. Wenling Liu @ SJTU Shortest Vector Problem Shortest Vector Problem (SVP) m×n Given a lattice basis B ∈ Z , find a nonzero lattice vector x ∈ (B) such that kxk ≤ kyk for any other y ∈ L(B). γ-Approximate Shortest Vector Problem (SVPγ) m×n Given a lattice basis B ∈ Z , find a nonzero lattice vector x ∈ (B) such that kxk ≤ γ(n) · λ1(B) for any other y ∈ L(B). γ-Gap Shortest Vector Problem (GapSVPγ) Given a lattice basis B and a constant d. In YES instances input λ1(B) ≤ d and in No instances input λ1(B) > γ(n) · d. Wenling Liu @ SJTU Closest Vector Problem Closest Vector Problem (CVP) m×n Given a lattice basis B ∈ Z and a target point t, find a lattice point x ∈ L(B) such that kx − tk ≤ dist(t, L(B)). γ-ApproximateClosest Vector Problem (CVPγ) m×n Given a lattice basis B ∈ Z and a target point t, find a lattice point x ∈ L(B) such that kx − tk ≤ γ(n) · dist(t, L(B)). γ-Gap Closest Vector Problem (GapCVPγ) Given a lattice basis B, a target point t and a constant d. In YES instances input dist(t, L(B)) ≤ d and in No instances dist(t, L(B)) > γ(n) · d. Wenling Liu @ SJTU Shortest Independent Vectors Problem Bounded Distance Decoding (BDDγ) Problem m×n Given a lattice basis B ∈ Z and a target point t, find a lattice point x ∈ L(B) such that kx − tk ≤ γ(n) · λ1(B). BDD problem is an optimization problem. γ-Shortest Independent Vectors Problem (SIVPγ) Given a lattice basis B. The goal is to output a set of n linearly independent lattice vectors S ⊂ L(B) such that kSk ≤ γ(n) · λ1(B). Wenling Liu @ SJTU Generalized Problems SIVP and BDD problem have their corresponding generalized version. φ Guaranteed Distance Decoding (GDDγ ) m×n Given a lattice basis B ∈ Z and a target point t ∈ L(B), find a lattice point x ∈ L(B) such that kx − tk ≤ γ(n) · φ(B). φ Generalized Independent Vectors Problem (GIVPγ ) Given a lattice basis B. The goal is to output a set of n linearly independent lattice vectors S ⊂ L(B) such that kSk ≤ γ(n) · φ(B). In the reduction procedure, we usually let φ(B) to be the smoothing parameter η(B), which is a parameter related to lattice and will be introduced later. Wenling Liu @ SJTU Section 3 Introduction to Hardness of Lattice Problems Wenling Liu @ SJTU Hardness of Lattice Problems Figure: Known Hardness of Lattice Problems ”Hard” means NP-hard, which means every NP problem can be reduced to it by Karp Reduction (in deterministic polynomial time). Here, we are talking about worst-case hardness. • There might be only 1 instance of such problems that is hard to solve, which means they are not hard enough for cryptography usages. Wenling Liu @ SJTU Quantum Hardness? Quantum is powerful but not all-powerful! It is assumed that lattice problems are hard enough for quantum computers! This is due to there are still no quantum algorithms that could solve lattice problems efficiently. • ”Efficiently” means solved in polynomial-time with overwhelming correctness. • For probabilistic/quantum computing, a problem is worst-case hard means no such machine could solve every instances efficiently. Wenling Liu @ SJTU Towards Average-Case Hardness Known results: 1. Under classical computing model, assume the worst-case hardness of some lattice problems, there’s some variant of SVP that is average-case hard. 2. Under quantum computing model, assume the worst-case hardness of some lattice problems, there’s some variant of BDD that is average-case hard. They are: 1. Short Integer Solution (SIS) Problem 2. Learning with Error (LWE) Problem Both will be introduced later. Wenling Liu @ SJTU.
