The Complexity of Compressed Membership Problems for Finite Automata

In this paper, a compressed membership problem for finite automata, both deterministic (DFAs) and non-deterministic (NFAs), with compressed transition labels is studied. The compression is represented by straight-line programs (SLPs), i.e. context-free grammars generating exactly one string. A novel technique of dealing with SLPs is employed: the SLPs are recompressed, so that substrings of the input word are encoded in SLPs labelling the transitions of the NFA (DFA) in the same way, as in the SLP representing the input text. To this end, the SLPs are locally decompressed and then recompressed in a uniform way. Furthermore, in order to reflect the recompression in the NFA, we need to modify it only a little, in particular its size stays polynomial in the input size. Using this technique it is shown that the compressed membership for NFA with compressed labels is in NP, thus confirming the conjecture of Plandowski and Rytter (Jewels Are Forever, pp. 262–272, Springer, Berlin, 1999) and extending the partial result of Lohrey and Mathissen (in CSR, LNCS, vol. 6651, pp. 275–288, Springer, Berlin, 2011); as this problem is known to be NP-hard (in Plandowski and Rytter, Jewels Are Forever, pp. 262–272, Springer, Berlin, 1999), we settle its exact computational complexity. Moreover, the same technique applied to the compressed membership for DFA with compressed labels yields that this problem is in P, and this problem is known to be P-hard (in Markey and Schnoebelen, Inf. Process. Lett. 90(1):3–6, 2004; Beaudry et al., SIAM J. Comput. 26(1):138–152, 1997).     

Simplified security notions of direct anonymous attestation and a concrete scheme from pairings

Direct Anonymous Attestation (DAA) is a cryptographic mechanism that enables remote authentication of a user while preserving privacy under the user’s control. The DAA scheme developed by Brickell, Camenisch, and Chen has been adopted by the Trust Computing Group for remote anonymous attestation of Trusted Platform Module, which is a small hardware device with limited storage space and communication capability. In this paper, we provide two contributions to DAA. We first introduce simplified security notions of DAA including the formal definitions of user controlled anonymity and traceability. We then propose a new DAA scheme from elliptic curve cryptography and bilinear maps. The lengths of private keys and signatures in our scheme are much shorter than the lengths in the original DAA scheme, with a similar level of security and computational complexity. Our scheme builds upon the Camenisch–Lysyanskaya signature scheme and is efficient and provably secure in the random oracle model under the LRSW (stands for Lysyanskaya, Rivest, Sahai and Wolf) assumption and the decisional Bilinear Diffie–Hellman assumption.     

基于格的高效通用累加器与被累加值的零知识证明

通用累加器作为一种具有数据压缩性质的重要密码学元件,其多应用于隐私保护相关的区块链系统、身份认证系统以及各类权限管理系统。研究发现目前已有的基于小整数解（SIS）问题困难性假设的通用累加器内部计算效率不高,且更新效率低。因此,本文设计并实现了首个基于环小整数解（Ring-SIS）问题困难性假设的高效通用累加器,其更新开销在平均意义上远低于以往方案,更加适用于更新操作频繁,成员数量更庞大的应用场景。另外针对Ring-SIS通用累加器内的所有成员,本文基于Schnorr-like协议框架提出了首个单轮次执行合理性错误可忽略的被累加值的零知识证明协议。     

An Efficient Algorithm for ℓ 0 Minimization in Wavelet Frame Based Image Restoration

