An Improved Multilinear Map and its Applications

2015 ◽  
Vol 10 (3) ◽  
pp. 64-81 ◽  
Author(s):  
Chunsheng Gu
Keyword(s):  
Random Matrix ◽  
Principal Ideal ◽  
Key Exchange ◽  
Ideal Lattice ◽  
Witness Encryption ◽  
Lattice Problem ◽  
Multilinear Maps ◽  
Multilinear Map ◽  
Cover Problem ◽  
Exact Cover

Cryptographic multilinear maps have extensive applications. However, current constructions of multilinear maps suffer from the zeroizing attacks. For a candidate construction of multilinear maps described by Garg, Gentry, and Halevi (GGH13), Hu & Jia recently presented an efficient attack, which broke the GGH13-based applications of multipartite key exchange (MPKE) and witness encryption (WE) based on the hardness of 3-exact cover problem. By introducing random matrix, the author presents an improvement of the GGH13 map, which supports the applications for public tools of encoding in the GGH13 map, such as MPKE and WE. The security of the construction depends upon new hardness assumption. Moreover, the author's improvement destroys the structure of the ring element in the principal ideal lattice problem, and avoids potential attacks using algorithm of solving short principal ideal lattice generator.

scholarly journals Multiparty Non-Interactive Key Exchange and More From Isogenies on Elliptic Curves

2020 ◽  
Vol 14 (1) ◽  
pp. 5-14
Author(s):  
Dan Boneh ◽  
Darren Glass ◽  
Daniel Krashen ◽  
Kristin Lauter ◽  
Shahed Sharif ◽  
...  
Keyword(s):  
Elliptic Curves ◽  
Abelian Variety ◽  
Efficient Algorithm ◽  
Group Structure ◽  
Mathematical Problem ◽  
Key Exchange ◽  
Cryptographic Primitives ◽  
Indistinguishability Obfuscation ◽  
Multilinear Maps ◽  
Multilinear Map

AbstractWe describe a framework for constructing an efficient non-interactive key exchange (NIKE) protocol for n parties for any n ≥ 2. Our approach is based on the problem of computing isogenies between isogenous elliptic curves, which is believed to be difficult. We do not obtain a working protocol because of a missing step that is currently an open mathematical problem. What we need to complete our protocol is an efficient algorithm that takes as input an abelian variety presented as a product of isogenous elliptic curves, and outputs an isomorphism invariant of the abelian variety.Our framework builds a cryptographic invariant map, which is a new primitive closely related to a cryptographic multilinear map, but whose range does not necessarily have a group structure. Nevertheless, we show that a cryptographic invariant map can be used to build several cryptographic primitives, including NIKE, that were previously constructed from multilinear maps and indistinguishability obfuscation.

scholarly journals A note on extensions of multilinear maps defined on multilinear varieties

2021 ◽  
pp. 1-26
Author(s):  
W. T. Gowers ◽  
L. Milićević
Keyword(s):  
Finite Fields ◽  
Vector Spaces ◽  
Restriction Map ◽  
Zero Set ◽  
Dimensional Vector ◽  
Prime Field ◽  
Finite Dimensional ◽  
Multilinear Maps ◽  
Multilinear Map

Abstract Let $G_1, \ldots , G_k$ be finite-dimensional vector spaces over a prime field $\mathbb {F}_p$ . A multilinear variety of codimension at most $d$ is a subset of $G_1 \times \cdots \times G_k$ defined as the zero set of $d$ forms, each of which is multilinear on some subset of the coordinates. A map $\phi$ defined on a multilinear variety $B$ is multilinear if for each coordinate $c$ and all choices of $x_i \in G_i$ , $i\not =c$ , the restriction map $y \mapsto \phi (x_1, \ldots , x_{c-1}, y, x_{c+1}, \ldots , x_k)$ is linear where defined. In this note, we show that a multilinear map defined on a multilinear variety of codimension at most $d$ coincides on a multilinear variety of codimension $O_{k}(d^{O_{k}(1)})$ with a multilinear map defined on the whole of $G_1\times \cdots \times G_k$ . Additionally, in the case of general finite fields, we deduce similar (but slightly weaker) results.

scholarly journals A Global Constraint for the Exact Cover Problem: Application to Conceptual Clustering

2020 ◽  
Vol 67 ◽  
pp. 509-547
Author(s):  
Maxime Chabert ◽  
Christine Solnon
Keyword(s):  
Scale Up ◽  
Global Constraint ◽  
Conceptual Clustering ◽  
Specific Data ◽  
Binary Constraints ◽  
Arc Consistency ◽  
Selected Subset ◽  
Cover Problem ◽  
Clustering Problems ◽  
Exact Cover

We introduce the exactCover global constraint dedicated to the exact cover problem, the goal of which is to select subsets such that each element of a given set belongs to exactly one selected subset. This NP-complete problem occurs in many applications, and we more particularly focus on a conceptual clustering application. We introduce three propagation algorithms for exactCover, called Basic, DL, and DL+: Basic ensures the same level of consistency as arc consistency on a classical decomposition of exactCover into binary constraints, without using any specific data structure; DL ensures the same level of consistency as Basic but uses Dancing Links to efficiently maintain the relation between elements and subsets; and DL+ is a stronger propagator which exploits an extra property to filter more values than DL. We also consider the case where the number of selected subsets is constrained to be equal to a given integer variable k, and we show that this may be achieved either by combining exactCover with existing constraints, or by designing a specific propagator that integrates algorithms designed for the NValues constraint. These different propagators are experimentally evaluated on conceptual clustering problems, and they are compared with state-of-the-art declarative approaches. In particular, we show that our global constraint is competitive with recent ILP and CP models for mono-criterion problems, and it has better scale-up properties for multi-criteria problems.

