\documentclass[12pt,ifthen]{article} \usepackage{url} \newcommand{\lf}{\left\lfloor} \newcommand{\rf}{\right\rfloor} \newcommand{\lc}{\left\lceil} \newcommand{\rc}{\right\rceil} \newcommand{\Ceil}[1]{\left\lceil {#1}\right\rceil} \newcommand{\ceil}[1]{\left\lceil {#1}\right\rceil} \newcommand{\floor}[1]{\left\lfloor{#1}\right\rfloor} \newcommand{\abit }{\hat{a}} \newcommand{\bbit }{\hat{b}} \newcommand{\bits}[1]{\{0,1\}^{{#1}}} \newcommand{\nth}{n^{th}} \newif{\ifshowsoln} \showsolntrue \newcommand{\und}{\_\_\_\_\_\_\_\_\_} \newcommand{\Z}{\mathbb{Z}} \usepackage{amsmath} \usepackage{amssymb} % for \nmid \begin{document} \centerline{\textbf{HW 8 CMSC 456. DUE Nov 12}} \ifshowsoln \centerline{\textbf{SOLUTIONS}} \fi {\textbf{NOTE- THE HW IS FIVE PAGES LONG}} \begin{enumerate} \item (0 points) READ the syllabus- Content and Policy. What is your name? Write it clearly. What is the day of the final? \centerline{\bf GOTO NEXT PAGE} \newpage \item (Read the slides on LWE Diffie-Hellman) (WARNING: this problem continues onto the next page. Write the following programs. I highly suggest using python's numpy library to implement this easier.) \begin{enumerate} \item $GENMATRIX(n,p)$: gen a rand $n\times n$ matrix of elements of $\{0,\ldots,p-1\}$. We view entries as elements of $\Z_p$. \newline (See numpy.randint - it can generate random integer arrays. This can be done with one line) \item $GENERR(n,p)$: gen a rand $n$-vector of elements of $\{0,1,p-1\}$. \begin{itemize} \item Prob of a 0 is $\frac{n-2}{n}$ \item Prob of a 1 is $\frac{1}{n}$ \item Prob of a $p-1$ is $\frac{1}{n}$ \end{itemize} We view entries as elements of $\Z_p$. \newline (You can generate a random floating-point number in the range [0,1) with numpy.random) \item $GENDATA(n,p)$: (This is pseudocode, NOT actual python code --- you will have to translate this into actual code) \begin{enumerate} \item $A:=GENMATRIX(n,p)$ \item $\vec y:=GENERR(1/n)$ \item $\vec e_y:=GENERR(1/n)$ \item $\vec x:=GENERR(1/n)$ \item $\vec e_x:=GENERR(1/n)$ \item $a = \vec y A \vec x + (\vec y \cdot \vec e_x)$ \newline (numpy.mod(numpy.dot($\vec y, A$), p) can be used to preform a dot product over modulo p) \item $b = \vec y A \vec x + (\vec x \cdot \vec e_y)$ \item if $a\in \{0,\ldots,\floor{p/4}\} \cup \{\floor{3p/4},\ldots, p-1\}$ $\abit=0$, else $\abit=1$. \item if $b\in \{0,\ldots,\floor{p/4}\} \cup \{\floor{3p/4},\ldots, p-1\}$, $\bbit=0$, else $\bbit=1$. \item the variable {\tt agree} is YES if $\abit=\bbit$ and NO otherwise. \item Your code will output a tuple or an array of [$a,b,\abit,\bbit,agree$] \newline \newline \centerline{\bf GOTO NEXT PAGE} \newpage \item Here is a sample of printing your output: \noindent OUTPUT STARTS HERE $n=5$, $p=17$, $N=5$. \[ \begin{array}{|c|c|c|c|c|} \hline a & b & \abit & \bbit & \hbox{\tt agree} \cr \hline 3 & 2 & 0 & 0 & YES \cr 10 & 12 & 1 & 0 & NO \cr 7 & 9 & 1 & 1 & YES \cr 1 & 0 & 0 & 0 & YES \cr 5 & 6 & 0 & 0 & YES \cr \hline \end{array} \] $\abit$ and $\bbit$ agree 80\% of the time. \noindent END OF OUTPUT \bf ***Note that $N=5$ and there are five lines.*** \end{enumerate} \end{enumerate} \centerline{\bf GOTO NEXT PAGE} \newpage NOTE- For the above problems no points are given but submit anyway to help us grade the problems below which ARE for points. NOTE- THIS IS STILL PROBLEM TWO: \begin{enumerate} \item (0 points- But do it to check your program. Do not give us the output). Run program $GENDATA$ with the following inputs. %Present the entire output. %Using tabs (\textbackslash t) to delineate variables makes the output more readable. %You can pipe your code into a text file to make it easy to submit ex.