DOCSLIB.ORG

Lecture Notes in Computer Science 6110 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan Van Leeuwen

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Lecture Notes in Computer Science 6110 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan Van Leeuwen Lecture Notes in Computer Science 6110 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Germany Madhu Sudan Microsoft Research, Cambridge, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany Henri Gilbert (Ed.) Advances in Cryptology – EUROCRYPT 2010 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques French Riviera, May 30 – June 3, 2010 Proceedings 13 Volume Editor Henri Gilbert Orange Labs/MAPS/STT 38–40 rue du Général Leclerc, 92794 Issy les Moulineaux Cedex 9, France E-mail: [email protected] Library of Congress Control Number: 2010926925 CR Subject Classification (1998): E.3, K.6.5, C.2, D.4.6, J.1, G.2.1 LNCS Sublibrary: SL 4 – Security and Cryptology ISSN 0302-9743 ISBN-10 3-642-13189-1 Springer Berlin Heidelberg New York ISBN-13 978-3-642-13189-9 Springer Berlin Heidelberg New York This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. springer.com © International Association for Cryptologic Research 2010 Printed in Germany Typesetting: Camera-ready by author, data conversion by Scientific Publishing Services, Chennai, India Printed on acid-free paper 06/3180 Preface These are the proceedings of Eurocrypt 2010, the 29th in the series of Euro- pean conferences on the Theory and Application of Cryptographic Techniques. The conference was sponsored by the International Association for Cryptologic Research and held on the French Riviera, May 30–June 3, 2010. A total of 191 papers were received of which 188 were retained as valid submissions. These were each assigned to at least three Program Committee members and a total of 606 review reports were produced. The printed record of the reviews and extensive online discussions that followed would be almost as voluminous as these proceedings. In the end 35 submissions were accepted with two submission pairs being merged to give 33 papers presented at the conference. The final papers in these proceedings were not subject to a second review before publication and the authors are responsible for their contents. The Program Committee, listed on the next page, deserves particular thanks for all their hard work, their outstanding expertise, and their constant com- mitment to all aspects of the evaluation process. These thanks are of course extended to the very many external reviewers who took the time to help out during the evaluation process. It was also a great pleasure to honor and welcome Moti Yung who gave the 2010 IACR Distinguished Lecture. It might be recalled that Eurocrypt 2010 took place under exceptionally difficult circumstances. First, in the aftermath of the financial crisis, sponsorship was a low priority for many companies. We are therefore grateful to I3S, Ingenico, Microsoft, Nagravision, Oberthur, Orange Labs, Qualcomm, Sagem S´ecurit´e, and Technicolor for their support of Eurocrypt 2010. We specifically acknowledge the kind efforts of Herv´e Chabanne, Guillaume Dabosville, Jean-Bernard Fischer, Paul Friedel, Marc Joye, Fran¸cois Larbey, Kristin Lauter, Bruno Martin, David Naccache, Jim Ostrich, and Greg Rose for making it happen. Second, long- standing plans for Eurocrypt 2010 were disrupted by the sudden decision of the French Government to hold an international summit at the same time and at the same venue. For their help following this forced relocation, we would like to extend our gratitude to our friends and family members who helped with wise advice, good connections, and imaginative suggestions. We would like to thank the IACR board for the honor of hosting Euro- crypt 2010. Particular thanks are due to Shai Halevi for all his unseen work on the submission, review, and registration sites, to Antoine Joux for sharing his experience as Program Chair of Eurocrypt 2009, and to Helena Handschuh and Bart Preneel for their constant advice, help, and