Load more

Recommended publications
  • Topological Modes in Dual Lattice Models
    Topological Modes in Dual Lattice Models Mark Rakowski 1 Dublin Institute for Advanced Studies, 10 Burlington Road, Dublin 4, Ireland Abstract Lattice gauge theory with gauge group ZP is reconsidered in four dimensions on a simplicial complex K. One finds that the dual theory, formulated on the dual block complex Kˆ , contains topological modes 2 which are in correspondence with the cohomology group H (K,Zˆ P ), in addition to the usual dynamical link variables. This is a general phenomenon in all models with single plaquette based actions; the action of the dual theory becomes twisted with a field representing the above cohomology class. A similar observation is made about the dual version of the three dimensional Ising model. The importance of distinct topological sectors is confirmed numerically in the two di- 1 mensional Ising model where they are parameterized by H (K,Zˆ 2). arXiv:hep-th/9410137v1 19 Oct 1994 PACS numbers: 11.15.Ha, 05.50.+q October 1994 DIAS Preprint 94-32 1Email: [email protected] 1 Introduction The use of duality transformations in statistical systems has a long history, beginning with applications to the two dimensional Ising model [1]. Here one finds that the high and low temperature properties of the theory are related. This transformation has been extended to many other discrete models and is particularly useful when the symmetries involved are abelian; see [2] for an extensive review. All these studies have been confined to hypercubic lattices, or other regular structures, and these have rather limited global topological features. Since lattice models are defined in a way which depends clearly on the connectivity of links or other regions, one expects some sort of topological effects generally.
    [Show full text]
  • The Mathematics of Lattices
    The Mathematics of Lattices Daniele Micciancio January 2020 Daniele Micciancio (UCSD) The Mathematics of Lattices Jan 2020 1 / 43 Outline 1 Point Lattices and Lattice Parameters 2 Computational Problems Coding Theory 3 The Dual Lattice 4 Q-ary Lattices and Cryptography Daniele Micciancio (UCSD) The Mathematics of Lattices Jan 2020 2 / 43 Point Lattices and Lattice Parameters 1 Point Lattices and Lattice Parameters 2 Computational Problems Coding Theory 3 The Dual Lattice 4 Q-ary Lattices and Cryptography Daniele Micciancio (UCSD) The Mathematics of Lattices Jan 2020 3 / 43 Key to many algorithmic applications Cryptanalysis (e.g., breaking low-exponent RSA) Coding Theory (e.g., wireless communications) Optimization (e.g., Integer Programming with fixed number of variables) Cryptography (e.g., Cryptographic functions from worst-case complexity assumptions, Fully Homomorphic Encryption) Point Lattices and Lattice Parameters (Point) Lattices Traditional area of mathematics ◦ ◦ ◦ Lagrange Gauss Minkowski Daniele Micciancio (UCSD) The Mathematics of Lattices Jan 2020 4 / 43 Point Lattices and Lattice Parameters (Point) Lattices Traditional area of mathematics ◦ ◦ ◦ Lagrange Gauss Minkowski Key to many algorithmic applications Cryptanalysis (e.g., breaking low-exponent RSA) Coding Theory (e.g., wireless communications) Optimization (e.g., Integer Programming with fixed number of variables) Cryptography (e.g., Cryptographic functions from worst-case complexity assumptions, Fully Homomorphic Encryption) Daniele Micciancio (UCSD) The Mathematics of Lattices Jan 2020 4 / 43 Point Lattices and Lattice Parameters Lattice Cryptography: a Timeline 1982: LLL basis reduction algorithm Traditional use of lattice algorithms as a cryptanalytic tool 1996: Ajtai's connection Relates average-case and worst-case complexity of lattice problems Application to one-way functions and collision resistant hashing 2002: Average-case/worst-case connection for structured lattices.
