Card-based cryptography provides simple and practicable protocols for performing secure multi-party computation (MPC) with just a deck of cards. For the sake of simplicity, this is often done using cards with only two symbols, e.g., ♣ and ♡. Within this paper, we target the setting where all cards carry distinct symbols, catering for use-cases with commonly available standard decks and a weaker indistinguishability assumption. As of yet, the literature provides for only three protocols and no proofs for non-trivial lower bounds on the number of cards. As such complex proofs (handling very large combinatorial state spaces) tend to be involved and error-prone, we propose using formal verification for finding protocols and proving lower bounds. In this paper, we employ the technique of software bounded model checking (SBMC), which reduces the problem to a bounded state space, which is automatically searched exhaustively using a SAT solver as a backend. Our contribution is twofold: (a) We identify two protocols for converting between different bit encodings with overlapping bases, and then show them to be card-minimal. This completes the picture of tight lower bounds on the number of cards with respect to runtime behavior and shuffle properties of conversion protocols. For computing AND, we show that there is no protocol with finite runtime using four cards with distinguishable symbols and fixed output encoding, and give a four-card protocol with an expected finite runtime using only random cuts. (b) We provide a general translation of proofs for lower bounds to a bounded model checking framework for automatically finding card-and length-minimal protocols and to give additional confidence in lower bounds. We apply this to validate our method and, as an example, confirm our new AND protocol to have a shortest run for protocols using this number of cards.
We study the asymptotic behaviour of the maximum interpoint distance of random points in a planar bounded set with an unique major axis and a boundary behaving like an ellipse at the endpoints. Our main result covers the case of uniformly distributed points in an ellipse.Keywords: Maximum interpoint distance, geometric extreme value theory, Poisson process, uniform distribution in an ellipse IntroductionFor some fixed integer d ≥ 2, let X 1 , X 2 , . . . be a sequence of independent and identically distributed (i.i.d.) d-dimensional random vectors, defined on a common probability space (Ω, A, P). Writing | · | for the Euclidean norm on R d , the convergence in distribution of the suitably normalized maximum interpoint distancehas been a topic of interest for more than 20 years. Results obtained so far are mostly for the case that the distribution P X1 of X 1 is spherically symmetric, and they may roughly be classified according to whether P X1 has an unbounded or a bounded support. If X 1 has a spherically symmetric normal distribution, Matthews and Rukhin (1993) obtained a Gumbel limit distribution for M n . Henze and Klein (1996) generalized this result to the case that X 1 has a spherically symmetric Kotz distribution. An even more general spherically symmetric setting has recently been studied by Jammalamadaka and Janson (2015). In the unbounded case, Henze and Lao (2015) obtained a (non-Gumbel) limit distribution of M n if the distribution of X 1 is power-tailed spherically decomposable. This case covers certain long-tailed spherically symmetric distributions for X 1 . Finally, Demichel et al. (2014) proved several results for the diameter of an elliptical cloud.If P X1 has a bounded support, Appel et al. (2002) obtained a convolution of two Weibull distributions as limit law of M n if X 1 has uniform distribution in a planar set with unique major axis and sub-√ x decay of its boundary at the endpoints. Moreover, they derived bounds for the limit law of M n if X 1 has a uniform distribution in an ellipse. Lao (2010), and Mayer and Molchanov (2007) obtained Weibull limit distributions for M n under very general settings if the distribution of X 1 is supported by the d-dimensional unit ball B d for d ≥ 2 (including the case of a uniform distribution). Lao (2010) obtained limit laws for M n if P X1 is uniform or non-uniform in the unit square, uniform in regular polygons, or uniform in the unit d-cube, d ≥ 2. Moreover, if P X1 is uniform in a proper ellipse, she improved the lower bound on the limit distribution of M n given in Appel et al. (2002). The limit behaviour of M n if P X1 is uniform in a proper ellipse has been an open problem for many years. Without giving a proof, Jammalamadaka and Janson (2015) state that n 2/3 (2 − M n ) has a limit distribution (involving two independent Poisson processes) if X 1 has a uniform distribution in a proper ellipse with major axis 2. We generalize this result to the case that the distribution is uniform or non-uniform over a planar bounded set satisfying certain regul...
