Showing papers on "Ring of integers published in 2016"
08 May 2016
TL;DR: In this paper, it was shown that the log-unit lattice of the ring of integers of a cyclotomic number field can be decoded in polynomial time.
Abstract: A handful of recent cryptographic proposals rely on the conjectured hardness of the following problem in the ring of integers of a cyclotomic number field: given a basis of a principal ideal that is guaranteed to have a "rather short" generator, find such a generator. Recently, Bernstein and Campbell-Groves-Shepherd sketched potential attacks against this problem; most notably, the latter authors claimed a polynomial-time quantum algorithm. Alternatively, replacing the quantum component with an algorithm of Biasse and Fieker would yield a classical subexponential-time algorithm. A key claim of Campbell et al. is that one step of their algorithm--namely, decoding the log-unit lattice of the ring to recover a short generator from an arbitrary one--is classically efficient whereas the standard approach on general lattices takes exponential time. However, very few convincing details were provided to substantiate this claim.
In this work, we clarify the situation by giving a rigorous proof that the log-unit lattice is indeed efficiently decodable, for any cyclotomic of prime-power index. Combining this with the quantum algorithm from a recent work of Biasse and Song confirms the main claim of Campbell et al. Our proof consists of two main technical contributions: the first is a geometrical analysis, using tools from analytic number theory, of the standard generators of the group of cyclotomic units. The second showsthat for a wide class of typical distributions of the short generator, a standard lattice-decoding algorithm can recover it, given any generator.
By extending our geometrical analysis, as a second main contribution we obtain an efficient algorithm that, given any generator of a principal ideal in a prime-power cyclotomic, finds a $$2^{\tilde{O}\sqrt{n}}$$ -approximate shortest vector in the ideal. Combining this with the result of Biasse and Song yields a quantum polynomial-time algorithm for the $$2^{\tilde{O}\sqrt{n}}$$ -approximate Shortest Vector Problem on principal ideal lattices.
92 citations
TL;DR: In this paper, it was shown that the valuation of a non-zero rational function is piecewise linear on a skeleton S ( X, H ) in a strictly semistable K ∘ -model X of X plus a suitable horizontal divisor H in the analytification of X. This generalizes Berkovich's original construction by admitting unbounded faces in the directions of the components of H.
75 citations
Posted Content•
TL;DR: In this paper, it was shown that the lower density of monic integer polynomials with square-free discriminant is positive and that the exponent in this lower bound is optimal.
Abstract: We determine the density of monic integer polynomials of given degree $n>1$ that have squarefree discriminant; in particular, we prove for the first time that the lower density of such polynomials is positive. Similarly, we prove that the density of monic integer polynomials $f(x)$, such that $f(x)$ is irreducible and $\mathbb Z[x]/(f(x))$ is the ring of integers in its fraction field, is positive, and is in fact given by $\zeta(2)^{-1}$.
It also follows from our methods that there are $\gg X^{1/2+1/n}$ monogenic number fields of degree $n$ having associated Galois group $S_n$ and absolute discriminant less than $X$, and we conjecture that the exponent in this lower bound is optimal.
65 citations
TL;DR: In this article, a rational map of degree greater than 1 defined over a number field k with ring of integers o(k) is defined, and for each prime p of good reduction for phi(p) denotes the red...
Abstract: Let phi : P-1 -> P-1 be a rational map of degree greater than 1 defined over a number field k with ring of integers o(k). For each prime p of good reduction for phi, we let phi(p) denote the red ...
42 citations
TL;DR: In this paper, an integral model for the modular curve over the ring of integers of a sufficiently ramified extension of Z whose special fiber is a semistable curve in the sense that its only singularities are normal crossings is presented.