    [Show full text]
  • Electromagnetic Duality for Children
    Electromagnetic Duality for Children JM Figueroa-O'Farrill [email protected] Version of 8 October 1998 Contents I The Simplest Example: SO(3) 11 1 Classical Electromagnetic Duality 12 1.1 The Dirac Monopole ....................... 12 1.1.1 And in the beginning there was Maxwell... 12 1.1.2 The Dirac quantisation condition . 14 1.1.3 Dyons and the Zwanziger{Schwinger quantisation con- dition ........................... 16 1.2 The 't Hooft{Polyakov Monopole . 18 1.2.1 The bosonic part of the Georgi{Glashow model . 18 1.2.2 Finite-energy solutions: the 't Hooft{Polyakov Ansatz . 20 1.2.3 The topological origin of the magnetic charge . 24 1.3 BPS-monopoles .......................... 26 1.3.1 Estimating the mass of a monopole: the Bogomol'nyi bound ........................... 27 1.3.2 Saturating the bound: the BPS-monopole . 28 1.4 Duality conjectures ........................ 30 1.4.1 The Montonen{Olive conjecture . 30 1.4.2 The Witten e®ect ..................... 31 1.4.3 SL(2; Z) duality ...................... 33 2 Supersymmetry 39 2.1 The super-Poincar¶ealgebra in four dimensions . 40 2.1.1 Some notational remarks about spinors . 40 2.1.2 The Coleman{Mandula and Haag{ÃLopusza¶nski{Sohnius theorems .......................... 42 2.2 Unitary representations of the supersymmetry algebra . 44 2.2.1 Wigner's method and the little group . 44 2.2.2 Massless representations . 45 2.2.3 Massive representations . 47 No central charges .................... 48 Adding central charges . 49 1 [email protected] draft version of 8/10/1998 2.3 N=2 Supersymmetric Yang-Mills .
    [Show full text]
  • The Enumerative Geometry of Rational and Elliptic Tropical Curves and a Riemann-Roch Theorem in Tropical Geometry
    The enumerative geometry of rational and elliptic tropical curves and a Riemann-Roch theorem in tropical geometry Michael Kerber Am Fachbereich Mathematik der Technischen Universit¨atKaiserslautern zur Verleihung des akademischen Grades Doktor der Naturwissenschaften (Doctor rerum naturalium, Dr. rer. nat.) vorgelegte Dissertation 1. Gutachter: Prof. Dr. Andreas Gathmann 2. Gutachter: Prof. Dr. Ilia Itenberg Abstract: The work is devoted to the study of tropical curves with emphasis on their enumerative geometry. Major results include a conceptual proof of the fact that the number of rational tropical plane curves interpolating an appropriate number of general points is independent of the choice of points, the computation of intersection products of Psi- classes on the moduli space of rational tropical curves, a computation of the number of tropical elliptic plane curves of given genus and fixed tropical j-invariant as well as a tropical analogue of the Riemann-Roch theorem for algebraic curves. Mathematics Subject Classification (MSC 2000): 14N35 Gromov-Witten invariants, quantum cohomology 51M20 Polyhedra and polytopes; regular figures, division of spaces 14N10 Enumerative problems (combinatorial problems) Keywords: Tropical geometry, tropical curves, enumerative geometry, metric graphs. dedicated to my parents — in love and gratitude Contents Preface iii Tropical geometry . iii Complex enumerative geometry and tropical curves . iv Results . v Chapter Synopsis . vi Publication of the results . vii Financial support . vii Acknowledgements . vii 1 Moduli spaces of rational tropical curves and maps 1 1.1 Tropical fans . 2 1.2 The space of rational curves . 9 1.3 Intersection products of tropical Psi-classes . 16 1.4 Moduli spaces of rational tropical maps .
    [Show full text]
  • Lattice Basics II Lattice Duality. Suppose First That
    Math 272y: Rational Lattices and their Theta Functions 11 September 2019: Lattice basics II Lattice duality. Suppose first that V is a finite-dimensional real vector space without any further structure, and let V ∗ be its dual vector space, V ∗ = Hom(V; R). We may still define a lattice L ⊂ V as a discrete co-compact subgroup, or concretely (but not canonically) as the Z-span of an R-basis e1; : : : ; en. The dual lattice is then L∗ := fx∗ 2 V ∗ : 8y 2 L; x∗(y) 2 Zg: 1 This is indeed a lattice: we readily see that if e1; : : : ; en is a Z-basis for L then the dual basis ∗ ∗ ∗ ∗ e1; : : : ; en is a Z-basis for L . It soon follows that L = Hom(L; Z) (that is, every homomorphism L ! Z is realized by a unique x∗ 2 L∗), and — as suggested by the “dual” terminology — the ∗ ∗ ∗ ∗ canonical identification of the double dual (V ) with V takes the dual basis of e1; : : : ; en back to ∗ e1; : : : ; en, and thus takes the dual of L back to L. Once we have chosen some basis for V, and thus an identification V =∼ Rn, we can write any basis as the columns of some invertible matrix M, and then that basis generates the lattice MZn; the dual basis then consists of the row vectors of −1 n −1 ∗ ∗ M , so the dual lattice is Z M (in coordinates that make e1; : : : ; en unit vectors). We shall soon use Fourier analysis on V and on its quotient torus V=L. In this context, V ∗ is the Pontrjagin dual of V : any x∗ 2 V ∗ gives a continuous homomorphism y 7! exp(2πi x∗(y)) from V to the unit circle.
