--- _id: '14888' abstract: - lang: eng text: 'A face in a curve arrangement is called popular if it is bounded by the same curve multiple times. Motivated by the automatic generation of curved nonogram puzzles, we investigate possibilities to eliminate the popular faces in an arrangement by inserting a single additional curve. This turns out to be NP-hard; however, it becomes tractable when the number of popular faces is small: We present a probabilistic FPT-approach in the number of popular faces.' acknowledgement: 'This work was initiated at the 16th European Research Week on Geometric Graphs in Strobl in 2019. A.W. is supported by the Austrian Science Fund (FWF): W1230. S.T. has been funded by the Vienna Science and Technology Fund (WWTF) [10.47379/ICT19035]. A preliminary version of this work has been presented at the 38th European Workshop on Computational Geometry (EuroCG 2022) in Perugia [9]. A full version of this paper, which includes appendices but is otherwise identical, is available as a technical report [10].' alternative_title: - LNCS article_processing_charge: No author: - first_name: Phoebe full_name: De Nooijer, Phoebe last_name: De Nooijer - first_name: Soeren full_name: Terziadis, Soeren last_name: Terziadis - first_name: Alexandra full_name: Weinberger, Alexandra last_name: Weinberger - first_name: Zuzana full_name: Masárová, Zuzana id: 45CFE238-F248-11E8-B48F-1D18A9856A87 last_name: Masárová orcid: 0000-0002-6660-1322 - first_name: Tamara full_name: Mchedlidze, Tamara last_name: Mchedlidze - first_name: Maarten full_name: Löffler, Maarten last_name: Löffler - first_name: Günter full_name: Rote, Günter last_name: Rote citation: ama: 'De Nooijer P, Terziadis S, Weinberger A, et al. Removing popular faces in curve arrangements. In: 31st International Symposium on Graph Drawing and Network Visualization. Vol 14466. Springer Nature; 2024:18-33. doi:10.1007/978-3-031-49275-4_2' apa: 'De Nooijer, P., Terziadis, S., Weinberger, A., Masárová, Z., Mchedlidze, T., Löffler, M., & Rote, G. (2024). Removing popular faces in curve arrangements. In 31st International Symposium on Graph Drawing and Network Visualization (Vol. 14466, pp. 18–33). Isola delle Femmine, Palermo, Italy: Springer Nature. https://doi.org/10.1007/978-3-031-49275-4_2' chicago: De Nooijer, Phoebe, Soeren Terziadis, Alexandra Weinberger, Zuzana Masárová, Tamara Mchedlidze, Maarten Löffler, and Günter Rote. “Removing Popular Faces in Curve Arrangements.” In 31st International Symposium on Graph Drawing and Network Visualization, 14466:18–33. Springer Nature, 2024. https://doi.org/10.1007/978-3-031-49275-4_2. ieee: P. De Nooijer et al., “Removing popular faces in curve arrangements,” in 31st International Symposium on Graph Drawing and Network Visualization, Isola delle Femmine, Palermo, Italy, 2024, vol. 14466, pp. 18–33. ista: 'De Nooijer P, Terziadis S, Weinberger A, Masárová Z, Mchedlidze T, Löffler M, Rote G. 2024. Removing popular faces in curve arrangements. 31st International Symposium on Graph Drawing and Network Visualization. GD: Graph Drawing and Network Visualization, LNCS, vol. 14466, 18–33.' mla: De Nooijer, Phoebe, et al. “Removing Popular Faces in Curve Arrangements.” 31st International Symposium on Graph Drawing and Network Visualization, vol. 14466, Springer Nature, 2024, pp. 18–33, doi:10.1007/978-3-031-49275-4_2. short: P. De Nooijer, S. Terziadis, A. Weinberger, Z. Masárová, T. Mchedlidze, M. Löffler, G. Rote, in:, 31st International Symposium on Graph Drawing and Network Visualization, Springer Nature, 2024, pp. 18–33. conference: end_date: 2023-09-22 location: Isola delle Femmine, Palermo, Italy name: 'GD: Graph Drawing and Network Visualization' start_date: 2023-09-20 date_created: 2024-01-28T23:01:43Z date_published: 2024-01-06T00:00:00Z date_updated: 2024-01-29T09:45:06Z day: '06' department: - _id: UlWa - _id: HeEd doi: 10.1007/978-3-031-49275-4_2 external_id: arxiv: - '2202.12175' intvolume: ' 14466' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2202.12175 month: '01' oa: 1 oa_version: Preprint page: 18-33 publication: 31st International Symposium on Graph Drawing and Network Visualization publication_identifier: eissn: - 1611-3349 isbn: - '9783031492747' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Removing popular faces in curve arrangements type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14466 year: '2024' ... --- _id: '12854' abstract: - lang: eng text: "The main idea behind BUBAAK is to run multiple program analyses in parallel and use runtime monitoring and enforcement to observe and control their progress in real time. The analyses send information about (un)explored states of the program and discovered invariants to a monitor. The monitor processes the received data and can force an analysis to stop the search of certain program parts (which have already been analyzed by other analyses), or to make it utilize a program invariant found by another analysis.\r\nAt SV-COMP 2023, the implementation of data exchange between the monitor and the analyses was not yet completed, which is why BUBAAK only ran several analyses in parallel, without any coordination. Still, BUBAAK won the meta-category FalsificationOverall and placed very well in several other (sub)-categories of the competition." acknowledgement: This work was supported by the ERC-2020-AdG 10102009 grant. alternative_title: - LNCS article_processing_charge: No author: - first_name: Marek full_name: Chalupa, Marek id: 87e34708-d6c6-11ec-9f5b-9391e7be2463 last_name: Chalupa - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 citation: ama: 'Chalupa M, Henzinger TA. Bubaak: Runtime monitoring of program verifiers. In: Tools and Algorithms for the Construction and Analysis of Systems. Vol 13994. Springer Nature; 2023:535-540. doi:10.1007/978-3-031-30820-8_32' apa: 'Chalupa, M., & Henzinger, T. A. (2023). Bubaak: Runtime monitoring of program verifiers. In Tools and Algorithms for the Construction and Analysis of Systems (Vol. 13994, pp. 535–540). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-30820-8_32' chicago: 'Chalupa, Marek, and Thomas A Henzinger. “Bubaak: Runtime Monitoring of Program Verifiers.” In Tools and Algorithms for the Construction and Analysis of Systems, 13994:535–40. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-30820-8_32.' ieee: 'M. Chalupa and T. A. Henzinger, “Bubaak: Runtime monitoring of program verifiers,” in Tools and Algorithms for the Construction and Analysis of Systems, Paris, France, 2023, vol. 13994, pp. 535–540.' ista: 'Chalupa M, Henzinger TA. 2023. Bubaak: Runtime monitoring of program verifiers. Tools and Algorithms for the Construction and Analysis of Systems. TACAS: Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 13994, 535–540.' mla: 'Chalupa, Marek, and Thomas A. Henzinger. “Bubaak: Runtime Monitoring of Program Verifiers.” Tools and Algorithms for the Construction and Analysis of Systems, vol. 13994, Springer Nature, 2023, pp. 535–40, doi:10.1007/978-3-031-30820-8_32.' short: M. Chalupa, T.A. Henzinger, in:, Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature, 2023, pp. 535–540. conference: end_date: 2023-04-27 location: Paris, France name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2023-04-22 date_created: 2023-04-20T08:22:53Z date_published: 2023-04-20T00:00:00Z date_updated: 2023-04-25T07:02:43Z day: '20' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-031-30820-8_32 ec_funded: 1 file: - access_level: open_access checksum: 120d2c2a38384058ad0630fdf8288312 content_type: application/pdf creator: dernst date_created: 2023-04-25T06:58:36Z date_updated: 2023-04-25T06:58:36Z file_id: '12864' file_name: 2023_LNCS_Chalupa.pdf file_size: 16096413 relation: main_file success: 1 file_date_updated: 2023-04-25T06:58:36Z has_accepted_license: '1' intvolume: ' 13994' language: - iso: eng license: https://creativecommons.org/licenses/by/4.0/ month: '04' oa: 1 oa_version: Published Version page: 535-540 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: Tools and Algorithms for the Construction and Analysis of Systems publication_identifier: eisbn: - '9783031308208' eissn: - 1611-3349 isbn: - '9783031308192' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: 'Bubaak: Runtime monitoring of program verifiers' tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13994 year: '2023' ... --- _id: '12856' abstract: - lang: eng text: "As the complexity and criticality of software increase every year, so does the importance of run-time monitoring. Third-party monitoring, with limited knowledge of the monitored software, and best-effort monitoring, which keeps pace with the monitored software, are especially valuable, yet underexplored areas of run-time monitoring. Most existing monitoring frameworks do not support their combination because they either require access to the monitored code for instrumentation purposes or the processing of all observed events, or both.\r\n\r\nWe present a middleware framework, VAMOS, for the run-time monitoring of software which is explicitly designed to support third-party and best-effort scenarios. The design goals of VAMOS are (i) efficiency (keeping pace at low overhead), (ii) flexibility (the ability to monitor black-box code through a variety of different event channels, and the connectability to monitors written in different specification languages), and (iii) ease-of-use. To achieve its goals, VAMOS combines aspects of event broker and event recognition systems with aspects of stream processing systems.\r\nWe implemented a prototype toolchain for VAMOS and conducted experiments including a case study of monitoring for data races. The results indicate that VAMOS enables writing useful yet efficient monitors, is compatible with a variety of event sources and monitor specifications, and simplifies key aspects of setting up a monitoring system from scratch." acknowledgement: This work was supported in part by the ERC-2020-AdG 101020093. The authors would like to thank the anonymous FASE reviewers for their valuable feedback and suggestions. alternative_title: - LNCS article_processing_charge: No author: - first_name: Marek full_name: Chalupa, Marek id: 87e34708-d6c6-11ec-9f5b-9391e7be2463 last_name: Chalupa - first_name: Fabian full_name: Mühlböck, Fabian id: 6395C5F6-89DF-11E9-9C97-6BDFE5697425 last_name: Mühlböck orcid: 0000-0003-1548-0177 - first_name: Stefanie full_name: Muroya Lei, Stefanie id: a376de31-8972-11ed-ae7b-d0251c13c8ff last_name: Muroya Lei - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 citation: ama: 'Chalupa M, Mühlböck F, Muroya Lei S, Henzinger TA. Vamos: Middleware for best-effort third-party monitoring. In: Fundamental Approaches to Software Engineering. Vol 13991. Springer Nature; 2023:260-281. doi:10.1007/978-3-031-30826-0_15' apa: 'Chalupa, M., Mühlböck, F., Muroya Lei, S., & Henzinger, T. A. (2023). Vamos: Middleware for best-effort third-party monitoring. In Fundamental Approaches to Software Engineering (Vol. 13991, pp. 260–281). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-30826-0_15' chicago: 'Chalupa, Marek, Fabian Mühlböck, Stefanie Muroya Lei, and Thomas A Henzinger. “Vamos: Middleware for Best-Effort Third-Party Monitoring.” In Fundamental Approaches to Software Engineering, 13991:260–81. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-30826-0_15.' ieee: 'M. Chalupa, F. Mühlböck, S. Muroya Lei, and T. A. Henzinger, “Vamos: Middleware for best-effort third-party monitoring,” in Fundamental Approaches to Software Engineering, Paris, France, 2023, vol. 13991, pp. 260–281.' ista: 'Chalupa M, Mühlböck F, Muroya Lei S, Henzinger TA. 2023. Vamos: Middleware for best-effort third-party monitoring. Fundamental Approaches to Software Engineering. FASE: Fundamental Approaches to Software Engineering, LNCS, vol. 13991, 260–281.' mla: 'Chalupa, Marek, et al. “Vamos: Middleware for Best-Effort Third-Party Monitoring.” Fundamental Approaches to Software Engineering, vol. 13991, Springer Nature, 2023, pp. 260–81, doi:10.1007/978-3-031-30826-0_15.' short: M. Chalupa, F. Mühlböck, S. Muroya Lei, T.A. Henzinger, in:, Fundamental Approaches to Software Engineering, Springer Nature, 2023, pp. 260–281. conference: end_date: 2023-04-27 location: Paris, France name: 'FASE: Fundamental Approaches to Software Engineering' start_date: 2023-04-22 date_created: 2023-04-20T08:29:42Z date_published: 2023-04-20T00:00:00Z date_updated: 2023-04-25T07:19:07Z day: '20' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-031-30826-0_15 ec_funded: 1 file: - access_level: open_access checksum: 17a7c8e08be609cf2408d37ea55e322c content_type: application/pdf creator: dernst date_created: 2023-04-25T07:16:36Z date_updated: 2023-04-25T07:16:36Z file_id: '12865' file_name: 2023_LNCS_ChalupaM.pdf file_size: 580828 relation: main_file success: 1 file_date_updated: 2023-04-25T07:16:36Z has_accepted_license: '1' intvolume: ' 13991' language: - iso: eng month: '04' oa: 1 oa_version: Published Version page: 260-281 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: Fundamental Approaches to Software Engineering publication_identifier: eisbn: - '9783031308260' eissn: - 1611-3349 isbn: - '9783031308253' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '12407' relation: earlier_version status: public status: public title: 'Vamos: Middleware for best-effort third-party monitoring' tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13991 year: '2023' ... --- _id: '13143' abstract: - lang: eng text: "GIMPS and PrimeGrid are large-scale distributed projects dedicated to searching giant prime numbers, usually of special forms like Mersenne and Proth primes. The numbers in the current search-space are millions of digits large and the participating volunteers need to run resource-consuming primality tests. Once a candidate prime N has been found, the only way for another party to independently verify the primality of N used to be by repeating the expensive primality test. To avoid the need for second recomputation of each primality test, these projects have recently adopted certifying mechanisms that enable efficient verification of performed tests. However, the mechanisms presently in place only detect benign errors and there is no guarantee against adversarial behavior: a malicious volunteer can mislead the project to reject a giant prime as being non-prime.