Nisheeth vishnoi

The Closest Vector is Hard to The Closest Vector is Hard to

ApproximateApproximateand now, for unlimited time onlyand now, for unlimited time only

with with PrePre--Processing !!Processing !!

The Closest Vector is Hard to The Closest Vector is Hard to

ApproximateApproximateand now, for unlimited time onlyand now, for unlimited time only

with with PrePre--Processing !!Processing !!

Nisheeth vishnoi

Subhash Khot

Michael Alekhnovich

Joint work with

Guy KindlerGuy KindlerMicrosoft ResearchMicrosoft Research

In this talk:In this talk:

LatticesLattices

The closest vector problem: backgroundThe closest vector problem: background

Our results: NP-hardness for Our results: NP-hardness for CV-PPCV-PP

Proving hardness with preprocessingProving hardness with preprocessing

Something about our proof: new property of Something about our proof: new property of

PCPsPCPs

A A lattice,lattice, LL: A discrete additive subgroup of : A discrete additive subgroup of RRnn..

A A basisbasis for for LL: : bb11,…,b,…,bnn22RRnn, s.t. , s.t. L={L={iiaaiibbii : :

aa11,..,a,..,ann22ZZ}}..

The Closest Vector Problem (The Closest Vector Problem (CVPCVP))The Closest Vector Problem (The Closest Vector Problem (CVPCVP))

CVPCVP: Given a lattice : Given a lattice LL and a target vector and a target vector tt,,

find the point in find the point in LL closest to closest to tt in inllpp distance. distance.

[Regev Ronen 05][Regev Ronen 05] Hardness results in Hardness results in ll22 carry for any carry for any llpp..

[Ajtai Kumar Sivakumar 01]:[Ajtai Kumar Sivakumar 01]: 22O(nloglog(n)/log n)O(nloglog(n)/log n)=2=2o(n)o(n) approx. approx.

[Dinur Kindler Raz Safra 98]:[Dinur Kindler Raz Safra 98]: nnO(1/loglog n)O(1/loglog n)=n=no(1)o(1) hardness. hardness.

[Lagarias Lenstra Schnorr 90, Banaszczyk 93, Goldreich [Lagarias Lenstra Schnorr 90, Banaszczyk 93, Goldreich

Goldwasser 00, Aharonov Regev 04]Goldwasser 00, Aharonov Regev 04] NP-hardness of NP-hardness of (n/log (n/log

n)n)1/21/2 would collapse the polynomial hierarchy. would collapse the polynomial hierarchy.

Motivation for studying Motivation for studying CVPCVPMotivation for studying Motivation for studying CVPCVP

[Ajtai 96]:[Ajtai 96]: Worst case to average case reductions for Worst case to average case reductions for

lattice problems. lattice problems.

[Ajtai Dwork 97][Ajtai Dwork 97] Based cryptosystems on lattice Based cryptosystems on lattice

problems.problems.

[Goldreich Goldwasser Halevi 97][Goldreich Goldwasser Halevi 97] Cryptosystem based on Cryptosystem based on

CVPCVP..

[Micciancio Vadhan 03] [Micciancio Vadhan 03] Identification scheme based on Identification scheme based on

(n/log n)(n/log n)1/2 1/2 hardness for hardness for CVPCVP..tt – message.

LL – coding function: known in advance, and reused.

Is it safe to reuse Is it safe to reuse LL as key? as key?Is it safe to reuse Is it safe to reuse LL as key? as key?

CV-PPCV-PP: :

Preprocess Preprocess LL for unlimited time, for unlimited time,

Given Given tt, solve , solve CVPCVP on on LL,,tt..

[Kannan 87, Lagarias Lenstra Schnorr 90, Aharonov Regev ] [Kannan 87, Lagarias Lenstra Schnorr 90, Aharonov Regev ]

O(nO(n1/21/2))-approx. for -approx. for CV-PPCV-PP..

[Feige Micciancio 02][Feige Micciancio 02] (5/3)(5/3)1/p1/p approx. hardness for approx. hardness for CV-PPCV-PP..

[Regev 03][Regev 03] 331/p1/p approx. hardness for approx. hardness for CV-PPCV-PP..