    [Show full text]
  • Classification of Special Reductive Groups 11
    CLASSIFICATION OF SPECIAL REDUCTIVE GROUPS ALEXANDER MERKURJEV Abstract. We give a classification of special reductive groups over arbitrary fields that improves a theorem of M. Huruguen. 1. Introduction An algebraic group G over a field F is called special if for every field extension K=F all G-torsors over K are trivial. Examples of special linear groups include: 1. The general linear group GLn, and more generally the group GL1(A) of invertible elements in a central simple F -algebra A; 2. The special linear group SLn and the symplectic group Sp2n; 3. Quasi-trivial tori, and more generally invertible tori (direct factors of quasi-trivial tori). 4. If L=F is a finite separable field extension and G is a special group over L, then the Weil restriction RL=F (G) is a special group over F . A. Grothendieck proved in [3] that a reductive group G over an algebraically closed field is special if and only if the derived subgroup of G is isomorphic to the product of special linear groups and symplectic groups. In [4] M. Huruguen proved the following theorem. Theorem. Let G be a reductive group over a field F . Then G is special if and only if the following three condition hold: (1) The derived subgroup G0 of G is isomorphic to RL=F (SL1(A)) × RK=F (Sp(h)) where L and K are ´etale F -algebras, A an Azumaya algebra over L and h an alternating non-degenerate form over K. (2) The coradical G=G0 of G is an invertible torus.
    [Show full text]
  • 1. Lattices 1.1. Lattices. a Z-Lattice (Or Simply a Lattice) L of Rank N Is a Z
    1. Lattices 1.1. Lattices. A Z-lattice (or simply a lattice) L of rank n is a Z-module of rank n with a symmetric bilinear form (also called inner product) h , i : L × L → Q. Unless otherwise stated, we shall assume that the inner product is non-degenerate, that is, hx, yi = 0 for all y implies x = 0. If hx, yi ∈ Z for all x, y ∈ L, then we say that L is integral. We can always think of L as sitting inside a vector space V of dimension n as a discrete subgroup. Let L be a lattice in a vector space V . The inner product extends linearly to V . Define the dual lattice L∨ = {x ∈ V : hx, yi ∈ Z for all y ∈ Γ}. If L is integral then L ⊆ L∨. Say that an integral lattice L is self dual if L = L∨. Write |x|2 = hx, xi and call it the norm of x. Let L(n) denote the set of all lattice vectors in L of norm n. An integral lattice L is even if |x|2 is an even integer for all x ∈ L. Exercise: Show that every integral has an even sublattice of index at most 2. The inner product matrix ((hei, eji)) of a basis (e1, ··· , en) of L is called the Gram matrix of L and its determinant is denoted by d(L). Exercise: Show that if L is integral then [L∨ : L]= d(L). In particular, L is self dual if and only if d(L) = 1. Say that L has signature (m, n) if the Gram matrix of L has m positive and n negative eigenvalues.