scholarly journals An algorithm for NTRU problems and cryptanalysis of the GGH multilinear map without a low-level encoding of zero

2016 ◽  
Vol 19 (A) ◽  
pp. 255-266 ◽  
Author(s):  
Jung Hee Cheon ◽  
Jinhyuck Jeong ◽  
Changmin Lee
Keyword(s):  
Polynomial Time ◽  
Euclidean Norm ◽  
Low Level ◽  
Ideal Lattices ◽  
Security Parameter ◽  
Main Technique ◽  
Multilinear Maps ◽  
Multilinear Map

Let$\mathbf{f}$and$\mathbf{g}$be polynomials of a bounded Euclidean norm in the ring$\mathbb{Z}[X]/\langle X^{n}+1\rangle$. Given the polynomial$[\mathbf{f}/\mathbf{g}]_{q}\in \mathbb{Z}_{q}[X]/\langle X^{n}+1\rangle$, the NTRU problem is to find$\mathbf{a},\mathbf{b}\in \mathbb{Z}[X]/\langle X^{n}+1\rangle$with a small Euclidean norm such that$[\mathbf{a}/\mathbf{b}]_{q}=[\mathbf{f}/\mathbf{g}]_{q}$. We propose an algorithm to solve the NTRU problem, which runs in$2^{O(\log ^{2}\unicode[STIX]{x1D706})}$time when$\Vert \mathbf{g}\Vert ,\Vert \mathbf{f}\Vert$, and$\Vert \mathbf{g}^{-1}\Vert$are within some range. The main technique of our algorithm is the reduction of a problem on a field to one on a subfield. The GGH scheme, the first candidate of an (approximate) multilinear map, was recently found to be insecure by the Hu–Jia attack using low-level encodings of zero, but no polynomial-time attack was known without them. In the GGH scheme without low-level encodings of zero, our algorithm can be directly applied to attack this scheme if we have some top-level encodings of zero and a known pair of plaintext and ciphertext. Using our algorithm, we can construct a level-$0$encoding of zero and utilize it to attack a security ground of this scheme in the quasi-polynomial time of its security parameter using the parameters suggested by Garg, Gentry and Halevi [‘Candidate multilinear maps from ideal lattices’,Advances in cryptology — EUROCRYPT 2013(Springer, 2013) 1–17].

scholarly journals EXISTENCE OF -ANALOGS OF STEINER SYSTEMS

2016 ◽  
Vol 4 ◽  
Author(s):  
MICHAEL BRAUN ◽  
TUVI ETZION ◽  
PATRIC R. J. ÖSTERGÅRD ◽  
ALEXANDER VARDY ◽  
ALFRED WASSERMANN
Keyword(s):  
Finite Field ◽  
Vector Space ◽  
Automorphism Groups ◽  
Steiner System ◽  
Dimensional Subspace ◽  
Steiner Systems ◽  
Cover Problem ◽  
Exact Cover

Let $\mathbb{F}_{q}^{n}$ be a vector space of dimension $n$ over the finite field $\mathbb{F}_{q}$. A $q$-analog of a Steiner system (also known as a $q$-Steiner system), denoted ${\mathcal{S}}_{q}(t,\!k,\!n)$, is a set ${\mathcal{S}}$ of $k$-dimensional subspaces of $\mathbb{F}_{q}^{n}$ such that each $t$-dimensional subspace of $\mathbb{F}_{q}^{n}$ is contained in exactly one element of ${\mathcal{S}}$. Presently, $q$-Steiner systems are known only for $t\,=\,1\!$, and in the trivial cases $t\,=\,k$ and $k\,=\,n$. In this paper, the first nontrivial $q$-Steiner systems with $t\,\geqslant \,2$ are constructed. Specifically, several nonisomorphic $q$-Steiner systems ${\mathcal{S}}_{2}(2,3,13)$ are found by requiring that their automorphism groups contain the normalizer of a Singer subgroup of $\text{GL}(13,2)$. This approach leads to an instance of the exact cover problem, which turns out to have many solutions.

scholarly journals Cryptographic multilinear maps using pro-p groups

2021 ◽  
Vol 0 (0) ◽  
pp. 0
Author(s):  
Delaram Kahrobaei ◽  
Mima Stanojkovski
Keyword(s):  
Nilpotent Group ◽  
Nilpotent Groups ◽  
Key Exchange ◽  
Key Exchange Protocol ◽  
Multilinear Maps

<p style='text-indent:20px;'>In [<xref ref-type="bibr" rid="b18">18</xref>], the authors show how, to any nilpotent group of class <inline-formula><tex-math id="M2">\begin{document}$ n $\end{document}</tex-math></inline-formula>, one can associate a non-interactive key exchange protocol between <inline-formula><tex-math id="M3">\begin{document}$ n+1 $\end{document}</tex-math></inline-formula> users. The <i>multilinear</i> commutator maps associated to nilpotent groups play a key role in this protocol. In the present paper, we explore some alternative platforms, such as pro-<inline-formula><tex-math id="M4">\begin{document}$ p $\end{document}</tex-math></inline-formula> groups.</p>

Sign in / Sign up

Export Citation Format

Share Document