support. Last, but not least, we are grateful for the help and input of our colleagues Ryad Benadjila, Gilles Macario-Rat, and Yannick Seurin, all at Orange Labs. March 2010 Henri Gilbert (Program Chair) Olivier Billet (General Chair) Matthew Robshaw (General Chair) Organization General Chairs Olivier Billet Matthew Robshaw Orange Labs, France Program Chair Henri Gilbert Orange Labs, France Program Committee Dan Boneh Stanford University Ran Canetti Tel Aviv University Anne Canteaut INRIA Carlos Cid Royal Holloway, University of London Jean-S´ebastien Coron Universit´e du Luxembourg Ivan Damg˚ard University of Aarhus Steven Galbraith Auckland University Rosario Gennaro IBM Research Helena Handschuh K.U.Leuven and Intrinsic-ID Inc. Stanislaw Jarecki University of California at Irvine Antoine Joux DGA and Universit´e de Versailles Marc Joye Technicolor Ari Juels RSA Laboratories Aggelos Kiayias University of Connecticut Lars Knudsen Technical University of Denmark Arjen Lenstra EPFL and Alcatel-Lucent Bell Laboratories Helger Lipmaa Cybernetica AS Mitsuru Matsui Mitsubishi Electric Alexander May Ruhr-University Bochum Tatsuaki Okamoto NTT Krzysztof PietrzakCWIAmsterdam David Pointcheval ENS/CNRS/INRIA Bart Preneel Katholieke Universiteit Leuven Phillip Rogaway University of California, Davis Amit Sahai UCLA Berry Schoenmakers Technische Universiteit Eindhoven Ron Steinfeld Macquarie University Frederik Vercauteren Katholieke Universiteit Leuven Yiqun Lisa Yin Independent Security Consultant VIII Organization External Reviewers Michel Abdalla Shai Halevi Phong Q. Nguyen Masayuki Abe Mike Hamburg Jesper Buus Nielsen Shweta Agrawal Carmit Hazay Svetla Nikova Martin Albrecht Brett Hemenway Ryo Nishimaki Davide Alessio Jens Hermans Karsten Nohl Elena Andreeva Mathias Herrmann Adam O’Neill Giuseppe Ateniese Dennis Hofheinz Josh Olsen Roberto Avanzi Susan Hohenberger Alina Oprea Ali Bagherzandi Sebastiaan de Hoogh Rafi Ostrovsky Paulo Barreto Fumitaka Hoshino Dag Arne Osvik Anja Becker Thomas Icart Onur Ozen Mihir Bellare Sorina Ionica Carles Padr´o Rikke Bendlin Yuval Ishai Pascal Paillier Nir Bitansky Hongxia Jin Omkant Pandey Bruno Blanchet Ellen Jochemsz Omer Paneth Julia Borghoff Pascal Junod Jacques Patarin Joppe Bos Marcelo Kaihara Kenny Paterson Arnaud Boscher Alexandre Karlov Serdar Pehlivanoglu Ahto Buldas Marcel Keller Duong Hieu Phan S´ebastien Canard John Kelsey Josef Pieprzyk Christophe De Canni`ere Shahram Khazaei Benny Pinkas David Cash Eike Kiltz Zeger Plug Wouter Castryck Thorsten Kleinjung Bart Preneel Pascale Charpin Hugo Krawczyk Emmanuel Prouff C´eline Chevalier Eyal Kushilevitz Xavier Pujol C´ecile Delerabl´ee Tanja Lange Tal Rabin Alex Dent Gregor Leander Alfredo Rial L´eo Ducas Reynald Lercier Thomas Ristenpart Thomas Dullien Ga¨etan Leurent Maike Ritzenhofen Orr Dunkelman Allison Lewko Ben Riva Sebastian Faust Peter van Liesdonk Sondre Rønjom Marc Fischlin Xiaomin Liu Rei Safavi-Naini Matthias Fitzi Carolin Lunemann Juraj Sarinay Georg Fuchsbauer Hemanta Maji Christian Schaffner Teddy Furon Yoshifumi Manabe Gil Segev Sebastian Gajek Krystian Matusiewicz Yannick Seurin David Galindo Alfred Menezes Hakan Seyalioglu Nicolas Gama Alexander Meurer Stefaan Seys Praveen Gauravaram Lorenz Minder Hovav Shacham Sharon Goldberg Marine Minier Daniel Shahaf Louis Goubin Hart Montgomery Igor Shparlinski Aline Gouget Sean Murphy Koen Simoens Vipul Goyal Mar´ıa Naya-Plasencia Dave Singel´ee Jens Groth Gregory Neven Boris Skori´ˇ c Organization IX Nigel Smart Jacques Traor´e Shabsi Walfish Ben Smith Joana Treger Huaxiong Wang Martijn Stam Elena Trichina Brent Waters Till Stegers Toyohiro Tsurumaru Steve Weis Damien Stehl´e Pim Tuyls Christopher Wolf Mario Strefler Berkant Ustao˘glu Brecht Wyseur Xiaoming Sun Vinod Vaikuntanathan Keita Xagawa Daisuke Suzuki Margarita Vald Go Yamamoto Katsuyuki Takashima Mayank Varia Santiago Stefano Tessaro Serge Vaudenay Zanella B´eguelin Kobayashi Tetsutaro Bastien Vayssi`ere Erik Zenner Søren S. Thomsen Damien Vergnaud Haibin Zhang Mehdi Tibouchi Jos´e Villegas Hong-Sheng Zhou Jean-Pierre Tillich Ivan Visconti Tomas Toft Martin Vuagnoux Table of Contents Cryptosystems I On Ideal Lattices and Learning with Errors over Rings ............... 1 Vadim Lyubashevsky, Chris Peikert, and Oded Regev Fully Homomorphic Encryption over the Integers .................... 24 Marten van Dijk, Craig Gentry, Shai Halevi, and Vinod Vaikuntanathan