Abstract: We produce an integral model for the modular curve $$X(Np^m)$$
over the ring of integers of a sufficiently ramified extension of $$\mathbf {Z}_p$$
whose special fiber is a semistable curve in the sense that its only singularities are normal crossings. This is done by constructing a semistable covering (in the sense of Coleman) of the supersingular part of $$X(Np^m)$$
, which is a union of copies of a Lubin–Tate curve. In doing so we tie together non-abelian Lubin–Tate theory to the representation-theoretic point of view afforded by Bushnell–Kutzko types. For our analysis it was essential to work with the Lubin–Tate curve not at level $$p^m$$
but rather at infinite level. We show that the infinite-level Lubin–Tate space (in arbitrary dimension, over an arbitrary nonarchimedean local field) has the structure of a perfectoid space, which is in many ways simpler than the Lubin–Tate spaces of finite level.
38 citations
TL;DR: In this paper, the integral cohomology of Γ up to p-power torsion for small primes p was derived for the case N = 3, D = − 3, − 4 when N = 4.
32 citations
TL;DR: For any epsilon > 0, a family of number fields K is provided for which this variant of ring-LWE can be broken easily as soon as the errors are scaled up by vertical bar Delta(K)vertical bar((1-epsilon)/n).
Abstract: Since its introduction in 2010 by Lyubashevsky, Peikert and Regev, the ring learning with errors problem (ring-LWE) has become a popular building block for cryptographic primitives, due to its great versatility and its hardness proof consisting of a (quantum) reduction from ideal lattice problems. But, for a given modulus q and degree n number field K, generating ring-LWE samples can be perceived as cumbersome, because the secret keys have to be taken from the reduction mod q of a certain fractional ideal O-K(V) subset of K called the codifferent or 'dual', rather than from the ring of integers O-K itself. This has led to various non-dual variants of ring-LWE, in which one compensates for the non-duality by scaling up the errors. We give a comparison of these versions, and revisit some unfortunate choices that have been made in the recent literature, one of which is scaling up by vertical bar Delta(K)vertical bar(1/2n) with Delta(K) the discriminant of K. As a main result, we provide, for any epsilon > 0, a family of number fields K for which this variant of ring-LWE can be broken easily as soon as the errors are scaled up by vertical bar Delta(K)vertical bar((1-epsilon)/n).
19 citations
TL;DR: In this paper, the authors studied Galois descents for categories of mixed Tate motives over O N [ 1 / N ], for N ∈ { 2, 3, 4, 8 } or O N for N = 6, with O N the ring of integers of the Nth cyclotomic field, and constructed families of motivic iterated integrals with prescribed properties.
18 citations
16 Nov 2016
TL;DR: This paper revisits the HElib-based implementation of homomorphically arithmetic operations on encrypted integers and shows that the implementation outperforms Chen and Guang’s significantly.
Abstract: Fully homomorphic encryption allows cloud servers to evaluate any computable functions for clients without revealing any information. It attracts much attention from both of the scientific community and the industry since Gentry’s seminal scheme. Currently, the Brakerski-Gentry-Vaikuntanathan scheme with its optimizations is one of the most potentially practical schemes and has been implemented in a homomorphic encryption C++ library HElib. HElib supplies friendly interfaces for arithmetic operations of polynomials over finite fields. Based on HElib, Chen and Guang (2015) implemented arithmetic over encrypted integers. In this paper, we revisit the HElib-based implementation of homomorphically arithmetic operations on encrypted integers. Due to several optimizations and more suitable arithmetic circuits for homomorphic encryption evaluation, our implementation is able to homomorphically evaluate 64-bit addition/subtraction and 16-bit multiplication for encrypted integers without bootstrapping. Experiments show that our implementation outperforms Chen and Guang’s significantly.
17 citations
TL;DR: This contribution presents a formalised algorithm in the Isabelle/HOL proof assistant to compute echelon forms, and, as a consequence, characteristic polynomials of matrices, and proves its correctness over Bézout domains.