~\texttt{LWE.py >> output.txt} \begin{enumerate} \item $n=4$, $p=19$ \item $n=10$, $p=23$ \end{enumerate} \item Make a method to take [$n,p,N$] as input and output (1) the percent of agreement (called peragree) (2) the percent of the time they agree and the bit is 0 (called peragree0) (3) the percent of the time they agree and the bit is 1 (called peragree1). Call this method $GENDATA2(n,p,N)$. \item Make a method to take a LIST of [$n,p,N$] inputs and output a table of the $n,p,N$ and peragree, peragree0, peragree1. Call this method $GENDATA3(n,p,N)$. A sample output is: \[ \begin{array}{|c|c|c|c|c|c|c|} \hline n & p & N & \hbox{\tt peragree} & \hbox{\tt peragree0} & \hbox{\tt peragree1} \cr \hline 5 & 17 & 5 & 80 & 45 & 55\cr 6 & 19 & 5 & 75 & 48 & 52 \cr 7 & 23 & 10 & 90 & 49 & 51 \cr \hline \end{array} \] This can be generated by printing ``n\textbackslash tp\textbackslash tN\textbackslash tperagree\textbackslash tperagree0\textbackslash tperagree1'' If you follow this format for the entries of the table, your results should line up. \item (25 points) Run $GENDATA3$ using all $5\le n\le 100$ where $n\equiv 0 \pmod 5$, % all primes $p$ where $11\le p\le 101$, primes $p\in\{7,11,31,101\}$ and $N = 1000$. % \item % (5 points) Note the highest and lowest peragree. \item (5 points) Note the highest and lowest peragree values, as well as the highest and lowest peragree0 values. \item (10 points) % From your data fill in the blanks in the following two statements % \begin{enumerate} % \item % If $n,p$ satisfy BLAH1 then peragree is over 90\% (so we are happy) large, % but if $n,p$ satisfy BLAH2 then peragree is under 60\% (so we are sad). % \item % If $n,p$ satisfy BLAH3 then peragree0 is between 48\% and 52\% (so we are happy), % but if $n,p$ satisfy BLAH4 then peragree is either under 47\% or over 53\% (so we are sad). % \end{enumerate} Try changing $GENERR$ to use the following probabilities instead: \begin{enumerate} \item Try (Prob of 0 is $1-\frac{2}{n^{2}}$, Prob of 1 and Prob of $p-1$ are $\frac{1}{n^{2}}$) \item Try (Prob of 0 is $\frac{1}{2}$, Prob of 1 and Prob of $p-1$ are $\frac{1}{4}$) \item Try (Prob of 0 is $\frac{n-4}{n}$, Prob of 1 and Prob of $p-1$ are $\frac{2}{n}$) \end{enumerate} Rerun $GENDATA3$ with the probabilities above. Look at the peragree and peragree0 values for these as well as the original distribution. Based on this, which distribution do you think works best (has high agreement and peragree0 close to $\frac{1}{2}$)? Give a brief justification why it's better than the other distributions. \end{enumerate} \centerline{\bf GOTO NEXT PAGE} \newpage \item (30 points). We assume the secret is of length $n$. For the problems below explain it so that someone who has never seen secret sharing can understand it (This is not hypothetical. Two of the TAs do not know secret sharing (except what the goal is). Lets call them J1 and J2. J1 is grading this problem and will learn this protocol from you!) \begin{enumerate} \item (15 points) Describe the random-string $(2,5)$ secret sharing scheme. You must describe both what Zelda gives out, and how any two people can determine the secret. How many strings does each person get? \item (15 points) Describe the polynomial $(2,5)$ secret sharing scheme. You must describe both what Zelda gives out, and how any two people can determine the secret. How many strings does each person get? \end{enumerate} \newpage \item (30 points) (This is not something I did in class so it may require some more thought.) For the problems below explain it so that someone who has never seen secret sharing can understand it (This is not hypothetical. Two of the TAs do not know secret sharing (except what the goal is). Lets call them J1 and J2. J2 is grading this problem and will learn this protocol from you!) Zelda has a secret $s\in\bits n$. She wants to share a secret with Alice, Bob, Carol, Donna, Edgar, Frank (A,B,C,D,E,F) such that the following happens: If Alice, Bob and ANY TWO of $\{C, D, E, F\}$ get together then they can find the secret (and of course any superset of that). No other set can find the secret. Give a scheme that achieves this. The security must be information theoretic. Both say what Zelda does and what the various combinations of people do. Discuss what happens if any set other than those above gets together. \end{enumerate} \end{document}