Load more

Recommended publications
  • Garbled Protocols and Two-Round MPC from Bilinear Maps
    58th Annual IEEE Symposium on Foundations of Computer Science Garbled Protocols and Two-Round MPC from Bilinear Maps Sanjam Garg Akshayaram Srinivasan Dept. of Computer Science Dept. of Computer Science University of California, Berkeley University of California, Berkeley Berkeley, USA Berkeley, USA Email: [email protected] Email: [email protected] Abstract—In this paper, we initiate the study of garbled (OT) protocol [57], [2], [51], [40] gives an easy solution to protocols — a generalization of Yao’s garbled circuits construc- the problem of (semi-honest) two-round secure computation tion to distributed protocols. More specifically, in a garbled in the two-party setting. However, the same problem for protocol construction, each party can independently generate a garbled protocol component along with pairs of input the multiparty setting turns out to be much harder. Beaver, labels. Additionally, it generates an encoding of its input. The Micali and Rogaway [7] show that garbled circuits can be evaluation procedure takes as input the set of all garbled used to realize a constant round multi-party computation protocol components and the labels corresponding to the input protocol. However, unlike the two-party case, this protocol encodings of all parties and outputs the entire transcript of the is not two rounds. distributed protocol. We provide constructions for garbling arbitrary protocols A. Garbled Protocols based on standard computational assumptions on bilinear maps (in the common random string model). Next, using In this paper, we introduce a generalization of Yao’s garbled protocols we obtain a general compiler that compresses construction from circuits to distributed protocols. We next any arbitrary round multiparty secure computation protocol elaborate on (i) what it means to garble a protocol, (ii) why into a two-round UC secure protocol.
    [Show full text]
  • Onyx: New Encryption and Signature Schemes with Multivariate Public Key in Degree 3
    Onyx: New Encryption and Signature Schemes with Multivariate Public Key in Degree 3 Gilles Macario-Rat1 and Jacques Patarin2 1 Orange, Orange Gardens, 46 avenue de la R´epublique,F-92320 Ch^atillon,France [email protected] 2 Versailles Laboratory of Mathematics, UVSQ, CNRS, University of Paris-Saclay [email protected] Abstract. In this paper, we present a new secret trapdoor function for the design of multivariate schemes that we call \Onyx", suitable for en- cryption and signature. It has been inspired by the schemes presented in [19,20]. From this idea, we present some efficient encryption and signa- ture multivariate schemes with explicit parameters that resist all known attacks. In particular they resist the two main (and often very power- ful) attacks in this area: the Gr¨obner attacks (to compute a solution of the system derived from the public key) and the MinRank attacks (to recover the secret key). Specific attacks due to the properties of the function and its differential are also addressed in this paper. The \Onyx" schemes have public key equations of degree 3. Despite this, the size of the public key may still be reasonable since we can use larger fields and smaller extension degrees. Onyx signatures can be as short as the \birth- day paradox" allows, i.e. twice the security level, or even shorter thanks to the Feistel-Patarin construction, like many other signatures schemes based on multivariate equations. Keywords: public-key cryptography, post-quantum multivariate cryptography, UOV, HFE, Gr¨obnerbasis, MinRank problem, differential attacks. 1 Introduction Many schemes in Multivariate cryptography have been broken.