Abstract: In this contribution we present a formalised algorithm in the Isabelle/HOL proof assistant to compute echelon forms, and, as a consequence, characteristic polynomials of matrices. We have proved its correctness over Bezout domains, but its executability is only guaranteed over Euclidean domains, such as the integer ring and the univariate polynomials over a field. This is possible since the algorithm has been parameterised by a (possibly non-computable) operation that returns the Bezout coefficients of a pair of elements of a ring. The echelon form is also used to compute determinants and inverses of matrices. As a by-product, some algebraic structures have been implemented (principal ideal domains, Bezout domains, etc.). In order to improve performance, the algorithm has been refined to immutable arrays inside of Isabelle and code can be generated to functional languages as well.
16 citations
TL;DR: In this article, the normal zeta functions of the Heisenberg groups H(R), where R is a compact discrete valuation ring of characteristic zero, were shown to satisfy functional equations upon inversion of the prime.
Abstract: We compute explicitly the normal zeta functions of the Heisenberg groups H(R), where R is a compact discrete valuation ring of characteristic zero. These zeta functions occur as Euler factors of normal zeta functions of Heisenberg groups of the form H(O
K
), where O
K
is the ring of integers of an arbitrary number field K, at the rational primes which are non-split in K. We show that these local zeta functions satisfy functional equations upon inversion of the prime.
TL;DR: In this article, the completed cohomology groups of SLN.OF /, where OF is the ring of integers of a number field, were compared to K-theory and Galois cohomologies.
Abstract: We relate the completed cohomology groups of SLN .OF / , where OF is the ring of integers of a number field, to K–theory and Galois cohomology. Various consequences include showing that Borel’s stable classes become infinitely p–divisible up the p–congruence tower if and only if a certain p–adic zeta value is nonzero. We use our results to compute H2.N .p/;Fp/ (for sufficiently large N ), where N .p/ is the full level-p congruence subgroup of SLN .Z/ .
TL;DR: This paper proposes a symmetric FHE scheme based on polynomial over ring of integers which is somewhat homomorphic due to accumulation of noise after few operations, which is made fully homomorphic using a refresh procedure.
Abstract: Summary Security of data, especially in clouds, has become immensely essential for present-day applications. Fully homomorphic encryption (FHE) is a great way to secure data which is used and manipulated by untrusted applications or systems. In this paper, we propose a symmetric FHE scheme based on polynomial over ring of integers. This scheme is somewhat homomorphic due to accumulation of noise after few operations, which is made fully homomorphic using a refresh procedure. After certain amount of homomorphic computations, large ciphertexts are refreshed for proper decryption. The hardness of the scheme is based on the difficulty of factorizing large integers. Also, it requires polynomial addition which is computationally cost effective. Experimental results are shown to support our claim.
11 Sep 2016
TL;DR: This work shows that algebraic lattices constructed from error-correcting codes achieve the ergodic capacity of the fading channel using a generalized version of the Minkowski-Hlawka theorem and shaping techniques based on the lattice Gaussian distribution.
Abstract: In this work we show that algebraic lattices constructed from error-correcting codes achieve the ergodic capacity of the fading channel The main ingredients for our construction are a generalized version of the Minkowski-Hlawka theorem and shaping techniques based on the lattice Gaussian distribution The structure of the ring of integers in a number field plays an important role in the proposed construction In the case of independent and identically distributed fadings, the lattices considered exhibit full diversity and an exponential decay of the probability of error with respect to the blocklength
TL;DR: In this paper, the Dedekind theorem for the ring of algebraic integers of an algebraic number field K =Q(θ) was characterized for polynomials that do not divide the discriminant of a polynomial algebraic integer F(x) but do not necessarily divide [AK:Z[θ] when u = 0 or u divides m.
TL;DR: In this article, the authors studied the collection of all such classes and showed that a subset of them is in fact a subgroup of Cl ( O K G ) of odd order groups.
Posted Content•
TL;DR: It is shown how tropical varieties of ideals I over a field K with non-trivial valuation can be traced back to tropical varieties in R[[t]][x] over some dense subring R in its ring of integers.