    [Show full text]
  • SPHERE COVERINGS, LATTICES, and TILINGS (In Low Dimensions)
    Technische Universitat¨ Munchen¨ Zentrum Mathematik SPHERE COVERINGS, LATTICES, AND TILINGS (in Low Dimensions) FRANK VALLENTIN Vollstandiger¨ Abdruck der von der Fakultat¨ fur¨ Mathematik der Technischen Universitat¨ Munchen¨ zur Erlangung des akademischen Grades eines Doktors der Naturwissenschaften genehmigten Dissertation. Vorsitzender: Univ.-Prof. Dr. PETER GRITZMANN Prufer¨ der Dissertation: 1. Univ.-Prof. Dr. JURGEN¨ RICHTER-GEBERT 2. Priv.-Doz. Dr. THORSTEN THEOBALD 3. o. Univ.-Prof. Dr. Dr. h.c. PETER MANFRED GRUBER Technische Universitat¨ Wien / Osterreich¨ (schriftliche Beurteilung) Prof. Dr. CHRISTINE BACHOC Universite´ de Bordeaux 1 / Frankreich (schriftliche Beurteilung) Die Dissertation wurde am 18. Juni 2003 bei der Technischen Universitat¨ Munchen¨ eingereicht und durch die Fakultat¨ fur¨ Mathematik am 26. November 2003 angenommen. Acknowledgements I want to thank everyone who helped me to prepare this thesis. This includes ALEXANDER BELOW,REGINA BISCHOFF,KLAUS BUCHNER,MATHIEU DUTOUR,CHRISTOPH ENGEL- HARDT,SLAVA GRISHUKHIN,JOHANN HARTL,VANESSA KRUMMECK,BERND STURMFELS, HERMANN VOGEL,JURGEN¨ WEBER. I would like to thank the research groups M10 and M9 at TU Munchen,¨ the Gremos at ETH Zurich,¨ and the Institute of Algebra and Geometry at Univer- sity of Dortmund for their cordial hospitality. Especially, I want to thank JURGEN¨ RICHTER-GEBERT for many interesting and helpful discus- sions, for being a constant source of motivation, and for showing me pieces and slices of his high-minded world of “Geometrie und Freiheit”; RUDOLF SCHARLAU for the kind introduction into the subject and for proposing this research topic; ACHILL SCHURMANN¨ for reading (too) many versions of the manuscript very carefully and for many, many discussions which give now the final(?) view on VORONO¨I’s reduction theory.
    [Show full text]
  • Notes on Fourier Series and Modular Forms
    Notes on Fourier Series and Modular Forms Rich Schwartz August 29, 2017 This is a meandering set of notes about modular forms, theta series, elliptic curves, and Fourier expansions. I learned most of the statements of the results from wikipedia, but many of the proofs I worked out myself. I learned the proofs connected to theta series from some online notes of Ben Brubaker. Nothing in these notes is actually original, except maybe the mistakes. My purpose was just to understand this stuff for myself and say it in terms that I like. In the first chapter we prove some preliminary results, most having to do with single variable analysis. These assorted results will be used in the remaining chapters. In the second chapter, we deal with Fourier series and lattices. One main goal is to establish that the theta series associated to an even unimodular lattice is a modular form. Our results about Fourier series are proved for functions that have somewhat artificial restrictions placed on them. We do this so as to avoid any nontrivial analysis. Fortunately, all the functions we encounter satisfy the restrictions. In the third chapter, we discuss a bunch of beautiful material from the classical theory of modular forms: Eisenstein series, elliptic curves, Fourier expansions, the Discriminant form, the j function, Riemann-Roch. In the fourth chapter, we will define the E8 lattice and the Leech lattice, and compute their theta series. 1 1 Preliminaries 1.1 The Discrete Fourier Transform Let ω = exp(2πi/n) (1) be the usual nth root of unity.