Our ResultsOur ResultsOur ResultsOur Results

Thm:Thm: CV-PPCV-PP in NP-hard(!) to approximate within in NP-hard(!) to approximate within any any

constantconstant. Also applies to . Also applies to NC-PPNC-PP..

Unless NPUnless NPµµDTIME(DTIME(22polylog npolylog n), ),

NC-PPNC-PP is hard to approximate within is hard to approximate within (log n)(log n)1-1-

CV-PPCV-PP is hard to approximate within is hard to approximate within (log n)(log n)(1/p)-(1/p)-

1st Proof :1st Proof : By reduction from By reduction from E-k-HVCE-k-HVC [DGKR 03][DGKR 03]..

2nd proof:2nd proof: Using PCP-PP constructions, plus Using PCP-PP constructions, plus

smoothing smoothing technique of technique of [Khot 02][Khot 02]..

Proving hardness with Proving hardness with preprocessingpreprocessing

Hardness of approximation within gap Hardness of approximation within gap gg::

II22 ¦¦ )) dist(t,L)dist(t,L)·· d d

II ¦ ¦ )) dist(t,L)dist(t,L)¸̧ d d¢¢gg

I: Instance of

¦2NPC

I: Instance of

¦2NPCReductionReduction L , tL , t

Proving hardness with Proving hardness with preprocessingpreprocessing

I: Instance of

¦2NPC

I: Instance of

¦2NPCReductionReduction L , tL , t

Hardness of approximation within Hardness of approximation within gg, with preprocessing:, with preprocessing:

Size of ISize of I Partial Input Generator

Partial Input Generator

Preprocessed L

II22 ¦ ¦ )) dist(t,L)dist(t,L)·· d d

II ¦¦ )) dist(t,L)dist(t,L)¸̧ d d¢¢gg

Hardness of approximation within gap Hardness of approximation within gap gg::

I: Instance of

¦2NPC

I: Instance of

¦2NPCReductionReduction

PCP with preprocessing (PCP with preprocessing (PCP-PPPCP-PP))PCP with preprocessing (PCP with preprocessing (PCP-PPPCP-PP))

Preprocessed L

LEFTLEFT

RIGHTRIGHT

PCP-PPII22 ¦ ¦ )) dist(t,L)dist(t,L)·· d d

II ¦ ¦ )) dist(t,L)dist(t,L)¸̧ d d¢¢gg

PCPPCP: Gap version of Q: Gap version of Quadratic equationsuadratic equations..

xx22+2xy=7+2xy=7xx22+z+z22=5=5

I: Instance of

¦2NPC

I: Instance of

LEFTLEFT

RIGHTRIGHT

PCP-PPII22 ¦ ¦ ) ) opt(LEFT,RIGHT)=1opt(LEFT,RIGHT)=1

II ¦ ¦ ) ) opt(LEFT,RIGHT)opt(LEFT,RIGHT)··c<1c<1

xx22+2xy=7+2xy=7xx22+z+z22=5=5

I: Instance of

¦2NPC

I: Instance of

LEFTLEFT

RIGHTRIGHT

PCP-PP

Size of ISize of I

I: Instance of

¦2NPC

I: Instance of

¦2NPC

LEFTLEFT

RIGHTRIGHT

Preprocessed L

PCP-PP

PCP-PPPCP-PP construction constructionPCP-PPPCP-PP construction construction

LEFTLEFT

RIGHTRIGHT

PCP-PP

Just (carefully) apply usual

PCP construction!

Just (carefully) apply usual

PCP construction!

Open problemsOpen problemsOpen problemsOpen problems

Get better hardness parameters for CV-PP Get better hardness parameters for CV-PP

(perhaps using methods from (perhaps using methods from [DKRS 98][DKRS 98]).).

Get improved hardness results for lattice Get improved hardness results for lattice

problems, under stronger assumptions than NPproblems, under stronger assumptions than NPP.P.

Find more uses for Find more uses for PCP-PPPCP-PP constructions. constructions.