Abstract: We show how tropical varieties of ideals I over a field K with non-trivial valuation can be traced back to tropical varieties of ideals in R[[t]][x] over some dense subring R in its ring of integers. Moreover, for homogeneous ideals, we present algorithms on how the latter can be computed in finite time, provided that generators are polynomial in t. While doing so, we also comment on the computation of the Groebner polytope structure and p-adic Groebner bases using our framework. All algorithms solely rely on existing standard basis techniques.
TL;DR: In this paper, it was shown that the above equality of classes still holds when N/E has even order, under the assumption that N / E is locally abelian.
TL;DR: This paper revisits Bogdan Nica's 2011 paper, “The Unreasonable Slightness of E2 over Imaginary Quadratic Rings” and correct an inaccuracy in his proof.
Abstract: We revisit Bogdan Nica's 2011 paper, "The Unreasonable Slightness of E2 over Imaginary Quadratic Rings" and correct an inaccuracy in his proof. 1. INTRODUCTION. We review briefly the setup of Nica's paper (3). Let A be a commutative ring and En(A) the group generated by elementary matrices, i.e., matri- ces in SLn(A) that have ones on the diagonal, and have one nonzero off-diagonal entry. It is a basic fact that SLn(Z) = En(Z), which prompts the question: What happens for other commutative rings A? In the course of their resolution of the congruence subgroup problem, Bass, Milnor, and Serre (1) settled the matter for algebraic number fields in higher dimensions. Theorem 1 (Bass-Milnor-Serre). Let A = OK be the ring of integers of any algebraic number field K. Then, if n > 2 ,S Ln(A) = En(A). Similarly, with n = 2 and for all algebraic number fields other than the imaginary quadratic ones, Vaserstein (4) showed that elementary matrices are enough. Theorem 2 (Vaserstein). Let A = OK be the ring of integers of an algebraic number field K. Then, if K is not imaginary quadratic, SL2(A) = E2(A). In contrast, imaginary quadratic fields with n = 2 behave very differently, as was
01 Jan 2016
TL;DR: A survey of attacks on ring and polynomial learning with errors problems can be found in this paper, where Eisentraeger et al. survey the status of ring-LWE attacks.
Abstract: In this paper, we survey the status of attacks on the ring and polynomial learning with errors problems (RLWE and PLWE). Recent work on the security of these problems (Eisentraeger et al., Weak Instances of PLWE. In: Proceedings of the selected areas of cryptography 2014. Lecture notes in computer science. Springer, New York, 2014; Elias Y., Lauter K., Ozman E., Stange K., Provably weak instances of ring-LWE. In: Advances in Cryptology – CRYPTO 2015. Springer, 2015 gives rise to interesting questions about number fields. We extend these attacks and survey related open problems in number theory, including spectral distortion of an algebraic number and its relationship to Mahler measure, the monogenic property for the ring of integers of a number field, and the size of elements of small order modulo q.
TL;DR: In this article, the authors gave an explicit construction of all the regular representations of the ring of integers in a non-Archimedean local field with finite residue field, and showed that these regular representations form the largest class of representations of finite groups which are currently amenable to explicit construction.
Abstract: Let $\mathfrak{o}$ be the ring of integers in a non-Archimedean local field with finite residue field, $\mathfrak{p}$ its maximal ideal, and $r\geq2$ an integer. An irreducible representation of the finite group $G_{r}=\mathrm{GL}_{N}(\mathfrak{o}/\mathfrak{p}^{r})$ is called regular if its restriction to the principal congruence kernel $K^{r-1}=1+\mathfrak{p}^{r-1}\mathrm{M}_{N}(\mathfrak{o}/\mathfrak{p}^{r})$ consists of representations whose stabilisers modulo $K^{1}$ are centralisers of regular elements in $\mathrm{M}_{N}(\mathfrak{o}/\mathfrak{p})$.
The regular representations form the largest class of representations of $G_{r}$ which is currently amenable to explicit construction. Their study, motivated by constructions of supercuspidal representations, goes back to Shintani, but the general case remained open for a long time. In this paper we give an explicit construction of all the regular representations of $G_{r}$.