Wavelet frame based models for image restoration have been extensively studied for the past decade (Chan et al. in SIAM J. Sci. Comput. 24(4):1408–1432, 2003; Cai et al. in Multiscale Model. Simul. 8(2):337–369, 2009; Elad et al. in Appl. Comput. Harmon. Anal. 19(3):340–358, 2005; Starck et al. in IEEE Trans. Image Process. 14(10):1570–1582, 2005; Shen in Proceedings of the international congress of mathematicians, vol. 4, pp. 2834–2863, 2010; Dong and Shen in IAS lecture notes series, Summer program on “The mathematics of image processing”, Park City Mathematics Institute, 2010). The success of wavelet frames in image restoration is mainly due to their capability of sparsely approximating piecewise smooth functions like images. Most of the wavelet frame based models designed in the past are based on the penalization of the ? ₁ norm of wavelet frame coefficients, which, under certain conditions, is the right choice, as supported by theories of compressed sensing (Candes et al. in Appl. Comput. Harmon. Anal., 2010; Candes et al. in IEEE Trans. Inf. Theory 52(2):489–509, 2006; Donoho in IEEE Trans. Inf. Theory 52:1289–1306, 2006). However, the assumptions of compressed sensing may not be satisfied in practice (e.g. for image deblurring and CT image reconstruction). Recently in Zhang et al. (UCLA CAM Report, vol. 11-32, 2011), the authors propose to penalize the ? ₀ “norm” of the wavelet frame coefficients instead, and they have demonstrated significant improvements of their method over some commonly used ? ₁ minimization models in terms of quality of the recovered images. In this paper, we propose a new algorithm, called the mean doubly augmented Lagrangian (MDAL) method, for ? ₀ minimizations based on the classical doubly augmented Lagrangian (DAL) method (Rockafellar in Math. Oper. Res. 97–116, 1976). Our numerical experiments show that the proposed MDAL method is not only more efficient than the method proposed by Zhang et al. (UCLA CAM Report, vol. 11-32, 2011), but can also generate recovered images with even higher quality. This study reassures the feasibility of using the ? ₀ “norm” for image restoration problems.     

Functional un|unparsing

Danvy??s functional unparsing problem (Danvy in J. Funct. Program. 8(6), 621?C625, 1998) is to implement a type-safe ??printf?? function, which converts a sequence of heterogeneous arguments to a string according to a given format. The dual problem is to implement a type-safe ??scanf?? function, which extracts a sequence of heterogeneous arguments from a string by interpreting (Friedman and Wand in LFP, pp. 348?C355, 1984 and in Essentials of Programming Languages, MIT Press, 2008) the same format as an equally heterogeneous sequence of patterns that binds zero or more variables. We derive multiple solutions to both problems (Wand in J. ACM 27(1), 164?C180, 1980) from their formal specifications (Wand in Theor. Comput. Sci. 20(1), 3?C32, 1982). On one hand, our solutions show how the Hindley-Milner type system, unextended, permits accessing heterogeneous sequences with the static assurance of type safety. On the other hand, our solutions demonstrate the use of control operators (Felleisen et al. in Proceedings of the 1988 ACM Conference on Lisp and Functional Programming, pp. 52?C62, ACM Press, New York, 1988; Wand in POPL 85: Conference Record of the Annual ACM Symposium on Principles of Programming Languages, vol. 16, ACM Press, New York, 1985; Meyer and Wand in Logics of Programs, Lecture Notes in Computer Science, vol. 193, pp. 219?C224, Springer, Berlin, 1985) to communicate with formats as coroutines (Wand in Proceedings of the 1980 ACM Conference on Lisp and Functional Programming, vol. 12, pp. 285?C299, ACM Press, New York, 1980 and Haynes et al. in LFP, pp. 293?C298, 1984).     

Self assembly of rectangular shapes on concentration programming and probabilistic tile assembly models