    [Show full text]
  • ACM SIGLOG News 1 October 2015, Vol
    Volume 2, Number 4 Published by the Association for Computing Machinery Special Interest Group on Logic and Computation October 2015 SIGLOG news TABLE OF CONTENTS General Information 1 From the Editor Andrzej Murawski 2 Chair's Letter Prakash Panangaden Technical Columns 3 Automata Mikołaj Bojańczyk 16 Verication Neha Rungta Announcements 26 Gödel Prize - Call for Nominations 28 SIGLOG Monthly 175 SIGLOG NEWS Published by the ACM Special Interest Group on Logic and Computation SIGLOG Executive Committee Chair Prakash Panangaden McGill University Vice-Chair Luke Ong University of Oxford Treasurer Natarajan Shankar SRI International Secretary Alexandra Silva Radboud University Nijmegen Catuscia Palamidessi INRIA and LIX, Ecole´ Polytechnique EACSL President Anuj Dawar University of Cambridge EATCS President Luca Aceto Reykjavik University ACM ToCL E-in-C Dale Miller INRIA and LIX, Ecole´ Polytechnique Andrzej Murawski University of Warwick Veronique´ Cortier CNRS and LORIA, Nancy ADVISORY BOARD Mart´ın Abadi Google and UC Santa Cruz Phokion Kolaitis University of California, Santa Cruz Dexter Kozen Cornell University Gordon Plotkin University of Edinburgh Moshe Vardi Rice University COLUMN EDITORS Automata Mikołaj Bojanczyk´ University of Warsaw Complexity Neil Immerman University of Massachusetts Amherst Security and Privacy Matteo Maffei CISPA, Saarland University Semantics Mike Mislove Tulane University Verification Neha Rungta SGT Inc. and NASA Ames Notice to Contributing Authors to SIG Newsletters By submitting your article for distribution
    [Show full text]
  • The Gödel Prize 2020 - Call for Nominatonn
    The Gödel Prize 2020 - Call for Nominatonn Deadline: February 15, 2020 The Gödel Prize for outntanding papern in the area of theoretial iomputer niienie in nponnored jointly by the European Annoiiaton for Theoretial Computer Siienie (EATCS) and the Annoiiaton for Computng Maihinery, Speiial Innterent Group on Algorithmn and Computaton Theory (AC M SInGACT) The award in prenented annually, with the prenentaton taaing plaie alternately at the Innternatonal Colloquium on Automata, Languagen, and Programming (InCALP) and the AC M Symponium on Theory of Computng (STOC) The 28th Gödel Prize will be awarded at the 47th Innternatonal Colloquium on Automata, Languagen, and Programming to be held during 8-12 July, 2020 in Beijing The Prize in named in honour of Kurt Gödel in reiogniton of hin major iontributonn to mathematial logii and of hin interent, diniovered in a leter he wrote to John von Neumann nhortly before von Neumann’n death, in what han beiome the famoun “P vernun NP” quenton The Prize iniluden an award of USD 5,000 Award Committee: The 2020 Award Commitee ionnintn of Samnon Abramnay (Univernity of Oxford), Anuj Dawar (Chair, Univernity of Cambridge), Joan Feigenbaum (Yale Univernity), Robert Krauthgamer (Weizmann Innnttute), Daniel Spielman (Yale Univernity) and David Zuiaerman (Univernity of Texan, Auntn) Eligibility: The 2020 Prize rulen are given below and they nupernede any diferent interpretaton of the generii rule to be found on webniten of both SInGACT and EATCS Any renearih paper or nerien of papern by a ningle author or by
    [Show full text]
  • SETH-Based Lower Bounds for Subset Sum and Bicriteria Path
    SETH-Based Lower Bounds for Subset Sum and Bicriteria Path Amir Abboud1, Karl Bringmann2, Danny Hermelin3, and Dvir Shabtay3 1 Department of Computer Science, Stanford University, CA, USA [email protected] 2 Max Planck Institute for Informatics, Saarland Informatics Campus, Germany [email protected] 3 Department of Industrial Engineering and Management, Ben-Gurion University, Israel [email protected], [email protected] Abstract. Subset Sum and k-SAT are two of the most extensively studied problems in computer science, and conjectures about their hardness are among the cornerstones of fine-grained complexity. An important open problem in this area is to base the hardness of one of these problems on the other. Our main result is a tight reduction from k-SAT to Subset Sum on dense instances, proving that Bellman’s 1962 pseudo-polynomial O∗(T )-time algorithm for Subset Sum on n numbers and target T − cannot be improved to time T 1 ε · 2o(n) for any ε> 0, unless the Strong Exponential Time Hypothesis (SETH) fails. As a corollary, we prove a “Direct-OR” theorem for Subset Sum under SETH, offering a new tool for proving conditional lower bounds: It is now possible to assume that deciding whether one out of N − given instances of Subset Sum is a YES instance requires time (NT )1 o(1). As an application of this corollary, we prove a tight SETH-based lower bound for the classical Bicriteria s,t-Path problem, which is extensively studied in Operations Research. We separate its complexity from that of Subset Sum: On graphs with m edges and edge lengths bounded by L, we show that the O(Lm) pseudo- polynomial time algorithm by Joksch from 1966 cannot be improved to O˜(L + m), in contrast to a recent improvement for Subset Sum (Bringmann, SODA 2017).