TL;DR: In this article, the structure of a finite Galois extension of the ring of integers is described, where M/L, L/K, and K/ℚ�姫 p� for a fixed uniformizer π is a maximal ideal.
Abstract: In the paper, the structure of the $$ \mathcal{O} $$
K
[G]-module F(
$$ \mathfrak{m} $$
M
) is described, where M/L, L/K, and K/ℚ
p
are finite Galois extensions (p is a fixed prime number), G = Gal(M/L), $$ \mathfrak{m} $$
M
is a maximal ideal of the ring of integers $$ \mathcal{O} $$
M, and F is a Lubin–Tate formal group law over the ring $$ \mathcal{O} $$
K
for a fixed uniformizer π.
01 Sep 2016
TL;DR: The aim is to get Construction-A lattices that are good for both Gaussian and block-fading channels, and how the code alphabet size should be chosen should be studied in order to avoid error floors on the Gaussian channel.
Abstract: Lattices from Construction A and non-binary codes are considered. These lattices are built from number fields as coset codes of the ring of integers O K modulo an ideal I. Diversity of a Construction-A lattice Λ on block-fading channels is guaranteed by the chain Im ⊂ Λ ⊂ O K m. We study how the code alphabet size should be chosen in order to avoid error floors on the Gaussian channel due to the sublattice Im. Our aim is to get Construction-A lattices that are good for both Gaussian and block-fading channels.
TL;DR: In this paper, an analogue of Hecke and Sturm bounds for Hilbert modular forms over real quadratic fields is given, where the Fourier expansion coefficients of a form (G) are assumed to vanish on the set of elements in the set.
Abstract: In this article we give an analogue of Hecke and Sturm bounds for Hilbert modular forms over real quadratic fields. Let $K$ be a real quadratic field and $\Om_K$ its ring of integers. Let $\Gamma$ be a congruence subgroup of $\SL_2(\Om_K)$ and $M_{(k_1,k_2)}(\Gamma)$ the space of Hilbert modular forms of weight $(k_1,k_2)$ for $\Gamma$. The first main result is an algorithm to construct a finite set $S$, depending on $K$, $\Gamma$ and $(k_1,k_2)$, such that if the Fourier expansion coefficients of a form $G \in M_{(k_1,k_2)}(\Gamma)$ vanish on the set $S$, then $G$ is the zero form. The second result corresponds to the same statement in the Sturm case, i.e. suppose that all the Fourier coefficients of the form $G$ lie in a finite extension of $\Q$, and let $\id{p}$ be a prime ideal in such extension, whose norm is unramified in $K$; suppose furthermore that the Fourier expansion coefficients of $G$ lie in the ideal $\id{p}$ for all the elements in $S$, then they all lie in the ideal $\id{p}$.
TL;DR: In this article, it was shown that the set Cl ∞ ( O _ V ) of O { ∞ } -isomorphism classes in the genus of f of rank n > 2 is bijective as a pointed set to the abelian groups H et 2 ( O ∞, μ _ 2 ) ≅ Pic(C af ) / 2, i.e. it is an invariant of C af.
TL;DR: In this paper, the authors considered the set of all integral elements over a domain A that can occur as an eigenvalue of a symmetric matrix over A and gave a sufficient criterion for being such an element.
TL;DR: Theorem 1.2 as discussed by the authors classifies ergodic probability measures on the space of infinite symmetric matrices with enties in a non-discrete non-Archimedean locally compact field.
Abstract: Let $F$ be a non-discrete non-Archimedean locally compact field and $\mathcal{O}_F$ the ring of integers in $F$. The main results of this paper are Theorem 1.2 that classifies ergodic probability measures on the space $\mathrm{Mat}(\mathbb{N}, F)$ of infinite matrices with enties in $F$ with respect to the natural action of the group $\mathrm{GL}(\infty,\mathcal{O}_F) \times \mathrm{GL}(\infty,\mathcal{O}_F)$ and Theorem 1.6 that, for non-dyadic $F$, classifies ergodic probability measures on the space $\mathrm{Sym}(\mathbb{N}, F)$ of infinite symmetric matrices with respect to the natural action of the group $\mathrm{GL}(\infty,\mathcal{O}_F)$.