Efficient tile sets for self assembling rectilinear shapes is of critical importance in algorithmic self assembly. A lower bound on the tile complexity of any deterministic self assembly system for an n?×?n square is $\Upomega(\frac{\log(n)}{\log(\log(n))})$ (inferred from the Kolmogrov complexity). Deterministic self assembly systems with an optimal tile complexity have been designed for squares and related shapes in the past. However designing $\Uptheta(\frac{\log(n)}{\log(\log(n))})$ unique tiles specific to a shape is still an intensive task in the laboratory. On the other hand copies of a tile can be made rapidly using PCR (polymerase chain reaction) experiments. This led to the study of self assembly on tile concentration programming models. We present two major results in this paper on the concentration programming model. First we show how to self assemble rectangles with a fixed aspect ratio (??:??), with high probability, using $\Uptheta(\alpha+\beta)$ tiles. This result is much stronger than the existing results by Kao et?al. (Randomized self-assembly for approximate shapes, LNCS, vol 5125. Springer, Heidelberg, 2008) and Doty (Randomized self-assembly for exact shapes. In: proceedings of the 50th annual IEEE symposium on foundations of computer science (FOCS), IEEE, Atlanta. pp 85?C94, 2009)??which can only self assembly squares and rely on tiles which perform binary arithmetic. On the other hand, our result is based on a technique called staircase sampling. This technique eliminates the need for sub-tiles which perform binary arithmetic, reduces the constant in the asymptotic bound, and eliminates the need for approximate frames (Kao et?al. Randomized self-assembly for approximate shapes, LNCS, vol 5125. Springer, Heidelberg, 2008) . Our second result applies staircase sampling on the equimolar concentration programming model (The tile complexity of linear assemblies. In: proceedings of the 36th international colloquium automata, languages and programming: Part I on ICALP ??09, Springer-Verlag, pp 235?C253, 2009), to self assemble rectangles (of fixed aspect ratio) with high probability. The tile complexity of our algorithm is $\Uptheta(\log(n))$ and is optimal on the probabilistic tile assembly model (PTAM)??n being an upper bound on the dimensions of a rectangle.     

基于群签名构造实用数字指纹方案

数字指纹方案是一种能实现对数字数据进行版权保护的密码机制。对目前较为高效的由Camenisch与Groth提出的群签名方案进行了扩展,提出了一个实用的基于群签名的匿名数字指纹方案。新方案有如下实用特点,即客户注册成功后可以匿名地购买所需数据,且不受购买次数限制。另外,与普通群签名不同,群体中不设固定的身份撤销管理员,而是由客户自行选取用于进行身份追踪的秘密信息并充当这个角色。可以证明,新方案确保了商家、顾客、注册中心的隐私,以及顾客的匿名性。     

On an Intermediate Field Capturing Riemann Solver Based on a Parabolic Viscosity Matrix for the Two-Layer Shallow Water System

The goal of this article is to design a new approximate Riemann solver for the two-layer shallow water system which is fast compared to Roe schemes and accurate compared to Lax-Friedrichs, FORCE, or GFORCE schemes (see Castro et al. in Math. Comput. 79:1427?C1472, 2010). This Riemann solver is based on a suitable decomposition of a Roe matrix (see Toumi in J. Comput. Phys. 102(2):360?C373, 1992) by means of a parabolic viscosity matrix (see Degond et al. in C. R. Acad. Sci. Paris 1 328:479?C483, 1999) that captures some information concerning the intermediate characteristic fields. The corresponding first order numerical scheme, which is called IFCP (Intermediate Field Capturing Parabola) is linearly L ^??-stable, well-balanced, and it doesn??t require an entropy-fix technique. Some numerical experiments are presented to compare the behavior of this new scheme with Roe and GFORCE methods.     

Weights Design For Maximal Order WENO Schemes

Weighted essentially non-oscillatory (WENO) finite difference schemes, developed by Liu et al. (Comput Phys 115(1):200–212, 1994) and improved by Jiang and Shu (Comput Phys 126(1):202–228, 1996), are one of the most popular methods to approximate the solutions of hyperbolic equations. But these schemes fail to provide maximal order accuracy near smooth extrema, where the first derivative of the solution becomes zero. Some authors have addressed this problem with different weight designs. In this paper we focus on the weights proposed by Yamaleev and Carpenter (J Comput Phys 228:4248–4272, 2009). They propose new weights to provide faster weight convergence than those presented in Borges et al. (J Comput Phys 227:3191–3211, 2008) and deduce some constraints on the weights parameters to guarantee that the WENO scheme has maximal order for sufficiently smooth solutions with an arbitrary number of vanishing derivatives. We analyze the scheme with the weights proposed in Yamaleev and Carpenter (J Comput Phys 228:4248–4272, 2009) and prove that near discontinuities it achieves worse orders than classical WENO schemes. In order to solve these accuracy problems, we define new weights, based on those proposed in Yamaleev and Carpenter (J Comput Phys 228:4248–4272, 2009), and get some constraints on the weights parameters to guarantee maximal order accuracy for the resulting schemes.     