    [Show full text]
  • Some Notions of Entropy for Cryptography∗
    Some Notions of Entropy for Cryptography∗ Leonid Reyzin Boston University Computer Science http://www.cs.bu.edu/~reyzin June 2, 2011 Abstract This paper presents a brief and (necessarily) incomplete survey of some notions of entropy that have been recently used in the analysis of cryptographic constructions. It focuses on min- entropy and its extensions to the cases when the adversary has correlated information and/or is computationally bounded. It also presents results that can be used to bound such entropy and apply it to the analysis of cryptographic constructions. 1 Information-Theoretic Case In many contexts, particularly in security-related ones, the ability to guess the value of a random variable (in a single attempt) is an important measures of the variable’s quality. This ability is captured by the following notion. Definition 1. A random variable X has min-entropy k, denoted H∞(X) = k, if max Pr[X = x] = 2−k. x Randomness extractors were defined to work with any distribution that has min-entropy [NZ96]. Moreover, strong extractors (whose outputs are nearly uniform even the presence of the seed) produce outputs that have, with high probability over the choice of seed, almost maximal min- entropy. Lemma 1 ([CKOR10]). If Ext : N × I → {0, 1}` is a (k, ε)-strong extractor with inputs from a set N and seeds from a distribution I, and X is a random variable taking values in N with H∞(X) ≥ k, ` then H∞(Ext(X; i)) ≥ ` − 1 with probability at least 1 − 2 ε over the choice of the seed i.
    [Show full text]
  • The Gödel Prize 2019 - Call for Nominations Deadline: February 15, 2019
    The Gödel Prize 2019 - Call for Nominations Deadline: February 15, 2019 The Gödel Prize for outstanding papers in the area of theoretical computer science is sponsored jointly by the European Association for Theoretical Computer Science (EATCS) and the Association for Computing Machinery, Special Interest Group on Algorithms and Computation Theory (ACM SIGACT). The award is presented annually, with the presentation taking place alternately at the International Colloquium on Automata, Languages, and Programming (ICALP) and the ACM Symposium on Theory of Computing (STOC). The 27th Gödel Prize will be awarded at 51st Annual ACM Symposium on the Theory of Computing to be held during June 23-26, 2019 in Phoenix, AZ. The Prize is named in honor of Kurt Gödel in recognition of his major contributions to mathematical logic and of his interest, discovered in a letter he wrote to John von Neumann shortly before von Neumann’s death, in what has become the famous “P versus NP” question. The Prize includes an award of USD 5,000. Award Committee: The 2019 Award Committee consists of Anuj Dawar (Cambridge University), Robert Krauthgamer (Weizmann Institute), Joan Feigenbaum (Yale University), Giuseppe Persiano (Università di Salerno), Omer Reingold (Chair, Stanford University) and Daniel Spielman (Yale University). Eligibility: The 2019 Prize rules are given below and they supersede any different interpretation of the generic rule to be found on websites of both SIGACT and EATCS. Any research paper or series of papers by a single author or by a team of authors is deemed eligible if: - The main results were not published (in either preliminary or final form) in a journal or conference proceedings before January 1st, 2006.