Nisheeth vishnoi

Documents

Supplementary Information selenides Photochemical HER ...Manaswee Barua, Mohd Monis Ayyub, Pratap Vishnoi, K. Pramoda and C.N.R. Rao * New Chemistry Unit, Sheikh Saqr Laboratory, School

Isolating a Vertex via Lattices: Polytopes with Totally ...rgurjar/papers/TUM.pdf · Polytopes with Totally Unimodular Faces Rohit Gurjar 1, Thomas Thieraufy2, and Nisheeth K. Vishnoi3

Performance of Wind Projects Versus Pre- Construction ... · Performance of Wind Projects Versus Pre-Construction Estimate - India Apoorv Vishnoi Apoorv.vishnoi@vaisala.com Energy

Geodesic Convex Optimization: Di erentiation on …Geodesic Convex Optimization: Di erentiation on Manifolds, Geodesics, and Convexity Nisheeth K. Vishnoi EPFL, Switzerland June 19,

Environmental ethics, community and sustainability · 2019-07-18 · Example: Bishnoi community lives in harmony with nature The Bishnoi (also called Vishnoi) is a religious group

Surendra Kumar Vishnoi - CSE · Surendra Kumar Vishnoi to the DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING INDIAN INSTITUTE OF TECHNOLOGY,KANPUR May 2006. This is to certify that

ANNUAL REPORT 2011-2012 · Ms. Garima Vishnoi CORPORATE PROFILE BOARD OF DIRECTORS EXECUTIVE CHAIRMAN AND MANAGING DIRECTOR MR. SANJIV AGARWAL Dear Fellow Shareowners,

ADMIT CARD for Microsoft India CAMPUS DRIVE 2012-2013 Admit Cards CSEIT.pdf · Dear GARIMA VISHNOI, Microsoft Registration Number – CD061F0004 CONGRATULATIONS on being shortlisted

SDP Based Approach for Graph Partitioning and Embedding Negative Type Metrics into L 1 Subhash Khot (Georgia Tech) Nisheeth K. Vishnoi (IBM Research and

Introduction to Programming, Basic Structure of C Programs · Introduction to Programming, Basic Structure of C Programs . Nisheeth . 1 . Announcements Please make sure you know your

Classical conditioning via inference over observable ...home.iitk.ac.in/~nsrivast/css2014a.pdfClassical conditioning via inference over observable situation contexts Nisheeth Srivastava

Rejected New Registration (Online & Offline) Year 2016-17 ... · madhu gopi kishan vishnoi kamlesh kumar sangita kumari mohammad kayum samaratha ram dinesh kumar sharwan kumar mama

Dr Surta Ram Vishnoi Work Profile

GNM ADMISSION 2013-14 MERIT LIST OBC (FEMALE …rajswasthya.nic.in/Final Merit List 25.09.2013/Female/Female_OBC...3 f-05106 obc b komal vishnoi / mohan ram vishnoi jaisalmer 02-02

Nisheeth singh CH wam - EPCC Workshop 3/Nisheeth... · EPCC, Lofthus, 2007 June 10 th-13 th 1/25 1. Why WAM 2. First Wide Area Application 3. System Structure 4. Monitoring of UCTE

ANNUAL REPORT 2011-2012 - Tirupati Inks · Ms. Garima Vishnoi CORPORATE PROFILE BOARD OF DIRECTORS EXECUTIVE CHAIRMAN AND MANAGING DIRECTOR MR. SANJIV AGARWAL Dear Fellow Shareowners,

Institute for Advanced Study, April 16 2012 Sushant Sachdeva Princeton University Joint work with Lorenzo Orecchia, Nisheeth K. Vishnoi Linear Time Graph

Vol - 4, Issue - 3, Apr-Jul 2013 ISSN: 0976-7908 Vishnoi et al...Nishi Gupta, Garima Vishnoi*, Ankita Wal, Pranay Wal Research Scholar, PSIT Kanpur. ABSTRACT Malaria is still the most

The Unique Games Conjecture, Integrality Gap for Cut ...Nisheeth K. Vishnoi IBM India Research Lab, Block-1 IIT Delhi, Hauz Khas, New Delhi 110016, India. Email: nvishnoi@in.ibm.com

Nisheeth - CSE retrieval.pdf · (=0) or too many (1000s) results. • Query 1: “ standard user dlink 650 ” → 200,000 hits • Query 2: “ standard user dlink 650 no card found