\r\nIn this paper, we propose a practical, cryptographically-sound mechanism for certifying the non-primality of Proth numbers. That is, a volunteer can – parallel to running the primality test for N – generate an efficiently verifiable proof at a little extra cost certifying that N is not prime. The interactive protocol has statistical soundness and can be made non-interactive using the Fiat-Shamir heuristic.\r\nOur approach is based on a cryptographic primitive called Proof of Exponentiation (PoE) which, for a group G, certifies that a tuple (x,y,T)∈G2×N satisfies x2T=y (Pietrzak, ITCS 2019 and Wesolowski, J. Cryptol. 2020). In particular, we show how to adapt Pietrzak’s PoE at a moderate additional cost to make it a cryptographically-sound certificate of non-primality." acknowledgement: 'We are grateful to Pavel Atnashev for clarifying via e-mail several aspects of the primality tests implementated in the PrimeGrid project. Pavel Hubáček is supported by the Czech Academy of Sciences (RVO 67985840), the Grant Agency of the Czech Republic under the grant agreement no. 19-27871X, and by the Charles University project UNCE/SCI/004. Chethan Kamath is supported by Azrieli International Postdoctoral Fellowship, ISF grants 484/18 and 1789/19, and ERC StG project SPP: Secrecy Preserving Proofs.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Charlotte full_name: Hoffmann, Charlotte id: 0f78d746-dc7d-11ea-9b2f-83f92091afe7 last_name: Hoffmann - first_name: Pavel full_name: Hubáček, Pavel last_name: Hubáček - first_name: Chethan full_name: Kamath, Chethan last_name: Kamath - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 citation: ama: 'Hoffmann C, Hubáček P, Kamath C, Pietrzak KZ. Certifying giant nonprimes. In: Public-Key Cryptography - PKC 2023. Vol 13940. Springer Nature; 2023:530-553. doi:10.1007/978-3-031-31368-4_19' apa: 'Hoffmann, C., Hubáček, P., Kamath, C., & Pietrzak, K. Z. (2023). Certifying giant nonprimes. In Public-Key Cryptography - PKC 2023 (Vol. 13940, pp. 530–553). Atlanta, GA, United States: Springer Nature. https://doi.org/10.1007/978-3-031-31368-4_19' chicago: Hoffmann, Charlotte, Pavel Hubáček, Chethan Kamath, and Krzysztof Z Pietrzak. “Certifying Giant Nonprimes.” In Public-Key Cryptography - PKC 2023, 13940:530–53. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-31368-4_19. ieee: C. Hoffmann, P. Hubáček, C. Kamath, and K. Z. Pietrzak, “Certifying giant nonprimes,” in Public-Key Cryptography - PKC 2023, Atlanta, GA, United States, 2023, vol. 13940, pp. 530–553. ista: 'Hoffmann C, Hubáček P, Kamath C, Pietrzak KZ. 2023. Certifying giant nonprimes. Public-Key Cryptography - PKC 2023. PKC: Public-Key Cryptography, LNCS, vol. 13940, 530–553.' mla: Hoffmann, Charlotte, et al. “Certifying Giant Nonprimes.” Public-Key Cryptography - PKC 2023, vol. 13940, Springer Nature, 2023, pp. 530–53, doi:10.1007/978-3-031-31368-4_19. short: C. Hoffmann, P. Hubáček, C. Kamath, K.Z. Pietrzak, in:, Public-Key Cryptography - PKC 2023, Springer Nature, 2023, pp. 530–553. conference: end_date: 2023-05-10 location: Atlanta, GA, United States name: 'PKC: Public-Key Cryptography' start_date: 2023-05-07 date_created: 2023-06-18T22:00:47Z date_published: 2023-05-02T00:00:00Z date_updated: 2023-06-19T08:03:37Z day: '02' department: - _id: KrPi doi: 10.1007/978-3-031-31368-4_19 intvolume: ' 13940' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2023/238 month: '05' oa: 1 oa_version: Submitted Version page: 530-553 publication: Public-Key Cryptography - PKC 2023 publication_identifier: eissn: - 1611-3349 isbn: - '9783031313677' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Certifying giant nonprimes type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13940 year: '2023' ... --- _id: '13142' abstract: - lang: eng text: Reinforcement learning has received much attention for learning controllers of deterministic systems. We consider a learner-verifier framework for stochastic control systems and survey recent methods that formally guarantee a conjunction of reachability and safety properties. Given a property and a lower bound on the probability of the property being satisfied, our framework jointly learns a control policy and a formal certificate to ensure the satisfaction of the property with a desired probability threshold. Both the control policy and the formal certificate are continuous functions from states to reals, which are learned as parameterized neural networks. While in the deterministic case, the certificates are invariant and barrier functions for safety, or Lyapunov and ranking functions for liveness, in the stochastic case the certificates are supermartingales. For certificate verification, we use interval arithmetic abstract interpretation to bound the expected values of neural network functions. acknowledgement: This work was supported in part by the ERC-2020-AdG 101020093, ERC CoG 863818 (FoRM-SMArt) and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 665385. alternative_title: - LNCS article_processing_charge: No author: - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Mathias full_name: Lechner, Mathias id: 3DC22916-F248-11E8-B48F-1D18A9856A87 last_name: Lechner - first_name: Dorde full_name: Zikelic, Dorde id: 294AA7A6-F248-11E8-B48F-1D18A9856A87 last_name: Zikelic citation: ama: 'Chatterjee K, Henzinger TA, Lechner M, Zikelic D. A learner-verifier framework for neural network controllers and certificates of stochastic systems. In: Tools and Algorithms for the Construction and Analysis of Systems . Vol 13993. Springer Nature; 2023:3-25. doi:10.1007/978-3-031-30823-9_1' apa: 'Chatterjee, K., Henzinger, T. A., Lechner, M., & Zikelic, D. (2023). A learner-verifier framework for neural network controllers and certificates of stochastic systems. In Tools and Algorithms for the Construction and Analysis of Systems (Vol. 13993, pp. 3–25). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-30823-9_1' chicago: Chatterjee, Krishnendu, Thomas A Henzinger, Mathias Lechner, and Dorde Zikelic. “A Learner-Verifier Framework for Neural Network Controllers and Certificates of Stochastic Systems.” In Tools and Algorithms for the Construction and Analysis of Systems , 13993:3–25. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-30823-9_1. ieee: K. Chatterjee, T. A. Henzinger, M. Lechner, and D. Zikelic, “A learner-verifier framework for neural network controllers and certificates of stochastic systems,” in Tools and Algorithms for the Construction and Analysis of Systems , Paris, France, 2023, vol. 13993, pp. 3–25. ista: 'Chatterjee K, Henzinger TA, Lechner M, Zikelic D. 2023. A learner-verifier framework for neural network controllers and certificates of stochastic systems. Tools and Algorithms for the Construction and Analysis of Systems . TACAS: Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 13993, 3–25.' mla: Chatterjee, Krishnendu, et al. “A Learner-Verifier Framework for Neural Network Controllers and Certificates of Stochastic Systems.” Tools and Algorithms for the Construction and Analysis of Systems , vol. 13993, Springer Nature, 2023, pp. 3–25, doi:10.1007/978-3-031-30823-9_1. short: K. Chatterjee, T.A. Henzinger, M. Lechner, D. Zikelic, in:, Tools and Algorithms for the Construction and Analysis of Systems , Springer Nature, 2023, pp. 3–25. conference: end_date: 2023-04-27 location: Paris, France name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2023-04-22 date_created: 2023-06-18T22:00:47Z date_published: 2023-04-22T00:00:00Z date_updated: 2023-06-19T08:30:54Z day: '22' ddc: - '000' department: - _id: KrCh - _id: ToHe doi: 10.1007/978-3-031-30823-9_1 ec_funded: 1 file: - access_level: open_access checksum: 3d8a8bb24d211bc83360dfc2fd744307 content_type: application/pdf creator: dernst date_created: 2023-06-19T08:29:30Z date_updated: 2023-06-19T08:29:30Z file_id: '13150' file_name: 2023_LNCS_Chatterjee.pdf file_size: 528455 relation: main_file success: 1 file_date_updated: 2023-06-19T08:29:30Z has_accepted_license: '1' intvolume: ' 13993' language: - iso: eng month: '04' oa: 1 oa_version: Published Version page: 3-25 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program publication: 'Tools and Algorithms for the Construction and Analysis of Systems ' publication_identifier: eissn: - 1611-3349 isbn: - '9783031308222' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: A learner-verifier framework for neural network controllers and certificates of stochastic systems tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13993 year: '2023' ... --- _id: '13141' abstract: - lang: eng text: "We automatically compute a new class of environment assumptions in two-player turn-based finite graph games which characterize an “adequate cooperation” needed from the environment to allow the system player to win. Given an ω-regular winning condition Φ for the system player, we compute an ω-regular assumption Ψ for the environment player, such that (i) every environment strategy compliant with Ψ allows the system to fulfill Φ (sufficiency), (ii) Ψ\r\n can be fulfilled by the environment for every strategy of the system (implementability), and (iii) Ψ does not prevent any cooperative strategy choice (permissiveness).\r\nFor parity games, which are canonical representations of ω-regular games, we present a polynomial-time algorithm for the symbolic computation of adequately permissive assumptions and show that our algorithm runs faster and produces better assumptions than existing approaches—both theoretically and empirically. To the best of our knowledge, for ω\r\n-regular games, we provide the first algorithm to compute sufficient and implementable environment assumptions that are also permissive." alternative_title: - LNCS article_processing_charge: No author: - first_name: Ashwani full_name: Anand, Ashwani last_name: Anand - first_name: Kaushik full_name: Mallik, Kaushik id: 0834ff3c-6d72-11ec-94e0-b5b0a4fb8598 last_name: Mallik orcid: 0000-0001-9864-7475 - first_name: Satya Prakash full_name: Nayak, Satya Prakash last_name: Nayak - first_name: Anne Kathrin full_name: Schmuck, Anne Kathrin last_name: Schmuck citation: ama: 'Anand A, Mallik K, Nayak SP, Schmuck AK. Computing adequately permissive assumptions for synthesis. In: TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems. Vol 13994. Springer Nature; 2023:211-228. doi:10.1007/978-3-031-30820-8_15' apa: 'Anand, A., Mallik, K., Nayak, S. P., & Schmuck, A. K. (2023). Computing adequately permissive assumptions for synthesis. In TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems (Vol. 13994, pp. 211–228). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-30820-8_15' chicago: 'Anand, Ashwani, Kaushik Mallik, Satya Prakash Nayak, and Anne Kathrin Schmuck. “Computing Adequately Permissive Assumptions for Synthesis.” In TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, 13994:211–28. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-30820-8_15.' ieee: 'A. Anand, K. Mallik, S. P. Nayak, and A. K. Schmuck, “Computing adequately permissive assumptions for synthesis,” in TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, Paris, France, 2023, vol. 13994, pp. 211–228.' ista: 'Anand A, Mallik K, Nayak SP, Schmuck AK. 2023. Computing adequately permissive assumptions for synthesis. TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems. TACAS: Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 13994, 211–228.' mla: 'Anand, Ashwani, et al. “Computing Adequately Permissive Assumptions for Synthesis.” TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, vol. 13994, Springer Nature, 2023, pp. 211–28, doi:10.1007/978-3-031-30820-8_15.' short: 'A. Anand, K. Mallik, S.P. Nayak, A.K. Schmuck, in:, TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature, 2023, pp. 211–228.' conference: end_date: 2023-04-27 location: Paris, France name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2023-04-22 date_created: 2023-06-18T22:00:47Z date_published: 2023-04-20T00:00:00Z date_updated: 2023-06-19T08:49:46Z day: '20' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-031-30820-8_15 file: - access_level: open_access checksum: 60dcafc1b4f6f070be43bad3fe877974 content_type: application/pdf creator: dernst date_created: 2023-06-19T08:43:21Z date_updated: 2023-06-19T08:43:21Z file_id: '13151' file_name: 2023_LNCS_Anand.pdf file_size: 521425 relation: main_file success: 1 file_date_updated: 2023-06-19T08:43:21Z has_accepted_license: '1' intvolume: ' 13994' language: - iso: eng month: '04' oa: 1 oa_version: Published Version page: 211-228 publication: 'TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems' publication_identifier: eissn: - 1611-3349 isbn: - '9783031308192' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Computing adequately permissive assumptions for synthesis tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13994 year: '2023' ... --- _id: '12467' abstract: - lang: eng text: Safety and liveness are elementary concepts of computation, and the foundation of many verification paradigms. The safety-liveness classification of boolean properties characterizes whether a given property can be falsified by observing a finite prefix of an infinite computation trace (always for safety, never for liveness). In quantitative specification and verification, properties assign not truth values, but quantitative values to infinite traces (e.g., a cost, or the distance to a boolean property). We introduce quantitative safety and liveness, and we prove that our definitions induce conservative quantitative generalizations of both (1)~the safety-progress hierarchy of boolean properties and (2)~the safety-liveness decomposition of boolean properties. In particular, we show that every quantitative property can be written as the pointwise minimum of a quantitative safety property and a quantitative liveness property. Consequently, like boolean properties, also quantitative properties can be min-decomposed into safety and liveness parts, or alternatively, max-decomposed into co-safety and co-liveness parts. Moreover, quantitative properties can be approximated naturally. We prove that every quantitative property that has both safe and co-safe approximations can be monitored arbitrarily precisely by a monitor that uses only a finite number of states. acknowledgement: We thank the anonymous reviewers for their helpful comments. This work was supported in part by the ERC-2020-AdG 101020093. alternative_title: - LNCS article_processing_charge: No author: - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Nicolas Adrien full_name: Mazzocchi, Nicolas Adrien id: b26baa86-3308-11ec-87b0-8990f34baa85 last_name: Mazzocchi - first_name: Naci E full_name: Sarac, Naci E id: 8C6B42F8-C8E6-11E9-A03A-F2DCE5697425 last_name: Sarac citation: ama: 'Henzinger TA, Mazzocchi NA, Sarac NE. Quantitative safety and liveness. In: 26th International Conference Foundations of Software Science and Computation Structures. Vol 13992. Springer Nature; 2023:349-370. doi:10.1007/978-3-031-30829-1_17' apa: 'Henzinger, T. A., Mazzocchi, N. A., & Sarac, N. E. (2023). Quantitative safety and liveness. In 26th International Conference Foundations of Software Science and Computation Structures (Vol. 13992, pp. 349–370). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-30829-1_17' chicago: Henzinger, Thomas A, Nicolas Adrien Mazzocchi, and Naci E Sarac. “Quantitative Safety and Liveness.” In 26th International Conference Foundations of Software Science and Computation Structures, 13992:349–70. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-30829-1_17. ieee: T. A. Henzinger, N. A. Mazzocchi, and N. E. Sarac, “Quantitative safety and liveness,” in 26th International Conference Foundations of Software Science and Computation Structures, Paris, France, 2023, vol. 13992, pp. 349–370. ista: 'Henzinger TA, Mazzocchi NA, Sarac NE. 2023. Quantitative safety and liveness. 26th International Conference Foundations of Software Science and Computation Structures. FOSSACS: Foundations of Software Science and Computation Structures, LNCS, vol. 13992, 349–370.' mla: Henzinger, Thomas A., et al. “Quantitative Safety and Liveness.” 26th International Conference Foundations of Software Science and Computation Structures, vol. 13992, Springer Nature, 2023, pp. 349–70, doi:10.1007/978-3-031-30829-1_17. short: T.A. Henzinger, N.A. Mazzocchi, N.E. Sarac, in:, 26th International Conference Foundations of Software Science and Computation Structures, Springer Nature, 2023, pp. 349–370. conference: end_date: 2023-04-27 location: Paris, France name: 'FOSSACS: Foundations of Software Science and Computation Structures' start_date: 2023-04-22 date_created: 2023-01-31T07:23:56Z date_published: 2023-04-21T00:00:00Z date_updated: 2023-07-14T11:20:27Z day: '21' ddc: - '000' department: - _id: GradSch - _id: ToHe doi: 10.1007/978-3-031-30829-1_17 ec_funded: 1 external_id: arxiv: - '2301.11175' file: - access_level: open_access checksum: 981025aed580b6b27c426cb8856cf63e content_type: application/pdf creator: esarac date_created: 2023-01-31T07:22:21Z date_updated: 2023-01-31T07:22:21Z file_id: '12468' file_name: qsl.pdf file_size: 449027 relation: main_file success: 1 - access_level: open_access checksum: f16e2af1e0eb243158ab0f0fe74e7d5a content_type: application/pdf creator: dernst date_created: 2023-06-19T10:28:09Z date_updated: 2023-06-19T10:28:09Z file_id: '13153' file_name: 2023_LNCS_HenzingerT.pdf file_size: 1048171 relation: main_file success: 1 file_date_updated: 2023-06-19T10:28:09Z has_accepted_license: '1' intvolume: ' 13992' language: - iso: eng month: '04' oa: 1 oa_version: Published Version page: 349-370 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: 26th International Conference Foundations of Software Science and Computation Structures publication_identifier: eissn: - 1611-3349 isbn: - '9783031308284' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Quantitative safety and liveness tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9 volume: 13992 year: '2023' ... --- _id: '13310' abstract: - lang: eng text: Machine-learned systems are in widespread use for making decisions about humans, and it is important that they are fair, i.e., not biased against individuals based on sensitive attributes. We present runtime verification of algorithmic fairness for systems whose models are unknown, but are assumed to have a Markov chain structure. We introduce a specification language that can model many common algorithmic fairness properties, such as demographic parity, equal opportunity, and social burden. We build monitors that observe a long sequence of events as generated by a given system, and output, after each observation, a quantitative estimate of how fair or biased the system was on that run until that point in time. The estimate is proven to be correct modulo a variable error bound and a given confidence level, where the error bound gets tighter as the observed sequence gets longer. Our monitors are of two types, and use, respectively, frequentist and Bayesian statistical inference techniques. While the frequentist monitors compute estimates that are objectively correct with respect to the ground truth, the Bayesian monitors compute estimates that are correct subject to a given prior belief about the system’s model. Using a prototype implementation, we show how we can monitor if a bank is fair in giving loans to applicants from different social backgrounds, and if a college is fair in admitting students while maintaining a reasonable financial burden on the society. Although they exhibit different theoretical complexities in certain cases, in our experiments, both frequentist and Bayesian monitors took less than a millisecond to update their verdicts after each observation. acknowledgement: 'This work is supported by the European Research Council under Grant No.: ERC-2020-AdG101020093.' alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Mahyar full_name: Karimi, Mahyar id: f1dedef5-2f78-11ee-989a-c4c97bccf506 last_name: Karimi orcid: 0009-0005-0820-1696 - first_name: Konstantin full_name: Kueffner, Konstantin id: 8121a2d0-dc85-11ea-9058-af578f3b4515 last_name: Kueffner orcid: 0000-0001-8974-2542 - first_name: Kaushik full_name: Mallik, Kaushik id: 0834ff3c-6d72-11ec-94e0-b5b0a4fb8598 last_name: Mallik orcid: 0000-0001-9864-7475 citation: ama: 'Henzinger TA, Karimi M, Kueffner K, Mallik K. Monitoring algorithmic fairness. In: Computer Aided Verification. Vol 13965. Springer Nature; 2023:358–382. doi:10.1007/978-3-031-37703-7_17' apa: 'Henzinger, T. A., Karimi, M., Kueffner, K., & Mallik, K. (2023). Monitoring algorithmic fairness. In Computer Aided Verification (Vol. 13965, pp. 358–382). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-37703-7_17' chicago: Henzinger, Thomas A, Mahyar Karimi, Konstantin Kueffner, and Kaushik Mallik. “Monitoring Algorithmic Fairness.” In Computer Aided Verification, 13965:358–382. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-37703-7_17. ieee: T. A. Henzinger, M. Karimi, K. Kueffner, and K. Mallik, “Monitoring algorithmic fairness,” in Computer Aided Verification, Paris, France, 2023, vol. 13965, pp. 358–382. ista: 'Henzinger TA, Karimi M, Kueffner K, Mallik K. 2023. Monitoring algorithmic fairness. Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 13965, 358–382.' mla: Henzinger, Thomas A., et al. “Monitoring Algorithmic Fairness.” Computer Aided Verification, vol. 13965, Springer Nature, 2023, pp. 358–382, doi:10.1007/978-3-031-37703-7_17. short: T.A. Henzinger, M. Karimi, K. Kueffner, K. Mallik, in:, Computer Aided Verification, Springer Nature, 2023, pp. 358–382. conference: end_date: 2023-07-22 location: Paris, France name: 'CAV: Computer Aided Verification' start_date: 2023-07-17 date_created: 2023-07-25T18:32:40Z date_published: 2023-07-18T00:00:00Z date_updated: 2023-09-05T15:14:00Z day: '18' ddc: - '000' department: - _id: GradSch - _id: ToHe doi: 10.1007/978-3-031-37703-7_17 ec_funded: 1 external_id: arxiv: - '2305.15979' file: - access_level: open_access checksum: ccaf94bf7d658ba012c016e11869b54c content_type: application/pdf creator: dernst date_created: 2023-07-31T08:11:20Z date_updated: 2023-07-31T08:11:20Z file_id: '13327' file_name: 2023_LNCS_CAV_HenzingerT.pdf file_size: 647760 relation: main_file success: 1 file_date_updated: 2023-07-31T08:11:20Z has_accepted_license: '1' intvolume: ' 13965' language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 358–382 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: Computer Aided Verification publication_identifier: eisbn: - '9783031377037' eissn: - 1611-3349 isbn: - '9783031377020' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: Monitoring algorithmic fairness tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13965 year: '2023' ... --- _id: '14259' abstract: - lang: eng text: "We provide a learning-based technique for guessing a winning strategy in a parity game originating from an LTL synthesis problem. A cheaply obtained guess can be useful in several applications. Not only can the guessed strategy be applied as best-effort in cases where the game’s huge size prohibits rigorous approaches, but it can also increase the scalability of rigorous LTL synthesis in several ways. Firstly, checking whether a guessed strategy is winning is easier than constructing one. Secondly, even if the guess is wrong in some places, it can be fixed by strategy iteration faster than constructing one from scratch. Thirdly, the guess can be used in on-the-fly approaches to prioritize exploration in the most fruitful directions.\r\nIn contrast to previous works, we (i) reflect the highly structured logical information in game’s states, the so-called semantic labelling, coming from the recent LTL-to-automata translations, and (ii) learn to reflect it properly by learning from previously solved games, bringing the solving process closer to human-like reasoning." acknowledgement: This research was funded in part by the German Research Foundation (DFG) project 427755713 Group-By Objectives in Probabilistic Verification (GOPro). alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: Jan full_name: Kretinsky, Jan id: 44CEF464-F248-11E8-B48F-1D18A9856A87 last_name: Kretinsky orcid: 0000-0002-8122-2881 - first_name: Tobias full_name: Meggendorfer, Tobias id: b21b0c15-30a2-11eb-80dc-f13ca25802e1 last_name: Meggendorfer orcid: 0000-0002-1712-2165 - first_name: Maximilian full_name: Prokop, Maximilian last_name: Prokop - first_name: Sabine full_name: Rieder, Sabine last_name: Rieder citation: ama: 'Kretinsky J, Meggendorfer T, Prokop M, Rieder S. Guessing winning policies in LTL synthesis by semantic learning. In: 35th International Conference on Computer Aided Verification . Vol 13964. Springer Nature; 2023:390-414. doi:10.1007/978-3-031-37706-8_20' apa: 'Kretinsky, J., Meggendorfer, T., Prokop, M., & Rieder, S. (2023). Guessing winning policies in LTL synthesis by semantic learning. In 35th International Conference on Computer Aided Verification (Vol. 13964, pp. 390–414). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-37706-8_20' chicago: Kretinsky, Jan, Tobias Meggendorfer, Maximilian Prokop, and Sabine Rieder. “Guessing Winning Policies in LTL Synthesis by Semantic Learning.” In 35th International Conference on Computer Aided Verification , 13964:390–414. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-37706-8_20. ieee: J. Kretinsky, T. Meggendorfer, M. Prokop, and S. Rieder, “Guessing winning policies in LTL synthesis by semantic learning,” in 35th International Conference on Computer Aided Verification , Paris, France, 2023, vol. 13964, pp. 390–414. ista: 'Kretinsky J, Meggendorfer T, Prokop M, Rieder S. 2023. Guessing winning policies in LTL synthesis by semantic learning. 35th International Conference on Computer Aided Verification . CAV: Computer Aided Verification, LNCS, vol. 13964, 390–414.' mla: Kretinsky, Jan, et al. “Guessing Winning Policies in LTL Synthesis by Semantic Learning.” 35th International Conference on Computer Aided Verification , vol. 13964, Springer Nature, 2023, pp. 390–414, doi:10.1007/978-3-031-37706-8_20. short: J. Kretinsky, T. Meggendorfer, M. Prokop, S. Rieder, in:, 35th International Conference on Computer Aided Verification , Springer Nature, 2023, pp. 390–414. conference: end_date: 2023-07-22 location: Paris, France name: 'CAV: Computer Aided Verification' start_date: 2023-07-17 date_created: 2023-09-03T22:01:16Z date_published: 2023-07-17T00:00:00Z date_updated: 2023-09-06T08:27:33Z day: '17' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-031-37706-8_20 file: - access_level: open_access checksum: ed66278b61bb869e1baba3d9b9081271 content_type: application/pdf creator: dernst date_created: 2023-09-06T08:25:50Z date_updated: 2023-09-06T08:25:50Z file_id: '14276' file_name: 2023_LNCS_CAV_Kretinsky.pdf file_size: 428354 relation: main_file success: 1 file_date_updated: 2023-09-06T08:25:50Z has_accepted_license: '1' intvolume: ' 13964' language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 390-414 publication: '35th International Conference on Computer Aided Verification ' publication_identifier: eissn: - 1611-3349 isbn: - '9783031377051' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Guessing winning policies in LTL synthesis by semantic learning tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13964 year: '2023' ... --- _id: '14318' abstract: - lang: eng text: "Probabilistic recurrence relations (PRRs) are a standard formalism for describing the runtime of a randomized algorithm. Given a PRR and a time limit κ, we consider the tail probability Pr[T≥κ], i.e., the probability that the randomized runtime T of the PRR exceeds κ. Our focus is the formal analysis of tail bounds that aims at finding a tight asymptotic upper bound u≥Pr[T≥κ]. To address this problem, the classical and most well-known approach is the cookbook method by Karp (JACM 1994), while other approaches are mostly limited to deriving tail bounds of specific PRRs via involved custom analysis.