    [Show full text]
  • Bounded Independence Plus Noise Fools Products
    Bounded independence plus noise fools products Elad Haramaty∗ Chin Ho Lee∗ Emanuele Viola∗ May 4, 2017 Abstract Let D be a b-wise independent distribution over f0; 1gm. Let E be the \noise" distribution over f0; 1gm where the bits are independent and each bit is 1 with prob- ability η=2. We study which tests f : f0; 1gm ! [−1; 1] are "-fooled by D + E, i.e., j E[f(D + E)] − E[f(U)]j ≤ " where U is the uniform distribution. We show that D + E"-fools product tests f :(f0; 1gn)k ! [−1; 1] given by the product of k bounded functions on disjoint n-bit inputs with error " = k(1 − η)Ω(b2=m), where m = nk and b ≥ n. This bound is tight when b = Ω(m) and η ≥ (log k)=m. For b ≥ m2=3 log m and any constant η the distribution D + E also 0:1-fools log-space algorithms. We develop two applications of this type of results. First, we prove communi- cation lower bounds for decoding noisy codewords of length m split among k par- ties. For Reed{Solomon codes of dimension m=k where k = O(1), communication Ω(ηm) − O(log m) is required to decode one message symbol from a codeword with ηm errors, and communication O(ηm log m) suffices. Second, we obtain pseudorandom generators. We can "-fool product tests f :(f0; 1gn)k ! [−1; 1] under any permutation ~ 2 ~ p of the bits with seed lengths 2n + O(k log(1=")) andp O(n) + O( nk log 1=").
    [Show full text]
  • Cryptographic Assumptions: a Position Paper
    Cryptographic Assumptions: A Position Paper Shafi Goldwasser ∗ Yael Tauman Kalai y Abstract The mission of theoretical cryptography is to define and construct provably secure cryptographic protocols and schemes. Without proofs of security, cryptographic con- structs offer no guarantees whatsoever and no basis for evaluation and comparison. As most security proofs necessarily come in the form of a reduction between the security claim and an intractability assumption, such proofs are ultimately only as good as the assumptions they are based on. Thus, the complexity implications of every assumption we utilize should be of significant substance, and serve as the yard stick for the value of our proposals. Lately, the field of cryptography has seen a sharp increase in the number of new assumptions that are often complex to define and difficult to interpret. At times, these assumptions are hard to untangle from the constructions which utilize them. We believe that the lack of standards of what is accepted as a reasonable crypto- graphic assumption can be harmful to the credibility of our field. Therefore, there is a great need for measures according to which we classify and compare assumptions, as to which are safe and which are not. In this paper, we propose such a classification and review recently suggested assumptions in this light. This follows the footsteps of Naor (Crypto 2003). Our governing principle is relying on hardness assumptions that are independent of the cryptographic constructions. ∗MIT and Weizmann Institute. Email: shafi@theory.csail.mit.edu. yMicrosoft Research. Email: [email protected]. 1 Introduction Conjectures and assumptions are instrumental for the advancement of science.
    [Show full text]
  • EATCS General Assembly 2013
    EATCS General Assembly 2013 Luca Aceto School of Computer Science, Reykjavik University [email protected] 10 July 2013 Luca Aceto EATCS General Assembly 2013 Agenda for the general assembly 1 Reports on ICALP 2013 2 Award of the best student papers 3 Report on the organization of ICALP 2014 (Philip Bille) 4 Proposal for ICALP 2015 for approval by the General Assembly (Kazuo Iwama) 5 Orna Kupferman. The Gender Challenge at TCS. 6 Report from the president 7 Any other business Luca Aceto EATCS General Assembly 2013 In memoriam Kohei Honda Philippe Darondeau (ICALP 2012 invited speaker) Luca Aceto EATCS General Assembly 2013 Reports on ICALP 2013 1 Organizing committee (Agnis Skuskovniks) 2 Marta Kwiatkowska on behalf of the PC chairs Festive occasion This is the 40th ICALP! Luca Aceto EATCS General Assembly 2013 Award of the best student papers Best student paper for Track A Radu Curticapean. Counting matchings of size k is #W [1]-hard Best student paper for Track B Nicolas Basset. A maximal entropy stochastic process for a timed automaton. There was no eligible accepted paper for Track C this year. Luca Aceto EATCS General Assembly 2013 Upcoming ICALP conferences Report on the organization of ICALP 2014 in Copenhagen (Philip Bille) Novelty: Four-day ICALP! PC chairs: Track A: Elias Koutsoupias (Oxford, UK); Track B: Javier Esparza (TU M¨unich,Germany); Track C: Pierre Fraigniaud (Paris Diderot, FR). Invited speakers: Sanjeev Arora (Princeton University, USA), Maurice Herlihy (Brown University, USA), Viktor Kuncak (EPFL, CH) and Claire Mathieu (ENS Paris, France). Proposal for ICALP 2015 in Kyoto for approval by the General Assembly (Kazuo Iwama) Co-located with LICS 2015 First ICALP ever outside Europe! Luca Aceto EATCS General Assembly 2013 Upcoming ICALP conferences Report on the organization of ICALP 2014 in Copenhagen (Philip Bille) Novelty: Four-day ICALP! PC chairs: Track A: Elias Koutsoupias (Oxford, UK); Track B: Javier Esparza (TU M¨unich,Germany); Track C: Pierre Fraigniaud (Paris Diderot, FR).