    [Show full text]
  • Discrete Gauge Theories in Two Spatial Dimensions a Euclidean Lattice Approach
    UNIVERSITEIT VAN AMSTERDAM MASTER’STHESIS Discrete gauge theories in two spatial dimensions A Euclidean lattice approach Author: Supervisor: J.C. ROMERS Prof. dr. ir. F.A. BAIS December 2007 Abstract We study gauge theories in two spatial dimensions with a discrete gauge group on the lattice. It is well-established that the full symmetry of these theories is given by a Hopf algebra, the quantum double D(H) of the gauge group H . The interactions in these theories are of a topological nature, and amount to nonabelian generalizations of the Aharanov-Bohm effect. The formalism of the quantum double allows one to study symmetry breaking of topologically ordered phases in gauge theories. In this setting one can go beyond the Higgs effect, where an electric sector has condensed, to situations where magnetic or dyonic sectors have nonzero expectation values in the vacuum. We focus on magnetic condensates and study them using Euclidean lattice gauge theory. First we define the relevant actions for the theory, which contain one coupling constant for each class in the group. We then identify the different parts of the spectrum with different operators on the lattice. Pure charges and pure fluxes are identified with the Wilson and ’t Hooft loops respectively. The spectrum of discrete gauge theories also contains dyonic excitations, carrying both magnetic and electric quantum numbers. For these excitations a new operator is constructed, the dyonic loop, which is a gauge invariant quantity that can be evaluated in the lattice path integral. These operators are used to study a model system based on the gauge group D2 .
    [Show full text]
  • Deciding Whether a Lattice Has an Orthonormal Basis Is in Co-NP
    Deciding whether a Lattice has an Orthonormal Basis is in co-NP Christoph Hunkenschröder École Polytechnique Fédérale de Lausanne christoph.hunkenschroder@epfl.ch October 10, 2019 Abstract We show that the problem of deciding whether a given Euclidean lattice L has an or- thonormal basis is in NP and co-NP. Since this is equivalent to saying that L is isomorphic to the standard integer lattice, this problem is a special form of the Lattice Isomorphism Problem, which is known to be in the complexity class SZK. 1 Introduction Let B Rn×n be a non-singular matrix generating a full-dimensional Euclidean lattice Λ(B)= ∈ Bz z Zn . Several problems in the algorithmic theory of lattices, such as the covering { | ∈ } radius problem, or the shortest or closest vector problem, become easy if the columns of B form an orthonormal basis. However, if B is any basis and we want to decide whether there is an orthonormal basis of Λ(B), not much is known. As this is equivalent to Λ(B) being a rotation of Zn, we call this decision problem the Rotated Standard Lattice Problem (RSLP), which is the main concern of the work at hand. The goal of this article is twofold. For one, we want to show that the RSLP is in NP co-NP. We will use a result of Elkies on characteristic vectors [5], which ∩ appear in analytic number theory. It seems that characteristic vectors are rather unknown in the algorithmic lattice theory, mayhap because it is unclear how they can be used. The second attempt of this paper is thus to introduce Elkies’ result and characteristic vectors to a wider audience.
    [Show full text]
  • Polynomial-Sized Topological Approximations Using the Permutahedron
    Polynomial-Sized Topological Approximations Using The Permutahedron Aruni Choudhary∗ Michael Kerbery Sharath Raghvendraz Abstract Classical methods to model topological properties of point clouds, such as the Vietoris-Rips complex, suffer from the combinatorial explosion of complex sizes. We propose a novel technique to approximate a multi-scale filtration of the Rips com- d plex with improved bounds for size: precisely, for n points in R , we obtain a O(d)- approximation with at most n2O(d log k) simplices of dimension k or lower. In con- junction with dimension reduction techniques, our approach yields a O(polylog(n))- approximation of size nO(1) for Rips filtrations on arbitrary metric spaces. This result stems from high-dimensional lattice geometry and exploits properties of the permuta- hedral lattice, a well-studied structure in discrete geometry. Building on the same geometric concept, we also present a lower bound result on the size of an approximate filtration: we construct a point set for which every (1 + ")- approximation of the Cechˇ filtration has to contain nΩ(log log n) features, provided that " < 1 for c 2 (0; 1). log1+c n 1 Introduction Motivation and previous work Topological data analysis aims at finding and rea- soning about the underlying topological features of metric spaces. The idea is to represent a data set by a set of discrete structures on a range of scales and to track the evolution of homological features as the scale varies. The theory of persistent homology allows for a arXiv:1601.02732v2 [cs.CG] 1 Apr 2016 topological summary, called the persistence diagram which summarizes the lifetimes of topo- logical features in the data as the scale under consideration varies monotonously.
    [Show full text]