\r\nIn this work, we propose a novel approach for deriving the common exponentially-decreasing tail bounds for PRRs whose preprocessing time and random passed sizes observe discrete or (piecewise) uniform distribution and whose recursive call is either a single procedure call or a divide-and-conquer. We first establish a theoretical approach via Markov’s inequality, and then instantiate the theoretical approach with a template-based algorithmic approach via a refined treatment of exponentiation. Experimental evaluation shows that our algorithmic approach is capable of deriving tail bounds that are (i) asymptotically tighter than Karp’s method, (ii) match the best-known manually-derived asymptotic tail bound for QuickSelect, and (iii) is only slightly worse (with a loglogn factor) than the manually-proven optimal asymptotic tail bound for QuickSort. Moreover, our algorithmic approach handles all examples (including realistic PRRs such as QuickSort, QuickSelect, DiameterComputation, etc.) in less than 0.1 s, showing that our approach is efficient in practice." acknowledgement: We thank Prof. Bican Xia for valuable information on the exponential theory of reals. The work is partially supported by the National Natural Science Foundation of China (NSFC) with Grant No. 62172271, ERC CoG 863818 (ForM-SMArt), the Hong Kong Research Grants Council ECS Project Number 26208122, the HKUST-Kaisa Joint Research Institute Project Grant HKJRI3A-055 and the HKUST Startup Grant R9272. alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: Yican full_name: Sun, Yican last_name: Sun - first_name: Hongfei full_name: Fu, Hongfei last_name: Fu - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Amir Kafshdar full_name: Goharshady, Amir Kafshdar id: 391365CE-F248-11E8-B48F-1D18A9856A87 last_name: Goharshady orcid: 0000-0003-1702-6584 citation: ama: 'Sun Y, Fu H, Chatterjee K, Goharshady AK. Automated tail bound analysis for probabilistic recurrence relations. In: Computer Aided Verification. Vol 13966. Springer Nature; 2023:16-39. doi:10.1007/978-3-031-37709-9_2' apa: 'Sun, Y., Fu, H., Chatterjee, K., & Goharshady, A. K. (2023). Automated tail bound analysis for probabilistic recurrence relations. In Computer Aided Verification (Vol. 13966, pp. 16–39). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-37709-9_2' chicago: Sun, Yican, Hongfei Fu, Krishnendu Chatterjee, and Amir Kafshdar Goharshady. “Automated Tail Bound Analysis for Probabilistic Recurrence Relations.” In Computer Aided Verification, 13966:16–39. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-37709-9_2. ieee: Y. Sun, H. Fu, K. Chatterjee, and A. K. Goharshady, “Automated tail bound analysis for probabilistic recurrence relations,” in Computer Aided Verification, Paris, France, 2023, vol. 13966, pp. 16–39. ista: 'Sun Y, Fu H, Chatterjee K, Goharshady AK. 2023. Automated tail bound analysis for probabilistic recurrence relations. Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 13966, 16–39.' mla: Sun, Yican, et al. “Automated Tail Bound Analysis for Probabilistic Recurrence Relations.” Computer Aided Verification, vol. 13966, Springer Nature, 2023, pp. 16–39, doi:10.1007/978-3-031-37709-9_2. short: Y. Sun, H. Fu, K. Chatterjee, A.K. Goharshady, in:, Computer Aided Verification, Springer Nature, 2023, pp. 16–39. conference: end_date: 2023-07-22 location: Paris, France name: 'CAV: Computer Aided Verification' start_date: 2023-07-17 date_created: 2023-09-10T22:01:12Z date_published: 2023-07-17T00:00:00Z date_updated: 2023-09-20T08:25:57Z day: '17' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-031-37709-9_2 ec_funded: 1 file: - access_level: open_access checksum: 42917e086f8c7699f3bccf84f74fe000 content_type: application/pdf creator: dernst date_created: 2023-09-20T08:24:47Z date_updated: 2023-09-20T08:24:47Z file_id: '14348' file_name: 2023_LNCS_Sun.pdf file_size: 624647 relation: main_file success: 1 file_date_updated: 2023-09-20T08:24:47Z has_accepted_license: '1' intvolume: ' 13966' language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 16-39 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' publication: Computer Aided Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783031377082' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: link: - relation: software url: https://github.com/boyvolcano/PRR scopus_import: '1' status: public title: Automated tail bound analysis for probabilistic recurrence relations tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13966 year: '2023' ... --- _id: '14317' abstract: - lang: eng text: "Markov decision processes can be viewed as transformers of probability distributions. While this view is useful from a practical standpoint to reason about trajectories of distributions, basic reachability and safety problems are known to be computationally intractable (i.e., Skolem-hard) to solve in such models. Further, we show that even for simple examples of MDPs, strategies for safety objectives over distributions can require infinite memory and randomization.\r\nIn light of this, we present a novel overapproximation approach to synthesize strategies in an MDP, such that a safety objective over the distributions is met. More precisely, we develop a new framework for template-based synthesis of certificates as affine distributional and inductive invariants for safety objectives in MDPs. We provide two algorithms within this framework. One can only synthesize memoryless strategies, but has relative completeness guarantees, while the other can synthesize general strategies. The runtime complexity of both algorithms is in PSPACE. We implement these algorithms and show that they can solve several non-trivial examples." acknowledgement: This work was supported in part by the ERC CoG 863818 (FoRM-SMArt) and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 665385 as well as DST/CEFIPRA/INRIA project EQuaVE and SERB Matrices grant MTR/2018/00074. alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: S. full_name: Akshay, S. last_name: Akshay - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Tobias full_name: Meggendorfer, Tobias id: b21b0c15-30a2-11eb-80dc-f13ca25802e1 last_name: Meggendorfer orcid: 0000-0002-1712-2165 - first_name: Dorde full_name: Zikelic, Dorde id: 294AA7A6-F248-11E8-B48F-1D18A9856A87 last_name: Zikelic orcid: 0000-0002-4681-1699 citation: ama: 'Akshay S, Chatterjee K, Meggendorfer T, Zikelic D. MDPs as distribution transformers: Affine invariant synthesis for safety objectives. In: International Conference on Computer Aided Verification. Vol 13966. Springer Nature; 2023:86-112. doi:10.1007/978-3-031-37709-9_5' apa: 'Akshay, S., Chatterjee, K., Meggendorfer, T., & Zikelic, D. (2023). MDPs as distribution transformers: Affine invariant synthesis for safety objectives. In International Conference on Computer Aided Verification (Vol. 13966, pp. 86–112). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-37709-9_5' chicago: 'Akshay, S., Krishnendu Chatterjee, Tobias Meggendorfer, and Dorde Zikelic. “MDPs as Distribution Transformers: Affine Invariant Synthesis for Safety Objectives.” In International Conference on Computer Aided Verification, 13966:86–112. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-37709-9_5.' ieee: 'S. Akshay, K. Chatterjee, T. Meggendorfer, and D. Zikelic, “MDPs as distribution transformers: Affine invariant synthesis for safety objectives,” in International Conference on Computer Aided Verification, Paris, France, 2023, vol. 13966, pp. 86–112.' ista: 'Akshay S, Chatterjee K, Meggendorfer T, Zikelic D. 2023. MDPs as distribution transformers: Affine invariant synthesis for safety objectives. International Conference on Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 13966, 86–112.' mla: 'Akshay, S., et al. “MDPs as Distribution Transformers: Affine Invariant Synthesis for Safety Objectives.” International Conference on Computer Aided Verification, vol. 13966, Springer Nature, 2023, pp. 86–112, doi:10.1007/978-3-031-37709-9_5.' short: S. Akshay, K. Chatterjee, T. Meggendorfer, D. Zikelic, in:, International Conference on Computer Aided Verification, Springer Nature, 2023, pp. 86–112. conference: end_date: 2023-07-22 location: Paris, France name: 'CAV: Computer Aided Verification' start_date: 2023-07-17 date_created: 2023-09-10T22:01:12Z date_published: 2023-07-17T00:00:00Z date_updated: 2023-09-20T09:04:40Z day: '17' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-031-37709-9_5 ec_funded: 1 file: - access_level: open_access checksum: f143c8eedf609f20f2aad2eeb496d53f content_type: application/pdf creator: dernst date_created: 2023-09-20T08:46:43Z date_updated: 2023-09-20T08:46:43Z file_id: '14349' file_name: 2023_LNCS_Akshay.pdf file_size: 531745 relation: main_file success: 1 file_date_updated: 2023-09-20T08:46:43Z has_accepted_license: '1' intvolume: ' 13966' language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 86-112 project: - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' publication: International Conference on Computer Aided Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783031377082' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'MDPs as distribution transformers: Affine invariant synthesis for safety objectives' tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13966 year: '2023' ... --- _id: '14410' abstract: - lang: eng text: This paper focuses on the implementation details of the baseline methods and a recent lightweight conditional model extrapolation algorithm LIMES [5] for streaming data under class-prior shift. LIMES achieves superior performance over the baseline methods, especially concerning the minimum-across-day accuracy, which is important for the users of the system. In this work, the key measures to facilitate reproducibility and enhance the credibility of the results are described. alternative_title: - LNCS article_processing_charge: No author: - first_name: Paulina full_name: Tomaszewska, Paulina last_name: Tomaszewska - first_name: Christoph full_name: Lampert, Christoph id: 40C20FD2-F248-11E8-B48F-1D18A9856A87 last_name: Lampert orcid: 0000-0001-8622-7887 citation: ama: 'Tomaszewska P, Lampert C. On the implementation of baselines and lightweight conditional model extrapolation (LIMES) under class-prior shift. In: International Workshop on Reproducible Research in Pattern Recognition. Vol 14068. Springer Nature; 2023:67-73. doi:10.1007/978-3-031-40773-4_6' apa: 'Tomaszewska, P., & Lampert, C. (2023). On the implementation of baselines and lightweight conditional model extrapolation (LIMES) under class-prior shift. In International Workshop on Reproducible Research in Pattern Recognition (Vol. 14068, pp. 67–73). Montreal, Canada: Springer Nature. https://doi.org/10.1007/978-3-031-40773-4_6' chicago: Tomaszewska, Paulina, and Christoph Lampert. “On the Implementation of Baselines and Lightweight Conditional Model Extrapolation (LIMES) under Class-Prior Shift.” In International Workshop on Reproducible Research in Pattern Recognition, 14068:67–73. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-40773-4_6. ieee: P. Tomaszewska and C. Lampert, “On the implementation of baselines and lightweight conditional model extrapolation (LIMES) under class-prior shift,” in International Workshop on Reproducible Research in Pattern Recognition, Montreal, Canada, 2023, vol. 14068, pp. 67–73. ista: 'Tomaszewska P, Lampert C. 2023. On the implementation of baselines and lightweight conditional model extrapolation (LIMES) under class-prior shift. International Workshop on Reproducible Research in Pattern Recognition. RRPR: Reproducible Research in Pattern Recognition, LNCS, vol. 14068, 67–73.' mla: Tomaszewska, Paulina, and Christoph Lampert. “On the Implementation of Baselines and Lightweight Conditional Model Extrapolation (LIMES) under Class-Prior Shift.” International Workshop on Reproducible Research in Pattern Recognition, vol. 14068, Springer Nature, 2023, pp. 67–73, doi:10.1007/978-3-031-40773-4_6. short: P. Tomaszewska, C. Lampert, in:, International Workshop on Reproducible Research in Pattern Recognition, Springer Nature, 2023, pp. 67–73. conference: end_date: 2022-08-21 location: Montreal, Canada name: 'RRPR: Reproducible Research in Pattern Recognition' start_date: 2022-08-21 date_created: 2023-10-08T22:01:18Z date_published: 2023-08-20T00:00:00Z date_updated: 2023-10-09T06:48:02Z day: '20' department: - _id: ChLa doi: 10.1007/978-3-031-40773-4_6 intvolume: ' 14068' language: - iso: eng month: '08' oa_version: None page: 67-73 publication: International Workshop on Reproducible Research in Pattern Recognition publication_identifier: eissn: - 1611-3349 isbn: - '9783031407727' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: On the implementation of baselines and lightweight conditional model extrapolation (LIMES) under class-prior shift type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14068 year: '2023' ... --- _id: '14428' abstract: - lang: eng text: "Suppose we have two hash functions h1 and h2, but we trust the security of only one of them. To mitigate this worry, we wish to build a hash combiner Ch1,h2 which is secure so long as one of the underlying hash functions is. This question has been well-studied in the regime of collision resistance. In this case, concatenating the two hash function outputs clearly works. Unfortunately, a long series of works (Boneh and Boyen, CRYPTO’06; Pietrzak, Eurocrypt’07; Pietrzak, CRYPTO’08) showed no (noticeably) shorter combiner for collision resistance is possible.\r\nIn this work, we revisit this pessimistic state of affairs, motivated by the observation that collision-resistance is insufficient for many interesting applications of cryptographic hash functions anyway. We argue the right formulation of the “hash combiner” is to build what we call random oracle (RO) combiners, utilizing stronger assumptions for stronger constructions.\r\nIndeed, we circumvent the previous lower bounds for collision resistance by constructing a simple length-preserving RO combiner C˜h1,h2Z1,Z2(M)=h1(M,Z1)⊕h2(M,Z2),where Z1,Z2\r\n are random salts of appropriate length. We show that this extra randomness is necessary for RO combiners, and indeed our construction is somewhat tight with this lower bound.\r\nOn the negative side, we show that one cannot generically apply the composition theorem to further replace “monolithic” hash functions h1 and h2 by some simpler indifferentiable construction (such as the Merkle-Damgård transformation) from smaller components, such as fixed-length compression functions. Finally, despite this issue, we directly prove collision resistance of the Merkle-Damgård variant of our combiner, where h1 and h2 are replaced by iterative Merkle-Damgård hashes applied to a fixed-length compression function. Thus, we can still subvert the concatenation barrier for collision-resistance combiners while utilizing practically small fixed-length components underneath." alternative_title: - LNCS article_processing_charge: No author: - first_name: Yevgeniy full_name: Dodis, Yevgeniy last_name: Dodis - first_name: Niels full_name: Ferguson, Niels last_name: Ferguson - first_name: Eli full_name: Goldin, Eli last_name: Goldin - first_name: Peter full_name: Hall, Peter last_name: Hall - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 citation: ama: 'Dodis Y, Ferguson N, Goldin E, Hall P, Pietrzak KZ. Random oracle combiners: Breaking the concatenation barrier for collision-resistance. In: 43rd Annual International Cryptology Conference. Vol 14082. Springer Nature; 2023:514-546. doi:10.1007/978-3-031-38545-2_17' apa: 'Dodis, Y., Ferguson, N., Goldin, E., Hall, P., & Pietrzak, K. Z. (2023). Random oracle combiners: Breaking the concatenation barrier for collision-resistance. In 43rd Annual International Cryptology Conference (Vol. 14082, pp. 514–546). Santa Barbara, CA, United States: Springer Nature. https://doi.org/10.1007/978-3-031-38545-2_17' chicago: 'Dodis, Yevgeniy, Niels Ferguson, Eli Goldin, Peter Hall, and Krzysztof Z Pietrzak. “Random Oracle Combiners: Breaking the Concatenation Barrier for Collision-Resistance.” In 43rd Annual International Cryptology Conference, 14082:514–46. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-38545-2_17.' ieee: 'Y. Dodis, N. Ferguson, E. Goldin, P. Hall, and K. Z. Pietrzak, “Random oracle combiners: Breaking the concatenation barrier for collision-resistance,” in 43rd Annual International Cryptology Conference, Santa Barbara, CA, United States, 2023, vol. 14082, pp. 514–546.' ista: 'Dodis Y, Ferguson N, Goldin E, Hall P, Pietrzak KZ. 2023. Random oracle combiners: Breaking the concatenation barrier for collision-resistance. 43rd Annual International Cryptology Conference. CRYPTO: Advances in Cryptology, LNCS, vol. 14082, 514–546.' mla: 'Dodis, Yevgeniy, et al. “Random Oracle Combiners: Breaking the Concatenation Barrier for Collision-Resistance.” 43rd Annual International Cryptology Conference, vol. 14082, Springer Nature, 2023, pp. 514–46, doi:10.1007/978-3-031-38545-2_17.' short: Y. Dodis, N. Ferguson, E. Goldin, P. Hall, K.Z. Pietrzak, in:, 43rd Annual International Cryptology Conference, Springer Nature, 2023, pp. 514–546. conference: end_date: 2023-08-24 location: Santa Barbara, CA, United States name: 'CRYPTO: Advances in Cryptology' start_date: 2023-08-20 date_created: 2023-10-15T22:01:11Z date_published: 2023-08-09T00:00:00Z date_updated: 2023-10-16T08:02:11Z day: '09' department: - _id: KrPi doi: 10.1007/978-3-031-38545-2_17 intvolume: ' 14082' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2023/1041 month: '08' oa: 1 oa_version: Preprint page: 514-546 publication: 43rd Annual International Cryptology Conference publication_identifier: eissn: - 1611-3349 isbn: - '9783031385445' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Random oracle combiners: Breaking the concatenation barrier for collision-resistance' type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14082 year: '2023' ... --- _id: '14457' abstract: - lang: eng text: "Threshold secret sharing allows a dealer to split a secret s into n shares, such that any t shares allow for reconstructing s, but no t-1 shares reveal any information about s. Leakage-resilient secret sharing requires that the secret remains hidden, even when an adversary additionally obtains a limited amount of leakage from every share. Benhamouda et al. (CRYPTO’18) proved that Shamir’s secret sharing scheme is one bit leakage-resilient for reconstruction threshold t≥0.85n and conjectured that the same holds for t = c.n for any constant 0≤c≤1. Nielsen and Simkin (EUROCRYPT’20) showed that this is the best one can hope for by proving that Shamir’s scheme is not secure against one-bit leakage when t0c.n/log(n).\r\nIn this work, we strengthen the lower bound of Nielsen and Simkin. We consider noisy leakage-resilience, where a random subset of leakages is replaced by uniformly random noise. We prove a lower bound for Shamir’s secret sharing, similar to that of Nielsen and Simkin, which holds even when a constant fraction of leakages is replaced by random noise. To this end, we first prove a lower bound on the share size of any noisy-leakage-resilient sharing scheme. We then use this lower bound to show that there exist universal constants c1, c2, such that for sufficiently large n it holds that Shamir’s secret sharing scheme is not noisy-leakage-resilient for t≤c1.n/log(n), even when a c2 fraction of leakages are replaced by random noise.\r\n\r\n\r\n\r\n" alternative_title: - LNCS article_processing_charge: No author: - first_name: Charlotte full_name: Hoffmann, Charlotte id: 0f78d746-dc7d-11ea-9b2f-83f92091afe7 last_name: Hoffmann orcid: 0000-0003-2027-5549 - first_name: Mark full_name: Simkin, Mark last_name: Simkin citation: ama: 'Hoffmann C, Simkin M. Stronger lower bounds for leakage-resilient secret sharing. In: 8th International Conference on Cryptology and Information Security in Latin America. Vol 14168. Springer Nature; 2023:215-228. doi:10.1007/978-3-031-44469-2_11' apa: 'Hoffmann, C., & Simkin, M. (2023). Stronger lower bounds for leakage-resilient secret sharing. In 8th International Conference on Cryptology and Information Security in Latin America (Vol. 14168, pp. 215–228). Quito, Ecuador: Springer Nature. https://doi.org/10.1007/978-3-031-44469-2_11' chicago: Hoffmann, Charlotte, and Mark Simkin. “Stronger Lower Bounds for Leakage-Resilient Secret Sharing.” In 8th International Conference on Cryptology and Information Security in Latin America, 14168:215–28. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-44469-2_11. ieee: C. Hoffmann and M. Simkin, “Stronger lower bounds for leakage-resilient secret sharing,” in 8th International Conference on Cryptology and Information Security in Latin America, Quito, Ecuador, 2023, vol. 14168, pp. 215–228. ista: 'Hoffmann C, Simkin M. 2023. Stronger lower bounds for leakage-resilient secret sharing. 8th International Conference on Cryptology and Information Security in Latin America. LATINCRYPT: Conference on Cryptology and Information Security in Latin America, LNCS, vol. 14168, 215–228.' mla: Hoffmann, Charlotte, and Mark Simkin. “Stronger Lower Bounds for Leakage-Resilient Secret Sharing.” 8th International Conference on Cryptology and Information Security in Latin America, vol. 14168, Springer Nature, 2023, pp. 215–28, doi:10.1007/978-3-031-44469-2_11. short: C. Hoffmann, M. Simkin, in:, 8th International Conference on Cryptology and Information Security in Latin America, Springer Nature, 2023, pp. 215–228. conference: end_date: 2023-10-06 location: Quito, Ecuador name: 'LATINCRYPT: Conference on Cryptology and Information Security in Latin America' start_date: 2023-10-03 date_created: 2023-10-29T23:01:16Z date_published: 2023-10-01T00:00:00Z date_updated: 2023-10-31T11:43:12Z day: '01' department: - _id: KrPi doi: 10.1007/978-3-031-44469-2_11 intvolume: ' 14168' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2023/1017 month: '10' oa: 1 oa_version: Preprint page: 215-228 publication: 8th International Conference on Cryptology and Information Security in Latin America publication_identifier: eissn: - 1611-3349 isbn: - '9783031444685' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Stronger lower bounds for leakage-resilient secret sharing type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14168 year: '2023' ... --- _id: '14454' abstract: - lang: eng text: As AI and machine-learned software are used increasingly for making decisions that affect humans, it is imperative that they remain fair and unbiased in their decisions. To complement design-time bias mitigation measures, runtime verification techniques have been introduced recently to monitor the algorithmic fairness of deployed systems. Previous monitoring techniques assume full observability of the states of the (unknown) monitored system. Moreover, they can monitor only fairness properties that are specified as arithmetic expressions over the probabilities of different events. In this work, we extend fairness monitoring to systems modeled as partially observed Markov chains (POMC), and to specifications containing arithmetic expressions over the expected values of numerical functions on event sequences. The only assumptions we make are that the underlying POMC is aperiodic and starts in the stationary distribution, with a bound on its mixing time being known. These assumptions enable us to estimate a given property for the entire distribution of possible executions of the monitored POMC, by observing only a single execution. Our monitors observe a long run of the system and, after each new observation, output updated PAC-estimates of how fair or biased the system is. The monitors are computationally lightweight and, using a prototype implementation, we demonstrate their effectiveness on several real-world examples. acknowledgement: 'This work is supported by the European Research Council under Grant No.: ERC-2020-AdG 101020093.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Konstantin full_name: Kueffner, Konstantin id: 8121a2d0-dc85-11ea-9058-af578f3b4515 last_name: Kueffner orcid: 0000-0001-8974-2542 - first_name: Kaushik full_name: Mallik, Kaushik id: 0834ff3c-6d72-11ec-94e0-b5b0a4fb8598 last_name: Mallik orcid: 0000-0001-9864-7475 citation: ama: 'Henzinger TA, Kueffner K, Mallik K. Monitoring algorithmic fairness under partial observations. In: 23rd International Conference on Runtime Verification. Vol 14245. Springer Nature; 2023:291-311. doi:10.1007/978-3-031-44267-4_15' apa: 'Henzinger, T. A., Kueffner, K., & Mallik, K. (2023). Monitoring algorithmic fairness under partial observations. In 23rd International Conference on Runtime Verification (Vol. 14245, pp. 291–311). Thessaloniki, Greece: Springer Nature. https://doi.org/10.1007/978-3-031-44267-4_15' chicago: Henzinger, Thomas A, Konstantin Kueffner, and Kaushik Mallik. “Monitoring Algorithmic Fairness under Partial Observations.” In 23rd International Conference on Runtime Verification, 14245:291–311. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-44267-4_15. ieee: T. A. Henzinger, K. Kueffner, and K. Mallik, “Monitoring algorithmic fairness under partial observations,” in 23rd International Conference on Runtime Verification, Thessaloniki, Greece, 2023, vol. 14245, pp. 291–311. ista: 'Henzinger TA, Kueffner K, Mallik K. 2023. Monitoring algorithmic fairness under partial observations. 23rd International Conference on Runtime Verification. RV: Conference on Runtime Verification, LNCS, vol. 14245, 291–311.' mla: Henzinger, Thomas A., et al. “Monitoring Algorithmic Fairness under Partial Observations.” 23rd International Conference on Runtime Verification, vol. 14245, Springer Nature, 2023, pp. 291–311, doi:10.1007/978-3-031-44267-4_15. short: T.A. Henzinger, K. Kueffner, K. Mallik, in:, 23rd International Conference on Runtime Verification, Springer Nature, 2023, pp. 291–311. conference: end_date: 2023-10-06 location: Thessaloniki, Greece name: 'RV: Conference on Runtime Verification' start_date: 2023-10-03 date_created: 2023-10-29T23:01:15Z date_published: 2023-10-01T00:00:00Z date_updated: 2023-10-31T11:48:20Z day: '01' department: - _id: ToHe doi: 10.1007/978-3-031-44267-4_15 ec_funded: 1 external_id: arxiv: - '2308.00341' intvolume: ' 14245' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2308.00341 month: '10' oa: 1 oa_version: Preprint page: 291-311 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: 23rd International Conference on Runtime Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783031442667' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Monitoring algorithmic fairness under partial observations type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14245 year: '2023' ... --- _id: '14559' abstract: - lang: eng text: We consider the problem of learning control policies in discrete-time stochastic systems which guarantee that the system stabilizes within some specified stabilization region with probability 1. Our approach is based on the novel notion of stabilizing ranking supermartingales (sRSMs) that we introduce in this work. Our sRSMs overcome the limitation of methods proposed in previous works whose applicability is restricted to systems in which the stabilizing region cannot be left once entered under any control policy. We present a learning procedure that learns a control policy together with an sRSM that formally certifies probability 1 stability, both learned as neural networks. We show that this procedure can also be adapted to formally verifying that, under a given Lipschitz continuous control policy, the stochastic system stabilizes within some stabilizing region with probability 1. Our experimental evaluation shows that our learning procedure can successfully learn provably stabilizing policies in practice. acknowledgement: This work was supported in part by the ERC-2020-AdG 101020093, ERC CoG 863818 (FoRM-SMArt) and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 665385. alternative_title: - LNCS article_processing_charge: No author: - first_name: Matin full_name: Ansaripour, Matin last_name: Ansaripour - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Mathias full_name: Lechner, Mathias id: 3DC22916-F248-11E8-B48F-1D18A9856A87 last_name: Lechner - first_name: Dorde full_name: Zikelic, Dorde id: 294AA7A6-F248-11E8-B48F-1D18A9856A87 last_name: Zikelic orcid: 0000-0002-4681-1699 citation: ama: 'Ansaripour M, Chatterjee K, Henzinger TA, Lechner M, Zikelic D. Learning provably stabilizing neural controllers for discrete-time stochastic systems. In: 21st International Symposium on Automated Technology for Verification and Analysis. Vol 14215. Springer Nature; 2023:357-379. doi:10.1007/978-3-031-45329-8_17' apa: 'Ansaripour, M., Chatterjee, K., Henzinger, T. A., Lechner, M., & Zikelic, D. (2023). Learning provably stabilizing neural controllers for discrete-time stochastic systems. In 21st International Symposium on Automated Technology for Verification and Analysis (Vol. 14215, pp. 357–379). Singapore, Singapore: Springer Nature. https://doi.org/10.1007/978-3-031-45329-8_17' chicago: Ansaripour, Matin, Krishnendu Chatterjee, Thomas A Henzinger, Mathias Lechner, and Dorde Zikelic. “Learning Provably Stabilizing Neural Controllers for Discrete-Time Stochastic Systems.” In 21st International Symposium on Automated Technology for Verification and Analysis, 14215:357–79. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-45329-8_17. ieee: M. Ansaripour, K. Chatterjee, T. A. Henzinger, M. Lechner, and D. Zikelic, “Learning provably stabilizing neural controllers for discrete-time stochastic systems,” in 21st International Symposium on Automated Technology for Verification and Analysis, Singapore, Singapore, 2023, vol. 14215, pp. 357–379. ista: 'Ansaripour M, Chatterjee K, Henzinger TA, Lechner M, Zikelic D. 2023. Learning provably stabilizing neural controllers for discrete-time stochastic systems. 