A long accumulator like a carry-save adder

Long accumulators for the exact summation of floating point numbers or products are well known tools in numerical analysis especially in algorithms verifying the result (C++ Toolbox for Verified Computing, Springer, New York, 1995). An exact dot product is one of the features of the upcoming interval standard (IEEE Interval Standard Working Group, P1788. http://grouper.ieee.org/groups/1788/). Usually an accumulator is realized as a memory block with operations to add floating point numbers and products. Several variants have been proposed to avoid carry rippling: use separate accumulators for positive and negative numbers, initialize the accu with a pattern not equal to zero, or perform a kind of carry look-ahead-technique. All these approaches are described in detail in Kulisch (Computer arithmetic and validity—theory, implementation, and applications. Series: de Gruyter Studies in Mathematics 33, 2008) and Bohlender (Computer arithmetic and self-validating numerical methods, Academic Press, San Diego, 1990). In this paper we propose a long accumulator similar to a carry-save adder. The main idea is to augment the long accumulator with cache information. The cache is used to store the carries or borrows, instead of propagating them through the whole accumulator every time. Due to the cache, operations are kept local in our approach. The full information of the exact result is represented by the accu and the cache. When we want to deliver the result we have to add the contents of the cache into the accumulator. In this paper we present an implementation in software and compare it with other approaches. Furthermore we discuss the advantages of this algorithm for a hardware implementation.     

A Simple Extension of the Osher Riemann Solver to?Non-conservative Hyperbolic Systems

We propose a simple extension of the well-known Riemann solver of Osher and Solomon (Math. Comput. 38:339?C374, 1982) to a certain class of hyperbolic systems in non-conservative form, in particular to shallow-water-type and multi-phase flow models. To this end we apply the formalism of path-conservative schemes introduced by Parés (SIAM J. Numer. Anal. 44:300?C321, 2006) and Castro et al. (Math. Comput. 75:1103?C1134, 2006). For the sake of generality and simplicity, we suggest to compute the inherent path integral numerically using a Gaussian quadrature rule of sufficient accuracy. Published path-conservative schemes to date are based on either the Roe upwind method or on centered approaches. In comparison to these, the proposed new path-conservative Osher-type scheme has several advantages. First, it does not need an entropy fix, in contrast to Roe-type path-conservative schemes. Second, our proposed non-conservative Osher scheme is very simple to implement and nonetheless constitutes a complete Riemann solver in the sense that it attributes a different numerical viscosity to each characteristic field present in the relevant Riemann problem; this is in contrast to centered methods or incomplete Riemann solvers that usually neglect intermediate characteristic fields, hence leading to excessive numerical diffusion. Finally, the interface jump term is differentiable with respect to its arguments, which is useful for steady-state computations in implicit schemes. We also indicate how to extend the method to general unstructured meshes in multiple space dimensions. We show applications of the first order version of the proposed path-conservative Osher-type scheme to the shallow water equations with variable bottom topography and to the two-fluid debris flow model of Pitman & Le. Then, we apply the higher-order multi-dimensional version of the method to the Baer?CNunziato model of compressible multi-phase flow. We also clearly emphasize the limitations of our approach in a special chapter at the end of this article.     

