44Publications

3,682Citation Statements Received

770Citation Statements Given

How they've been cited

4,018

31

3,650

1

How they cite others

995

5

762

3

Publications

Order By: Most citations

A key distribution scheme for dynamic conferences is a method by which initially an (off-line) trusted server distributes private individual pieces of information to a set of users. Later any group of users of a given size (a dynamic conference) is able to compute a common secure key. In this paper we study the theory and applications of such perfectly secure systems, In this setting, any group of t users can compute a common key by each user computing using only his private piece of information and the identities of the other t-1 group users. Keys are secure against coalitions of up to k users, that is, even if E users pool together their pieces they cannot compute anything about a key of any t-size conference comprised of other users. First we consider a non-interactive model where users compute the common key without any interaction. We prove a lower bound on the size of the user's piece of information of ("2; ') times the size of the common key. W e then establish the optimality of this bound, by describing and analyzing a scheme which exactly meets this limitatioii (the construction extends the one in [2]). Then, we consider the model where interaction is allowed in the common key computation phase, and show a gap between the models by exhibiting an interactive scheme in which the user's information is only k + t-1 times the size of the common key. We further show various applications and useful modifications of our basic scheme. Finally, we present its adaptation to network topologies with neighborhood constraints.

This article presents a fast distributed algorithm to compute a small k-dominat-Ž . Ž ing set D for any fixed k and to compute its induced graph partition breaking . the graph into radius k clusters centered around the vertices of D . The time Ž . complexity of the algorithm is O k log* n . Small k-dominating sets have applications in a number of areas, including routing with sparse routing tables, the design of distributed data structures, and center selection in a distributed network. The main application described in this article concerns a fast distributed algorithm for Ž . constructing a minimum-weight spanning tree MST . On an n-vertex network of ' Ž . diameter d, the new algorithm constructs an MST in time O n log* n q d , improving on previous results.

This paper addresses the problem of locally verifying global properties. Several natural questions are studied, such as "how expensive is local verification?" and more specifically, "how expensive is local verification compared to computation?" A suitable model is introduced in which these questions are studied in terms of the number of bits a vertex needs to communicate. The model includes the definition of a proof labeling scheme (a pair of algorithmsone to assign the labels, and one to use them to verify that the global property holds). In addition, approaches are presented for the efficient construction of schemes, and upper and lower bounds are established on the bit complexity of schemes for multiple basic problems. The paper also studies the role and cost of unique identities in terms of impossibility and complexity, in the context of proof labeling schemes. Previous studies on related questions deal with distributed algorithms that simultaneously compute a configuration and verify that this configuration has a certain desired property. It turns out that this combined approach enables the verification to be less costly sometimes, since the configuration is typically generated so as to be easily verifiable. In contrast, our approach separates the configuration design from the verification. That is, it first generates the desired configuration without bothering with the need to verify it, and then handles the task of constructing a suitable verification scheme. Our approach thus allows for a more modular design of algorithms, and has the potential to aid in verifying properties even when the original design of the structures for maintaining them was done without verification in mind.

A key distribution scheme for dynamic conferences is a method by which initially an (off-line) trusted server distributes private individual pieces of information to a set of users. Later any group of users of a given size (a dynamic conference) is able to compute a common secure key. In this paper we study the theory and applications of such perfectly secure systems, In this setting, any group of t users can compute a common key by each user computing using only his private piece of information and the identities of the other t-1 group users. Keys are secure against coalitions of up to k users, that is, even if E users pool together their pieces they cannot compute anything about a key of any t-size conference comprised of other users. First we consider a non-interactive model where users compute the common key without any interaction. We prove a lower bound on the size of the user's piece of information of ("2; ') times the size of the common key. W e then establish the optimality of this bound, by describing and analyzing a scheme which exactly meets this limitatioii (the construction extends the one in [2]). Then, we consider the model where interaction is allowed in the common key computation phase, and show a gap between the models by exhibiting an interactive scheme in which the user's information is only k + t-1 times the size of the common key. We further show various applications and useful modifications of our basic scheme. Finally, we present its adaptation to network topologies with neighborhood constraints.

Electing a leader is a fundamental task in distributed computing. In its implicit version, only the leader must know who is the elected leader. This paper focuses on studying the message and time complexity of randomized implicit leader election in synchronous distributed networks. Surprisingly, the most "obvious" complexity bounds have not been proven for randomized algorithms. In particular, the seemingly obvious lower bounds of Ω(m) messages, where m is the number of edges in the network, and Ω(D) time, where D is the network diameter, are non-trivial to show for randomized (Monte Carlo) algorithms. (Recent results, showing that even Ω(n), where n is the number of nodes in the network, is not a lower bound on the messages in complete networks, make the above bounds somewhat less obvious). To the best of our knowledge, these basic lower bounds have not been established even for deterministic algorithms, except for the restricted case of comparison algorithms, where it was also required that nodes may not wake up spontaneously and that D and n were not known. We establish these fundamental lower bounds in this paper for the general case, even for randomized Monte Carlo algorithms. Our lower bounds are universal in the sense that they hold for all universal algorithms (namely, algorithms that work for all graphs), apply to every D, m, and n, and hold even if D, m, and n are known, all the nodes wake up simultaneously, and the algorithms can make any use of node's identities. An interesting fundamental problem is whether both upper bounds (messages and time) can be reached simultaneously in the randomized setting for all graphs. The answer is known to be negative in the deterministic setting. We answer this problem partially by presenting a randomized algorithm that matches both complexities in some cases. This already separates (for some cases) randomized algorithms from deterministic ones. As first steps towards the general case, we present several universal leader election algorithms with bounds that trade-off messages versus time. We view our results as a step towards understanding the complexity of universal leader election in distributed networks.

Wattenhofer et al.[WW04] derive a complicated distributed algorithm to compute a weighted matching of an arbitrary weighted graph, that is at most a factor 5 away from the maximum weighted matching of that graph. We show that a variant of the obvious sequential greedy algorithm [Pre99], that computes a weighted matching at most a factor 2 away from the maximum, is easily distributed. This yields the best known distributed approximation algorithm for this problem so far.

This paper considers the question of identifying the parameters governing the behavior of fundamental global network problems. Many papers on distributed network algorithms consider the task of optimizing the running time successful when an O(n) bound is achieved on an n-vertex network. We propose that a more sensitive parameter is the network's diameter Diam. This is demonstrated in the paper by providing a distributed Minimum-weight Spanning Tree algorithm whose time complexity is sub-linear in n , but linear in Diam (specifically, O(Diam+ Our result is achieved through the application of graph decomposition and edge elimination techniques that may be of independent interest. 'I.B.M. T.J. Watson Research Center, P.O. Box 704, Yorktown Heights, New York 10598, USA. garayesatson. ibm. cop. Part of the work was done while visiting the Weizmann Institute of Science, Rehovot, Israel. t1.B.M. T.J. Watson Research Center, P.O. Box 704, Yorktown Heights, New York 10598, USA. kuttenesatson. ika.com.

scite is a Brooklyn-based startup that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Copyright © 2023 scite Inc. All rights reserved.

Made with 💙 for researchers