21st International Symposium on Automated Technology for Verification and Analysis. ATVA: Automated Technology for Verification and Analysis, LNCS, vol. 14215, 357–379.' mla: Ansaripour, Matin, et al. “Learning Provably Stabilizing Neural Controllers for Discrete-Time Stochastic Systems.” 21st International Symposium on Automated Technology for Verification and Analysis, vol. 14215, Springer Nature, 2023, pp. 357–79, doi:10.1007/978-3-031-45329-8_17. short: M. Ansaripour, K. Chatterjee, T.A. Henzinger, M. Lechner, D. Zikelic, in:, 21st International Symposium on Automated Technology for Verification and Analysis, Springer Nature, 2023, pp. 357–379. conference: end_date: 2023-10-27 location: Singapore, Singapore name: 'ATVA: Automated Technology for Verification and Analysis' start_date: 2023-10-24 date_created: 2023-11-19T23:00:56Z date_published: 2023-10-22T00:00:00Z date_updated: 2023-11-20T08:30:20Z day: '22' department: - _id: ToHe - _id: KrCh doi: 10.1007/978-3-031-45329-8_17 ec_funded: 1 intvolume: ' 14215' language: - iso: eng month: '10' oa_version: None page: 357-379 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program publication: 21st International Symposium on Automated Technology for Verification and Analysis publication_identifier: eissn: - 1611-3349 isbn: - '9783031453281' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Learning provably stabilizing neural controllers for discrete-time stochastic systems type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14215 year: '2023' ... --- _id: '13238' abstract: - lang: eng text: "We consider a natural problem dealing with weighted packet selection across a rechargeable link, which e.g., finds applications in cryptocurrency networks. The capacity of a link (u, v) is determined by how much nodes u and v allocate for this link. Specifically, the input is a finite ordered sequence of packets that arrive in both directions along a link. Given (u, v) and a packet of weight x going from u to v, node u can either accept or reject the packet. If u accepts the packet, the capacity on link (u, v) decreases by x. Correspondingly, v’s capacity on (u, v) increases by x. If a node rejects the packet, this will entail a cost affinely linear in the weight of the packet. A link is “rechargeable” in the sense that the total capacity of the link has to remain constant, but the allocation of capacity at the ends of the link can depend arbitrarily on the nodes’ decisions. The goal is to minimise the sum of the capacity injected into the link and the cost of rejecting packets. We show that the problem is NP-hard, but can be approximated efficiently with a ratio of (1+ε)⋅(1+3–√) for some arbitrary ε>0.\r\n." acknowledgement: We thank Mahsa Bastankhah and Mohammad Ali Maddah-Ali for fruitful discussions about different variants of the problem. This work is supported by the European Research Council (ERC) Consolidator Project 864228 (AdjustNet), 2020-2025, the ERC CoG 863818 (ForM-SMArt), and the German Research Foundation (DFG) grant 470029389 (FlexNets), 2021–2024. alternative_title: - LNCS article_processing_charge: No author: - first_name: Stefan full_name: Schmid, Stefan last_name: Schmid - first_name: Jakub full_name: Svoboda, Jakub id: 130759D2-D7DD-11E9-87D2-DE0DE6697425 last_name: Svoboda orcid: 0000-0002-1419-3267 - first_name: Michelle X full_name: Yeo, Michelle X id: 2D82B818-F248-11E8-B48F-1D18A9856A87 last_name: Yeo citation: ama: 'Schmid S, Svoboda J, Yeo MX. Weighted packet selection for rechargeable links in cryptocurrency networks: Complexity and approximation. In: SIROCCO 2023: Structural Information and Communication Complexity . Vol 13892. Springer Nature; 2023:576-594. doi:10.1007/978-3-031-32733-9_26' apa: 'Schmid, S., Svoboda, J., & Yeo, M. X. (2023). Weighted packet selection for rechargeable links in cryptocurrency networks: Complexity and approximation. In SIROCCO 2023: Structural Information and Communication Complexity (Vol. 13892, pp. 576–594). Alcala de Henares, Spain: Springer Nature. https://doi.org/10.1007/978-3-031-32733-9_26' chicago: 'Schmid, Stefan, Jakub Svoboda, and Michelle X Yeo. “Weighted Packet Selection for Rechargeable Links in Cryptocurrency Networks: Complexity and Approximation.” In SIROCCO 2023: Structural Information and Communication Complexity , 13892:576–94. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-32733-9_26.' ieee: 'S. Schmid, J. Svoboda, and M. X. Yeo, “Weighted packet selection for rechargeable links in cryptocurrency networks: Complexity and approximation,” in SIROCCO 2023: Structural Information and Communication Complexity , Alcala de Henares, Spain, 2023, vol. 13892, pp. 576–594.' ista: 'Schmid S, Svoboda J, Yeo MX. 2023. Weighted packet selection for rechargeable links in cryptocurrency networks: Complexity and approximation. SIROCCO 2023: Structural Information and Communication Complexity . SIROCCO: Structural Information and Communication Complexity, LNCS, vol. 13892, 576–594.' mla: 'Schmid, Stefan, et al. “Weighted Packet Selection for Rechargeable Links in Cryptocurrency Networks: Complexity and Approximation.” SIROCCO 2023: Structural Information and Communication Complexity , vol. 13892, Springer Nature, 2023, pp. 576–94, doi:10.1007/978-3-031-32733-9_26.' short: 'S. Schmid, J. Svoboda, M.X. Yeo, in:, SIROCCO 2023: Structural Information and Communication Complexity , Springer Nature, 2023, pp. 576–594.' conference: end_date: 2023-06-09 location: Alcala de Henares, Spain name: 'SIROCCO: Structural Information and Communication Complexity' start_date: 2023-06-06 date_created: 2023-07-16T22:01:12Z date_published: 2023-05-25T00:00:00Z date_updated: 2023-11-30T10:54:51Z day: '25' department: - _id: KrPi - _id: KrCh doi: 10.1007/978-3-031-32733-9_26 ec_funded: 1 external_id: arxiv: - '2204.13459' intvolume: ' 13892' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2204.13459 month: '05' oa: 1 oa_version: Preprint page: 576-594 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' publication: 'SIROCCO 2023: Structural Information and Communication Complexity ' publication_identifier: eissn: - 1611-3349 isbn: - '9783031327322' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '14506' relation: dissertation_contains status: public scopus_import: '1' status: public title: 'Weighted packet selection for rechargeable links in cryptocurrency networks: Complexity and approximation' type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13892 year: '2023' ... --- _id: '14693' abstract: - lang: eng text: "Lucas sequences are constant-recursive integer sequences with a long history of applications in cryptography, both in the design of cryptographic schemes and cryptanalysis. In this work, we study the sequential hardness of computing Lucas sequences over an RSA modulus.\r\nFirst, we show that modular Lucas sequences are at least as sequentially hard as the classical delay function given by iterated modular squaring proposed by Rivest, Shamir, and Wagner (MIT Tech. Rep. 1996) in the context of time-lock puzzles. Moreover, there is no obvious reduction in the other direction, which suggests that the assumption of sequential hardness of modular Lucas sequences is strictly weaker than that of iterated modular squaring. In other words, the sequential hardness of modular Lucas sequences might hold even in the case of an algorithmic improvement violating the sequential hardness of iterated modular squaring.\r\nSecond, we demonstrate the feasibility of constructing practically-efficient verifiable delay functions based on the sequential hardness of modular Lucas sequences. Our construction builds on the work of Pietrzak (ITCS 2019) by leveraging the intrinsic connection between the problem of computing modular Lucas sequences and exponentiation in an appropriate extension field." acknowledgement: "Home Theory of Cryptography Conference paper\r\n(Verifiable) Delay Functions from Lucas Sequences\r\nDownload book PDF\r\nDownload book EPUB\r\nSimilar content being viewed by others\r\n\r\nSlider with three content items shown per slide. Use the Previous and Next buttons to navigate the slides or the slide controller buttons at the end to navigate through each slide.\r\nPrevious slide\r\nGeneric-Group Delay Functions Require Hidden-Order Groups\r\nChapter© 2020\r\n\r\nShifted powers in Lucas–Lehmer sequences\r\nArticle30 January 2019\r\n\r\nA New Class of Trapdoor Verifiable Delay Functions\r\nChapter© 2023\r\n\r\nWeak Pseudoprimality Associated with the Generalized Lucas Sequences\r\nChapter© 2022\r\n\r\nOn the Security of Time-Lock Puzzles and Timed Commitments\r\nChapter© 2020\r\n\r\nGeneration of full cycles by a composition of NLFSRs\r\nArticle08 March 2014\r\n\r\nCryptographically Strong de Bruijn Sequences with Large Periods\r\nChapter© 2013\r\n\r\nOpen Problems on With-Carry Sequence Generators\r\nChapter© 2014\r\n\r\nGenerically Speeding-Up Repeated Squaring Is Equivalent to Factoring: Sharp Thresholds for All Generic-Ring Delay Functions\r\nChapter© 2020\r\n\r\nNext slide\r\nGo to slide 1\r\nGo to slide 2\r\nGo to slide 3\r\n(Verifiable) Delay Functions from Lucas Sequences\r\nCharlotte Hoffmann, Pavel Hubáček, Chethan Kamath & Tomáš Krňák \r\nConference paper\r\nFirst Online: 27 November 2023\r\n83 Accesses\r\n\r\nPart of the Lecture Notes in Computer Science book series (LNCS,volume 14372)\r\n\r\nAbstract\r\nLucas sequences are constant-recursive integer sequences with a long history of applications in cryptography, both in the design of cryptographic schemes and cryptanalysis. In this work, we study the sequential hardness of computing Lucas sequences over an RSA modulus.\r\n\r\nFirst, we show that modular Lucas sequences are at least as sequentially hard as the classical delay function given by iterated modular squaring proposed by Rivest, Shamir, and Wagner (MIT Tech. Rep. 1996) in the context of time-lock puzzles. Moreover, there is no obvious reduction in the other direction, which suggests that the assumption of sequential hardness of modular Lucas sequences is strictly weaker than that of iterated modular squaring. In other words, the sequential hardness of modular Lucas sequences might hold even in the case of an algorithmic improvement violating the sequential hardness of iterated modular squaring.\r\n\r\nSecond, we demonstrate the feasibility of constructing practically-efficient verifiable delay functions based on the sequential hardness of modular Lucas sequences. Our construction builds on the work of Pietrzak (ITCS 2019) by leveraging the intrinsic connection between the problem of computing modular Lucas sequences and exponentiation in an appropriate extension field.\r\n\r\nKeywords\r\nDelay functions\r\nVerifiable delay functions\r\nLucas sequences\r\nDownload conference paper PDF\r\n\r\n1 Introduction\r\nA verifiable delay function (VDF) \r\n is a function that satisfies two properties. First, it is a delay function, which means it must take a prescribed (wall) time T to compute f, irrespective of the amount of parallelism available. Second, it should be possible for anyone to quickly verify – say, given a short proof \r\n – the value of the function (even without resorting to parallelism), where by quickly we mean that the verification time should be independent of or significantly smaller than T (e.g., logarithmic in T). If we drop either of the two requirements, then the primitive turns out trivial to construct. For instance, for an appropriately chosen hash function h, the delay function \r\n defined by T-times iterated hashing of the input is a natural heuristic for an inherently sequential task which, however, seems hard to verify more efficiently than by recomputing. On the other hand, the identity function \r\n is trivial to verify but also easily computable. Designing a simple function satisfying the two properties simultaneously proved to be a nontrivial task.\r\n\r\nThe notion of VDFs was introduced in [31] and later formalised in [9]. In principle, since the task of constructing a VDF reduces to the task of incrementally-verifiable computation [9, 53], constructions of VDFs could leverage succinct non-interactive arguments of knowledge (SNARKs): take any sequentially-hard function f (for instance, iterated hashing) as the delay function and then use the SNARK on top of it as the mechanism for verifying the computation of the delay function. However, as discussed in [9], the resulting construction is not quite practical since we would rely on a general-purpose machinery of SNARKs with significant overhead.\r\n\r\nEfficient VDFs via Algebraic Delay Functions. VDFs have recently found interesting applications in design of blockchains [17], randomness beacons [43, 51], proofs of data replication [9], or short-lived zero-knowledge proofs and signatures [3]. Since efficiency is an important factor there, this has resulted in a flurry of constructions of VDFs that are tailored with application and practicality in mind. They rely on more algebraic, structured delay functions that often involve iterating an atomic operation so that one can resort to custom proof systems to achieve verifiability. These constructions involve a range of algebraic settings like the RSA or class groups [5, 8, 25, 42, 55], permutation polynomials over finite fields [9], isogenies of elliptic curves [21, 52] and, very recently, lattices [15, 28]. The constructions in [42, 55] are arguably the most practical and the mechanism that underlies their delay function is the same: carry out iterated squaring in groups of unknown order, like RSA groups [47] or class groups [12]. What distinguishes these two proposals is the way verification is carried out, i.e., how the underlying “proof of exponentiation” works: while Pietrzak [42] resorts to an LFKN-style recursive proof system [35], Wesolowski [55] uses a clever linear decomposition of the exponent.\r\n\r\nIterated Modular Squaring and Sequentiality. The delay function that underlies the VDFs in [5, 25, 42, 55] is the same, and its security relies on the conjectured sequential hardness of iterated squaring in a group of unknown order (suggested in the context of time-lock puzzles by Rivest, Shamir, and Wagner [48]). Given that the practically efficient VDFs all rely on the above single delay function, an immediate open problem is to identify additional sources of sequential hardness that are structured enough to support practically efficient verifiability.