Card-based cryptography provides simple and practicable protocols for performing secure multi-party computation with just a deck of cards. For the sake of simplicity, this is often done using cards with only two symbols, e.g., $$\clubsuit $$ ♣ and $$\heartsuit $$ ♡ . Within this paper, we also target the setting where all cards carry distinct symbols, catering for use-cases with commonly available standard decks and a weaker indistinguishability assumption. As of yet, the literature provides for only three protocols and no proofs for non-trivial lower bounds on the number of cards. As such complex proofs (handling very large combinatorial state spaces) tend to be involved and error-prone, we propose using formal verification for finding protocols and proving lower bounds. In this paper, we employ the technique of software bounded model checking (SBMC), which reduces the problem to a bounded state space, which is automatically searched exhaustively using a SAT solver as a backend. Our contribution is threefold: (a) we identify two protocols for converting between different bit encodings with overlapping bases, and then show them to be card-minimal. This completes the picture of tight lower bounds on the number of cards with respect to runtime behavior and shuffle properties of conversion protocols. For computing AND, we show that there is no protocol with finite runtime using four cards with distinguishable symbols and fixed output encoding, and give a four-card protocol with an expected finite runtime using only random cuts. (b) We provide a general translation of proofs for lower bounds to a bounded model checking framework for automatically finding card- and run-minimal (i.e., the protocol has a run of minimal length) protocols and to give additional confidence in lower bounds. We apply this to validate our method and, as an example, confirm our new AND protocol to have its shortest run for protocols using this number of cards. (c) We extend our method to also handle the case of decks on symbols $$\clubsuit $$ ♣ and $$\heartsuit $$ ♡ , where we show run-minimality for two AND protocols from the literature.
We study the asymptotic behavior of the maximum interpoint distance of random points in a d-dimensional set with a unique diameter and a smooth boundary at the poles. Instead of investigating only a fixed number of n points as n tends to infinity, we consider the much more general setting in which the random points are the supports of appropriately defined Poisson processes. The main result covers the case of uniformly distributed points within a d-dimensional ellipsoid with a unique major axis. Moreover, several generalizations of the main result are established, for example a limit law for the maximum interpoint distance of random points from a Pearson type II distribution.Keywords Maximum interpoint distance · geometric extreme value theory · Poisson process · uniform distribution in an ellipsoid · Pearson Type II distributionFor some fixed integer d ≥ 2, let Z, Z 1 , Z 2 , . . . be independent and identically distributed (i.i.d.) d-dimensional random vectors, defined on a common probability space (Ω , A , P). We assume that the distribution P Z of Z is absolutely continuous with respect to Lebesgue measure. Writing | · | for the Euclidean norm on R d , the asymptotical behavior of the so-called maximum interpoint distance M n := max 1≤i, j≤nas n tends to infinity has been a topic of interest for more than 20 years. This behavior is closely related to the support S ⊂ R d of P Z , which is the smallest closed set C satisfying P Z (C) = 1. Writing diam(K) := supx,y∈K |x − y| for the diameter of a set K ⊂ R d , we obviously have M n a.s. −→ diam(S) as n → ∞, but finding sequences (a n ) n∈N and (b n ) n∈N so that a n (b n − M n ) has a non-degenerate limit distribution as n → ∞ is a much more difficult problem, which has hitherto been solved only in a few special cases. We deliberately discard the case d = 1 in what follows since thenis the well-studied sample range. Results obtained so far mostly cover the case that P Z is spherically symmetric, and they may roughly be classified according to whether P Z has an unbounded or a bounded support. If Z has a spherically symmetric normal distribution, Matthews and Rukhin (1993) obtained a Gumbel limit distribution for M n , and Henze and Klein (1996) generalized this result to the case that Z has a spherically symmetric Kotz type distribution. An even more general spherically symmetric setting with a Gumbel limit distribution has been studied by Jammalamadaka and Janson (2015). Henze and Lao (2010) studied unbounded distributions P Z , for which the norm |Z| and the directional part Z/|Z| of Z are independent and the right tail of the distribution of |Z| decays like a power law. In this case, they showed a (non-Gumbel) limit distribution of M n that can be described in terms of a suitably defined Poisson point process. Finally, Demichel et al (2015) considered unbounded elliptical distributions of the form Z = TAW, where T is a positive and unbounded random variable, A is an invertible (d × d)-dimensional matrix, and W is uniformly distributed on the sphere S d−1 ...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.