Dynamic reversed accumulator

Anonymous credential schemes have been widely employed to prove the authenticity of a member by revealing specific member attributes while concealing the real identity from the verifier. Furthermore, an accumulator is used to demonstrate the validity of the credential by providing a corresponding witness. In existing accumulator schemes, all credential holders must update their witnesses when a member joins or is revoked from the system, causing the schemes to become impractical. This paper examines the security of several recent accumulator schemes and proposes a novel approach, the dynamic reversed accumulator, which is more efficient than existing schemes because a corresponding witness can be updated when several members have been revoked.     

Enhancing the security of perfect blind DL-signatures

We enhance the security of Schnorr blind signatures against the novel one-more-forgery of C.P. Schnorr [Security of blind discrete log signatures against interactive attacks, in: ICICS 2001, LNCS, vol. 2229, 2001, Springer-Verlag, Berlin, pp. 1-12] and D. Wagner [A generalized birthday problem, in: Proceedings Crypto’02, LNCS, vol. 2442, Springer-Verlag, Berlin, 2002, pp. 288-303] which is possible even if the discrete logarithm is hard to compute. We show two limitations of this attack. Firstly, replacing the group G by the s-fold direct product G^×s increases the work of the attack, for a given number of signer interactions, to the s-power while increasing the work of the blind signature protocol merely by a factor s. Secondly, we bound the number of additional signatures per signer interaction that can be efficiently forged by known methods. That fraction of the additional forged signatures can be made arbitrarily small. Our security proofs assume both the random oracle and the generic group model.     

Algebraic flux correction for nonconforming finite element discretizations of scalar transport problems

This paper is concerned with the extension of the algebraic flux-correction (AFC) approach (Kuzmin in Computational fluid and solid mechanics, Elsevier, Amsterdam, pp 887–888, 2001; J Comput Phys 219:513–531, 2006; Comput Appl Math 218:79–87, 2008; J Comput Phys 228:2517–2534, 2009; Flux-corrected transport: principles, algorithms, and applications, 2nd edn. Springer, Berlin, pp 145–192, 2012; J Comput Appl Math 236:2317–2337, 2012; Kuzmin et al. in Comput Methods Appl Mech Eng 193:4915–4946, 2004; Int J Numer Methods Fluids 42:265–295, 2003; Kuzmin and Möller in Flux-corrected transport: principles, algorithms, and applications. Springer, Berlin, 2005; Kuzmin and Turek in J Comput Phys 175:525–558, 2002; J Comput Phys 198:131–158, 2004) to nonconforming finite element methods for the linear transport equation. Accurate nonoscillatory approximations to convection-dominated flows are obtained by stabilizing the continuous Galerkin method by solution-dependent artificial diffusion. Its magnitude is controlled by a flux limiter. This concept dates back to flux-corrected transport schemes. The unique feature of AFC is that all information is extracted from the system matrices which are manipulated to satisfy certain mathematical constraints. AFC schemes have been devised with conforming $P_1$ and $Q_1$ finite elements in mind but this is not a prerequisite. Here, we consider their extension to the nonconforming Crouzeix–Raviart element (Crouzeix and Raviart in RAIRO R3 7:33–76, 1973) on triangular meshes and its quadrilateral counterpart, the class of rotated bilinear Rannacher–Turek elements (Rannacher and Turek in Numer Methods PDEs 8:97–111, 1992). The underlying design principles of AFC schemes are shown to hold for (some variant of) both elements. However, numerical tests for a purely convective flow and a convection–diffusion problem demonstrate that flux-corrected solutions are overdiffusive for the Crouzeix–Raviart element. Good resolution of smooth and discontinuous profiles is attested to $Q_1^\mathrm{nc}$ approximations on quadrilateral meshes. A synthetic benchmark is used to quantify the artificial diffusion present in conforming and nonconforming high-resolution schemes of AFC-type. Finally, the implementation of efficient sparse matrix–vector multiplications is addressed.     