\r\n\r\n1.1 Our Approach to (Verifiable) Delay Functions\r\nIn this work, we study an alternative source of sequential hardness in the algebraic setting and use it to construct efficient verifiable delay functions. The sequentiality of our delay function relies on an atomic operation that is related to the computation of so-called Lucas sequences [29, 34, 57], explained next.\r\n\r\nLucas Sequences. A Lucas sequence is a constant-recursive integer sequence that satisfies the recurrence relation\r\n\r\nfor integers P and Q.Footnote1 Specifically, the Lucas sequences of integers \r\n and \r\n of the first and second type (respectively) are defined recursively as\r\n\r\nwith \r\n, and\r\n\r\nwith \r\n.\r\n\r\nThese sequences can be alternatively defined by the characteristic polynomial \r\n. Specifically, given the discriminant \r\n of the characteristic polynomial, one can alternatively compute the above sequences by performing operations in the extension field\r\n\r\nusing the identities\r\n\r\nwhere \r\n and its conjugate \r\n are roots of the characteristic polynomial. Since conjugation and exponentiation commute in the extension field (i.e., \r\n), computing the i-th terms of the two Lucas sequences over integers reduces to computing \r\n in the extension field, and vice versa.\r\n\r\nThe intrinsic connection between computing the terms in the Lucas sequences and that of exponentiation in the extension has been leveraged to provide alternative instantiations of public-key encryption schemes like RSA and ElGamal in terms of Lucas sequences [7, 30]. However, as we explain later, the corresponding underlying computational hardness assumptions are not necessarily equivalent.\r\n\r\nOverview of Our Delay Function. The delay function in [5, 25, 42, 55] is defined as the iterated squaring base x in a (safe) RSA groupFootnote2 modulo N:\r\n\r\nOur delay function is its analogue in the setting of Lucas sequences:\r\n\r\nAs mentioned above, computing \r\n can be carried out equivalently in the extension field \r\n using the known relationship to roots of the characteristic polynomial of the Lucas sequence. Thus, the delay function can be alternatively defined as\r\n\r\nNote that the atomic operation of our delay function is “doubling” the index of an element of the Lucas sequence modulo N (i.e., \r\n) or, equivalently, squaring in the extension field \r\n (as opposed to squaring in \r\n). Using the representation of \r\n as \r\n, squaring in \r\n can be expressed as a combination of squaring, multiplication and addition modulo N, since\r\n\r\n(1)\r\nSince \r\n is a group of unknown order (provided the factorization of N is kept secret), iterated squaring remains hard here. In fact, we show in Sect. 3.2 that iterated squaring in \r\n is at least as hard as iterated squaring for RSA moduli N. Moreover, we conjecture in Conjecture 1 that it is, in fact, strictly harder (also see discussion below on advantages of our approach).\r\n\r\nVerifying Modular Lucas Sequence. To obtain a VDF, we need to show how to efficiently verify our delay function. To this end, we show how to adapt the interactive proof of exponentiation from [42] to our setting, which then – via the Fiat-Shamir Transform [22] – yields the non-interactive verification algorithm.Footnote3 Thus, our main result is stated informally below.\r\n\r\nTheorem 1\r\n(Informally stated, see Theorem 2). Assuming sequential hardness of modular Lucas sequence, there exists statistically-sound VDF in the random-oracle model.\r\n\r\nHowever, the modification of Pietrzak’s protocol is not trivial and we have to overcome several hurdles that we face in this task, which we elaborate on in Sect. 1.2. We conclude this section with discussions about our results.\r\n\r\nAdvantage of Our Approach. Our main advantage is the reliance on a potentially weaker (sequential) hardness assumption while maintaining efficiency: we show in Sect. 3.2 that modular Lucas sequences are at least as sequentially-hard as the classical delay function given by iterated modular squaring [48]. Despite the linear recursive structure of Lucas sequences, there is no obvious reduction in the other direction, which suggests that the assumption of sequential hardness of modular Lucas sequences is strictly weaker than that of iterated modular squaring (Conjecture 1). In other words, the sequential hardness of modular Lucas sequences might hold even in the case of an algorithmic improvement violating the sequential hardness of iterated modular squaring. Even though both assumptions need the group order to be hidden, we believe that there is need for a nuanced analysis of sequential hardness assumptions in hidden order groups, especially because all current delay functions that provide sufficient structure for applications are based on iterated modular squaring. If the iterated modular squaring assumption is broken, our delay function is currently the only practical alternative in the RSA group.\r\n\r\nDelay Functions in Idealised Models. Recent works studied the relationship of group-theoretic (verifiable) delay functions to the hardness of factoring in idealised models such as the algebraic group model and the generic ring model [27, 50]. In the generic ring model, Rotem and Segev [50] showed the equivalence of straight-line delay functions in the RSA setting and factoring. Our construction gives rise to a straight-line delay function and, by their result, its sequentiality is equivalent to factoring for generic algorithms. However, their result holds only in the generic ring model and leaves the relationship between the two assumptions unresolved in the standard model.\r\n\r\nCompare this with the status of the RSA assumption and factoring. On one hand, we know that in the generic ring model, RSA and factoring are equivalent [2]. Yet, it is possible to rule out certain classes of reductions from factoring to RSA in the standard model [11]. Most importantly, despite the equivalence in the generic ring model, there is currently no reduction from factoring to RSA in the standard model and it remains one of the major open problems in number theory related to cryptography since the introduction of the RSA assumption.\r\n\r\nIn summary, speeding up iterated squaring by a non-generic algorithm could be possible (necessarily exploiting the representations of ring elements modulo N), while such an algorithm may not lead to a speed-up in the computation of modular Lucas sequences despite the result of Rotem and Segev [50].\r\n\r\n1.2 Technical Overview\r\nPietrzak’s VDF. Let \r\n be an RSA modulus where p and q are safe primes and let x be a random element from \r\n. At its core, Pietrzak’s VDF relies on the interactive protocol for the statement\r\n\r\n“(N, x, y, T) satisfies \r\n”.\r\n\r\nThe protocol is recursive and, in a round-by-round fashion, reduces the claim to a smaller statement by halving the time parameter. To be precise, in each round, the (honest) prover sends the “midpoint” \r\n of the current statement to the verifier and they together reduce the statement to\r\n\r\n“\r\n satisfies \r\n”,\r\n\r\nwhere \r\n and \r\n for a random challenge r. This is continued till \r\n is obtained at which point the verifier simply checks whether \r\n using a single modular squaring.\r\n\r\nSince the challenges r are public, the protocol can be compiled into a non-interactive one using the Fiat-Shamir transform [22] and this yields a means to verify the delay function\r\n\r\nIt is worth pointing out that the choice of safe primes is crucial for proving soundness: in case the group has easy-to-find elements of small order then it becomes easy to break soundness (see, e.g., [10]).\r\n\r\nAdapting Pietrzak’s Protocol to Lucas Sequences. For a modulus \r\n and integers \r\n, recall that our delay function is defined as\r\n\r\nor equivalently\r\n\r\nfor the discriminant \r\n of the characteristic polynomial \r\n. Towards building a verification algorithm for this delay function, the natural first step is to design an interactive protocol for the statement\r\n\r\n“(N, P, Q, y, T) satisfies \r\n.”\r\n\r\nIt turns out that the interactive protocol from [42] can be adapted for this purpose. However, we encounter two technicalities in this process.\r\n\r\nDealing with elements of small order. The main problem that we face while designing our protocol is avoiding elements of small order. In the case of [42], this was accomplished by moving to the setting of signed quadratic residues [26] in which the sub-groups are all of large order. It is not clear whether a corresponding object exists for our algebraic setting. However, in an earlier draft of Pietrzak’s protocol [41], this problem was dealt with in a different manner: the prover sends a square root of \r\n, from which the original \r\n can be recovered easily (by squaring it) with a guarantee that the result lies in a group of quadratic residues \r\n. Notice that the prover knows the square root of \r\n, because it is just a previous term in the sequence he computed.\r\n\r\nIn our setting, we cannot simply ask for the square root of the midpoint as the subgroup of \r\n we effectively work in has a different structure. Nevertheless, we can use a similar approach: for an appropriately chosen small a, we provide an a-th root of \r\n (instead of \r\n itself) to the prover in the beginning of the protocol. The prover then computes the whole sequence for \r\n. In the end, he has the a-th root of every term of the original sequence and he can recover any element of the original sequence by raising to the a-th power.\r\n\r\nSampling strong modulus. The second technicality is related to the first one. In order to ensure that we can use the above trick, we require a modulus where the small subgroups are reasonably small not only in the group \r\n but also in the extension \r\n. Thus the traditional sampling algorithms that are used to sample strong primes (e.g., [46]) are not sufficient for our purposes. However, sampling strong primes that suit our criteria can still be carried out efficiently as we show in the full version.\r\n\r\nComparing Our Technique with [8, 25]. The VDFs in [8, 25] are also inspired by [42] and, hence, faced the same problem of low-order elements. In [8], this is dealt with by amplifying the soundness at the cost of parallel repetition and hence larger proofs and extra computation. In [25], the number of repetitions of [8] is reduced significantly by introducing the following technique: The exponent of the initial instance is reduced by some parameter \r\n and at the end of an interactive phase, the verifier performs final exponentiation with \r\n, thereby weeding out potential false low-order elements in the claim. This technique differs from the approach taken in our work in the following ways: The technique from [25] works in arbitrary groups but it requires the parameter \r\n to be large and of a specific form. In particular, the VDF becomes more efficient when \r\n is larger than \r\n. In our protocol, we work in RSA groups whose modulus is the product of primes that satisfy certain conditions depending on a. This enables us to choose a parameter a that is smaller than a statistical security parameter and thereby makes the final exponentiation performed by the verifier much more efficient. Further, a can be any natural number, while \r\n must be set as powers of all small prime numbers up a certain bound in [25].\r\n\r\n1.3 More Related Work\r\nTimed Primitives. The notion of VDFs was introduced in [31] and later formalised in [9]. VDFs are closely related to the notions of time-lock puzzles [48] and proofs of sequential work [36]. Roughly speaking, a time-lock puzzle is a delay function that additionally allows efficient sampling of the output via a trapdoor. A proof of sequential work, on the other hand, is a delay “multi-function”, in the sense that the output is not necessarily unique. Constructions of time-lock puzzles are rare [6, 38, 48], and there are known limitations: e.g., that it cannot exist in the random-oracle model [36]. However, we know how to construct proofs of sequential work in the random-oracle model [1, 16, 19, 36].\r\n\r\nSince VDFs have found several applications, e.g., in the design of resource-efficient blockchains [17], randomness beacons [43, 51] and proof of data replication [9], there have been several constructions. Among them, the most notable are the iterated-squaring based construction from [8, 25, 42, 55], the permutation-polynomial based construction from [9], the isogenies-based construction from [13, 21, 52] and the construction from lattice problems [15, 28]. The constructions in [42, 55] are quite practical (see the survey [10]) and the VDF deployed in the cryptocurrency Chia is basically their construction adapted to the algebraic setting of class groups [17]. This is arguably the closest work to ours. On the other hand, the constructions from [21, 52], which work in the algebraic setting of isogenies of elliptic curves where no analogue of square and multiply is known, simply rely on “exponentiation”. Although, these constructions provide a certain form of quantum resistance, they are presently far from efficient. Freitag et al. [23] constructed VDFs from any sequentially hard function and polynomial hardness of learning with errors, the first from standard assumptions. The works of Cini, Lai, and Malavolta [15, 28] constructed the first VDF from lattice-based assumptions and conjectured it to be post-quantum secure.\r\n\r\nSeveral variants of VDFs have also been proposed. A VDF is said to be unique if the proof that is used for verification is unique [42]. Recently, Choudhuri et al. [5] constructed unique VDFs from the sequential hardness of iterated squaring in any RSA group and polynomial hardness of LWE. A VDF is tight [18] if the gap between simply computing the function and computing it with a proof is small. Yet another extension is a continuous VDF [20]. The feasibility of time-lock puzzles and proofs of sequential works were recently extended to VDFs. It was shown [50] that the latter requirement, i.e., working in a group of unknown order, is inherent in a black-box sense. It was shown in [18, 37] that there are barriers to constructing tight VDFs in the random-oracle model.