01 Jan 2016
TL;DR: In this paper, it was shown that there exists an algorithm that given a representation of a finite group over a number field decides whether this representation can be made integral, and that such an algorithm has polynomial running time.
Abstract: Since the early days of representation theory of finite groups in the 19th century, it was known that complex linear representations of finite groups live over number fields, that is, over finite extensions of the field of rational numbers.
While the related question of integrality of representations was answered negatively by the work of Cliff, Ritter and Weiss as well as by Serre and Feit, it was not known how to decide integrality of a given representation.
In this thesis we show that there exists an algorithm that given a representation of a finite group over a number field decides whether this representation can be made integral.
Moreover, we provide theoretical and numerical evidence for a conjecture, which predicts the existence of splitting fields of irreducible characters with integrality properties.
In the first part, we describe two algorithms for the pseudo-Hermite normal form, which is crucial when handling modules over ring of integers.
Using a newly developed computational model for ideal and element arithmetic in number fields, we show that our pseudo-Hermite normal form algorithms have polynomial running time.
Furthermore, we address a range of algorithmic questions related to orders and lattices over Dedekind domains, including computation of genera, testing local isomorphism, computation of various homomorphism rings and computation of Solomon zeta functions.
In the second part we turn to the integrality of representations of finite groups and show that an important ingredient is a thorough understanding of the reduction of lattices at almost all prime ideals.
By employing class field theory and tools from representation theory we solve this problem and eventually describe an algorithm for testing integrality.
After running the algorithm on a large set of examples we are led to a conjecture on the existence of integral and nonintegral splitting fields of characters.
By extending techniques of Serre we prove the conjecture for characters with rational character field and Schur index two.
Posted Content•
TL;DR: In this article, it was shown that the Newton polygon lies above the Hodge polygon, itself lying above a certain polygon depending on the datum, and that the total Hasse invariant is non-zero if and only if the $p$-divisible group is $\mu$-ordinary.
Abstract: We study $p$-divisible groups $G$ endowed with an action of the ring of integers of a finite (possibly ramified) extension of $\mathbb{Q}_p$ over a scheme of characteristic $p$. We suppose moreover that the $p$-divisible group $G$ satisfies the Pappas-Rapoport condition for a certain datum $\mu$ ; this condition consists in a filtration on the sheaf of differentials $\omega_G$ satisfying certain properties. Over a perfect field, we define the Hodge and Newton polygons for such $p$-divisible groups, normalized with the action. We show that the Newton polygon lies above the Hodge polygon, itself lying above a certain polygon depending on the datum $\mu$. We then construct Hasse invariants for such $p$-divisible groups over an arbitrary base scheme of characteristic $p$. We prove that the total Hasse invariant is non-zero if and only if the $p$-divisible group is $\mu$-ordinary, i.e. if its Newton polygon is minimal. Finally, we study the properties of $\mu$-ordinary $p$-divisible groups. The construction of the Hasse invariants can in particular be applied to special fibers of PEL Shimura varieties models as constructed by Pappas and Rapoport.
TL;DR: A detailed description of the arithmetic Fuchsian group of the Bolza surface and the associated quaternion order is given, enabling it to be shown that the corresponding principal congruence covers satisfy the bound on the systole.
Abstract: We give a detailed description of the arithmetic Fuchsian group of the Bolza surface and the associated quaternion order. This description enables us to show that the corresponding principal congruence covers satisfy the bound on the systole, where g is the genus. We also exhibit the Bolza group as a congruence subgroup, and calculate out a few examples of “Bolza twins” (using magma). Like the Hurwitz triplets, these correspond to the factoring of certain rational primes in the ring of integers of the invariant trace field of the surface. We exploit random sampling combined with the Reidemeister–Schreier algorithm as implemented in magma to generate these surfaces.