    [Show full text]
  • SIGACT Viability
    SIGACT Name and Mission: SIGACT: SIGACT Algorithms & Computation Theory The primary mission of ACM SIGACT (Association for Computing Machinery Special Interest Group on Algorithms and Computation Theory) is to foster and promote the discovery and dissemination of high quality research in the domain of theoretical computer science. The field of theoretical computer science is interpreted broadly so as to include algorithms, data structures, complexity theory, distributed computation, parallel computation, VLSI, machine learning, computational biology, computational geometry, information theory, cryptography, quantum computation, computational number theory and algebra, program semantics and verification, automata theory, and the study of randomness. Work in this field is often distinguished by its emphasis on mathematical technique and rigor. Newsletters: Volume Issue Issue Date Number of Pages Actually Mailed 2014 45 01 March 2014 N/A 2013 44 04 December 2013 104 27-Dec-13 44 03 September 2013 96 30-Sep-13 44 02 June 2013 148 13-Jun-13 44 01 March 2013 116 18-Mar-13 2012 43 04 December 2012 140 29-Jan-13 43 03 September 2012 120 06-Sep-12 43 02 June 2012 144 25-Jun-12 43 01 March 2012 100 20-Mar-12 2011 42 04 December 2011 104 29-Dec-11 42 03 September 2011 108 29-Sep-11 42 02 June 2011 104 N/A 42 01 March 2011 140 23-Mar-11 2010 41 04 December 2010 128 15-Dec-10 41 03 September 2010 128 13-Sep-10 41 02 June 2010 92 17-Jun-10 41 01 March 2010 132 17-Mar-10 Membership: based on fiscal year dates 1st Year 2 + Years Total Year Professional
    [Show full text]
  • New Generic Algorithms for Hard Knapsacks
    New generic algorithms for hard knapsacks Nick Howgrave-Graham1 and Antoine Joux2 1 35 Park St, Arlington, MA 02474 [email protected] 2 dga and Universit´ede Versailles Saint-Quentin-en-Yvelines uvsq prism, 45 avenue des Etats-Unis,´ f-78035, Versailles cedex, France [email protected] Abstract. In this paper3, we study the complexity of solving hard knap- sack problems, i.e., knapsacks with a density close to 1 where lattice- based low density attacks are not an option. For such knapsacks, the cur- rent state-of-the-art is a 31-year old algorithm by Schroeppel and Shamir which is based on birthday paradox techniques and yields a running time of O~(2n=2) for knapsacks of n elements and uses O~(2n=4) storage. We propose here two new algorithms which improve on this bound, finally lowering the running time down to O~(20:3113 n) for almost all knapsacks of density 1. We also demonstrate the practicality of these algorithms with an implementation. 1 Introduction The 0{1 knapsack problem or subset sum problem is a famous NP-hard problem which has often been used in the construction of cryptosystems. An instance of this problem consists of a list of n positive integers (a1; a2; ··· ; an) together with another positive integer S. Given an instance, there exist two forms of knapsack problems. The first form is the decision knapsack problem, where we need to decide whether S can be written as: n X S = iai; i=1 with values of i in f0; 1g. The second form is the computational knapsack prob- lem where we need to recover a solution = (1; ··· ; n) if at least one exists.
    [Show full text]