Computation, Implementation, Cognition

Putnam (Representations and reality. MIT Press, Cambridge, 1988) and Searle (The rediscovery of the mind. MIT Press, Cambridge, 1992) famously argue that almost every physical system implements every finite computation. This universal implementation claim, if correct, puts at the risk of triviality certain functional and computational views of the mind. Several authors have offered theories of implementation that allegedly avoid the pitfalls of universal implementation. My aim in this paper is to suggest that these theories are still consistent with a weaker result, which is the nomological possibility of systems that simultaneously implement different complex automata. Elsewhere I (Shagrir in J Cogn Sci, 2012) argue that this simultaneous implementation result challenges a computational sufficiency thesis (articulated by Chalmers in J Cogn Sci, 2012). My focus here is on theories of implementation. After presenting the basic simultaneous implementation construction, I argue that these theories do not avoid the simultaneous implementation result. The conclusion is that the idea that the implementation of the right kind of automaton suffices for a possession of a mind is dubious.     

WENO Scheme with Subcell Resolution for Computing Nonconservative Euler Equations with Applications to One-Dimensional Compressible Two-Medium Flows

High order path-conservative schemes have been developed for solving nonconservative hyperbolic systems in (Parés, SIAM J.?Numer. Anal. 44:300?C321, 2006; Castro et al., Math. Comput. 75:1103?C1134, 2006; J.?Sci. Comput. 39:67?C114, 2009). Recently, it has been observed in (Abgrall and Karni, J.?Comput. Phys. 229:2759?C2763, 2010) that this approach may have some computational issues and shortcomings. In this paper, a modification to the high order path-conservative scheme in (Castro et al., Math. Comput. 75:1103?C1134, 2006) is proposed to improve its computational performance and to overcome some of the shortcomings. This modification is based on the high order finite volume WENO scheme with subcell resolution and it uses an exact Riemann solver to catch the right paths at the discontinuities. An application to one-dimensional compressible two-medium flows of nonconservative or primitive Euler equations is carried out to show the effectiveness of this new approach.     

Second-Order Accurate Computation of Curvatures in a Level Set Framework Using Novel High-Order Reinitialization Schemes

We present a high-order accurate scheme for the reinitialization equation of Sussman et al.(J. Comput. Phys. 114:146–159, [1994]) that guarantees accurate computation of the interface’s curvatures in the context of level set methods. This scheme is an extension of the work of Russo and Smereka (J. Comput. Phys. 163:51–67, [2000]). We present numerical results in two and three spatial dimensions to demonstrate fourth-order accuracy for the reinitialized level set function, third-order accuracy for the normals and second-order accuracy for the interface’s mean curvature in the L ¹- and L ^∞-norms. We also exploit the work of Min and Gibou (UCLA CAM Report (06-22), [2006]) to show second-order accurate scheme for the computation of the mean curvature on non-graded adaptive grids.     

On the strong stability of finite difference schemes for hyperbolic systems in two space dimensions

We study the stability of some finite difference schemes for symmetric hyperbolic systems in two space dimensions. For the so-called upwind scheme and the Lax–Wendroff scheme with a stabilizer, we show that stability is equivalent to strong stability, meaning that both schemes are either unstable or $\ell ^2$ -decreasing. These results improve on a series of partial results on strong stability. We also show that, for the Lax–Wendroff scheme without stabilizer, strong stability may not occur no matter how small the CFL parameters are chosen. This partially invalidates some of Turkel’s conjectures in Turkel (16(2):109–129, 1977).     

Spectral schemes as ringed lattices

We give a point-free definition of a Grothendieck scheme whose underlying topological space is spectral. Affine schemes aside, the prime examples are the projective spectrum of a graded ring and the space of valuations corresponding to an abstract nonsingular curve. With the appropriate notion of a morphism between spectral schemes, elementary proofs of the universal properties become possible. “What would have happened if topologies without points had been discovered before topologies with points, or if Grothendieck had known the theory of distributive lattices?” Gian-Carlo Rota, Indiscrete Thoughts. Birkhäuser (1997), p. 220