\r\n\r\nVDFs also have surprising connection to complexity theory [14, 20, 33].\r\n\r\nWork Related to Lucas Sequences. Lucas sequences have long been studied in the context of number theory: see for example [45] or [44] for a survey of its applications to number theory. Its earliest application to cryptography can be traced to the \r\n factoring algorithm [56]. Constructive applications were found later thanks to the parallels with exponentiation. Several encryption and signature schemes were proposed, most notably the LUC family of encryption and signatures [30, 39]. It was later shown that some of these schemes can be broken or that the advantages it claimed were not present [7]. Other applications can be found in [32].\r\n\r\n2 Preliminaries\r\n2.1 Interactive Proof Systems\r\nInteractive Protocols. An interactive protocol consists of a pair \r\n of interactive Turing machines that are run on a common input \r\n. The first machine \r\n is the prover and is computationally unbounded. The second machine \r\n is the verifier and is probabilistic polynomial-time.\r\n\r\nIn an \r\n-round (i.e., \r\n-message) interactive protocol, in each round \r\n, first \r\n sends a message \r\n to \r\n and then \r\n sends a message \r\n to \r\n, where \r\n is a finite alphabet. At the end of the interaction, \r\n runs a (deterministic) Turing machine on input \r\n. The interactive protocol is public-coin if \r\n is a uniformly distributed random string in \r\n.\r\n\r\nInteractive Proof Systems. The notion of an interactive proof for a language L is due to Goldwasser, Micali and Rackoff [24].\r\n\r\nDefinition 1\r\nFor a function \r\n, an interactive protocol \r\n is an \r\n-statistically-sound interactive proof system for L if:\r\n\r\nCompleteness: For every \r\n, if \r\n interacts with \r\n on common input \r\n, then \r\n accepts with probability 1.\r\n\r\nSoundness: For every \r\n and every (computationally-unbounded) cheating prover strategy \r\n, the verifier \r\n accepts when interacting with \r\n with probability less than \r\n, where \r\n is called the soundness error.\r\n\r\n2.2 Verifiable Delay Functions\r\nWe adapt the definition of verifiable delay functions from [9] but we decouple the verifiability and sequentiality properties for clarity of exposition of our results. First, we present the definition of a delay function.\r\n\r\nDefinition 2\r\nA delay function \r\n consists of a triple of algorithms with the following syntax:\r\n\r\n:\r\n\r\nOn input a security parameter \r\n, the algorithm \r\n outputs public parameters \r\n.\r\n\r\n:\r\n\r\nOn input public parameters \r\n and a time parameter \r\n, the algorithm \r\n outputs a challenge x.\r\n\r\n:\r\n\r\nOn input a challenge pair (x, T), the (deterministic) algorithm \r\n outputs the value y of the delay function in time T.\r\n\r\nThe security property required of a delay function is sequential hardness as defined below.\r\n\r\nDefinition 3\r\n(Sequentiality). We say that a delay function \r\n satisfies the sequentiality property, if there exists an \r\n such that for all \r\n and for every adversary \r\n, where \r\n uses \r\n processors and runs in time \r\n, there exists a negligible function \r\n such that\r\n\r\nfigure a\r\nA few remarks about our definition of sequentiality are in order:\r\n\r\n1.\r\nWe require computing \r\n to be hard in less than T sequential steps even using any polynomially-bounded amount of parallelism and precomputation. Note that it is necessary to bound the amount of parallelism, as an adversary could otherwise break the underlying hardness assumption (e.g. hardness of factorization). Analogously, T should be polynomial in \r\n as, otherwise, breaking the underlying hardness assumptions becomes easier than computing \r\n itself for large values of T.\r\n\r\n2.\r\nAnother issue is what bound on the number of sequential steps of the adversary should one impose. For example, the delay function based on T repeated modular squarings can be computed in sequential time \r\n using polynomial parallelism [4]. Thus, one cannot simply bound the sequential time of the adversary by o(T). Similarly to [38], we adapt the \r\n bound for \r\n which, in particular, is asymptotically smaller than \r\n.\r\n\r\n3.\r\nWithout loss of generality, we assume that the size of \r\n is at least linear in n and the adversary A does not have to get the unary representation of the security parameter \r\n as its input.\r\n\r\nThe definition of verifiable delay function extends a delay function with the possibility to compute publicly-verifiable proofs of correctness of the output value.\r\n\r\nDefinition 4\r\nA delay function \r\n is a verifiable delay function if it is equipped with two additional algorithms \r\n and \r\n with the following syntax:\r\n\r\n:\r\n\r\nOn input public parameters and a challenge pair (x, T), the \r\n algorithm outputs \r\n, where \r\n is a proof that the output y is the output of \r\n.\r\n\r\n:\r\n\r\nOn input public parameters, a challenge pair (x, T), and an output/proof pair \r\n, the (deterministic) algorithm \r\n outputs either \r\n or \r\n.\r\n\r\nIn addition to sequentiality (inherited from the underlying delay function), the \r\n and \r\n algorithms must together satisfy correctness and (statistical) soundness as defined below.\r\n\r\nDefinition 5\r\n(Correctness). A verifiable delay function \r\n is correct if for all \r\n\r\nfigure b\r\nDefinition 6\r\n(Statistical soundness). A verifiable delay function \r\n is statistically sound if for every (computationally unbounded) malicious prover \r\n there exists a negligible function \r\n such that for all \r\n\r\nfigure c\r\n3 Delay Functions from Lucas Sequences\r\nIn this section, we propose a delay function based on Lucas sequences and prove its sequentiality assuming that iterated squaring in a group of unknown order is sequential (Sect. 3.1). Further, we conjecture (Sect. 3.2) that our delay function candidate is even more robust than its predecessor proposed by Rivest, Shamir, and Wagner [48]. Finally, we turn our delay function candidate into a verifiable delay function (Sect. 4).\r\n\r\n3.1 The Atomic Operation\r\nOur delay function is based on subsequences of Lucas sequences, whose indexes are powers of two. Below, we use \r\n to denote the set of non-negative integers.\r\n\r\nDefinition 7\r\nFor integers \r\n, the Lucas sequences \r\n and \r\n are defined for all \r\n as\r\n\r\nwith \r\n and \r\n, and\r\n\r\nwith \r\n and \r\n.\r\n\r\nWe define subsequences \r\n, respectively \r\n, of \r\n, respectively \r\n for all \r\n as\r\n\r\n(2)\r\nAlthough the value of \r\n depends on parameters (P, Q), we omit (P, Q) from the notation because these parameters will be always obvious from the context.\r\n\r\nThe underlying atomic operation for our delay function is\r\n\r\nThere are several ways to compute \r\n in T sequential steps, and we describe two of them below.\r\n\r\nAn Approach Based on Squaring in a Suitable Extension Ring. To compute the value \r\n, we can use the extension ring \r\n, where \r\n is the discriminant of the characteristic polynomial \r\n of the Lucas sequence. The characteristic polynomial f(z) has a root \r\n, and it is known that, for all \r\n, it holds that\r\n\r\nThus, by iterated squaring of \r\n, we can compute terms of our target subsequences. To get a better understanding of squaring in the extension ring, consider the representation of the root \r\n for some \r\n. Then,\r\n\r\nThen, the atomic operation of our delay function can be interpreted as \r\n, defined for all \r\n as\r\n\r\n(3)\r\nAn Approach Based on Known Identities. Many useful identities for members of modular Lucas sequences are known, such as\r\n\r\n(4)\r\nSetting \r\n we get\r\n\r\n(5)\r\nThe above identities are not hard to derive (see, e.g., Lemma 12.5 in [40]). Indexes are doubled on each of application of the identities in Eq. (5), and, thus, for \r\n, we define an auxiliary sequence \r\n by \r\n. Using the identities in Eq. (5), we get recursive equations\r\n\r\n(6)\r\nThen, the atomic operation of our delay function can be interpreted as \r\n, defined for all \r\n as\r\n\r\n(7)\r\nAfter a closer inspection, the reader may have an intuition that an auxiliary sequence \r\n, which introduces a third state variable, is redundant. This intuition is indeed right. In fact, there is another easily derivable identity\r\n\r\n(8)\r\nwhich can be found, e.g., as Lemma 12.2 in [40]. On the other hand, Eq. (8) is quite interesting because it allows us to compute large powers of an element \r\n using two Lucas sequences. We use this fact in the security reduction in Sect. 3.2. Our construction of a delay function, denoted \r\n, is given in Fig. 1.\r\n\r\nFig. 1.\r\nfigure 1\r\nOur delay function candidate \r\n based on a modular Lucas sequence.\r\n\r\nFull size image\r\nOn the Discriminant D. Notice that whenever D is a quadratic residue modulo N, the value \r\n is an element of \r\n and hence \r\n. By definition, LCS.Gen generates a parameter D that is a quadratic residue with probability 1/4, so it might seem that in one fourth of the cases there is another approach to compute \r\n: find the element \r\n and then perform n sequential squarings in the group \r\n. However, it is well known that finding square roots of uniform elements in \r\n is equivalent to factoring the modulus N, so this approach is not feasible. We can therefore omit any restrictions on the discriminant D in the definition of our delay function LCS.\r\n\r\n3.2 Reduction from RSW Delay Function\r\nIn order to prove the sequentiality property (Definition 3) of our candidate \r\n, we rely on the standard conjecture of the sequentiality of the \r\n time-lock puzzles, implicitly stated in [48] as the underlying hardness assumption.\r\n\r\nDefinition 8\r\n(\r\n delay function). The \r\n delay function is defined as follows:\r\n\r\n: Samples two n-bit primes p and q and outputs \r\n.\r\n\r\n: Outputs an x sampled from the uniform distribution on \r\n.\r\n\r\n: Outputs \r\n.\r\n\r\nTheorem 2\r\nIf the \r\n delay function has the sequentiality property, then the \r\n delay function has the sequentiality property.\r\n\r\nProof\r\nSuppose there exists an adversary \r\n who contradicts the sequentiality of \r\n, where \r\n is a precomputation algorithm and \r\n is an online algorithm. We construct an adversary \r\n who contradicts the sequentiality of \r\n as follows:\r\n\r\nThe algorithm \r\n is defined identically to the algorithm \r\n.\r\n\r\nOn input \r\n, \r\n picks a P from the uniform distribution on \r\n, sets\r\n\r\nand it runs \r\n to compute \r\n. The algorithm \r\n computes \r\n using the identity in Eq. (8).\r\n\r\nNote that the input distribution for the algorithm \r\n produced by \r\n differs from the one produced by \r\n, because the \r\n generator samples Q from the uniform distribution on \r\n (instead of \r\n). However, this is not a problem since the size of \r\n is negligible compared to the size of \r\n, so the statistical distance between the distribution of D produced by \r\n and the distribution of D sampled by \r\n is negligible in the security parameter. Thus, except for a negligible multiplicative loss, the adversary \r\n attains the same success probability of breaking the sequentiality of \r\n as the probability of \r\n breaking the sequentiality of \r\n – a contradiction to the assumption of the theorem. \r\n\r\nWe believe that the converse implication to Theorem 2 is not true, i.e., that breaking the sequentiality of \r\n does not necessarily imply breaking the sequentiality of \r\n. Below, we state it as a conjecture.\r\n\r\nConjecture 1\r\nSequentiality of \r\n cannot be reduced to sequentiality of \r\n.\r\n\r\nOne reason why the above conjecture might be true is that, while the \r\n delay function is based solely only on multiplication in the group \r\n, our \r\n delay function uses the full arithmetic (addition and multiplication) of the commutative ring \r\n.\r\n\r\nOne way to support the conjecture would be to construct an algorithm that speeds up iterated squaring but is not immediately applicable to Lucas sequences. By [49] we know that this cannot be achieved by a generic algorithm. A non-generic algorithm that solves iterated squaring in time \r\n is presented in [4]. The main tool of their construction is the Explicit Chinese Remainder Theorem modulo N. However, a similiar theorem exists also for univariate polynomial rings, which suggests that a similar speed-up can be obtained for our delay function by adapting the techniques in [4] to our setting.\r\n\r\n4 VDF from Lucas Sequences\r\nIn Sect. 3.1 we saw different ways of computing the atomic operation of the delay function. Computing \r\n in the extension field seems to be the more natural and time and space effective approach. Furthermore, writing the atomic operation \r\n as \r\n is very clear, and, thus, we follow this approach throughout the rest of the paper.\r\n\r\n4.1 Structure of \r\nTo construct a VDF based on Lucas sequences, we use an algebraic extension\r\n\r\n(9)\r\nwhere N is an RSA modulus and \r\n. In this section, we describe the structure of the algebraic extension given in Expression (9). Based on our understanding of the structure of the above algebraic extension, we can conclude that using modulus N composed of safe primes (i.e., for all prime factors p of N, \r\n has a large prime divisor) is necessary but not sufficient condition for security of our construction. We specify some sufficient conditions on factors of N in the subsequent Sect. 4.2.\r\n\r\nFirst, we introduce some simplifying notation for quotient rings.\r\n\r\nDefinition 9\r\nFor \r\n and \r\n, we denote by \r\n the quotient ring \r\n, where (m, f(x)) denotes the ideal of the ring \r\n generated by m and f(x).\r\n\r\nObservation 1, below, allows us to restrict our analysis only to the structure of \r\n for prime \r\n.\r\n\r\nObservation 1\r\nLet \r\n be distinct primes, \r\n and \r\n. Then\r\n\r\nProof\r\nUsing the Chinese reminder theorem, we get\r\n\r\nas claimed. \r\n\r\nThe following lemma characterizes the structure of \r\n with respect to the discriminant of f. We use \r\n to denote the standard Legendre symbol.\r\n\r\nLemma 1\r\nLet \r\n and \r\n be a polynomial of degree 2 with the discriminant D. Then\r\n\r\nProof\r\nWe consider each case separately:\r\n\r\nIf \r\n, then f(x) is irreducible over \r\n and \r\n is a field with \r\n elements. Since \r\n is a finite field, \r\n is cyclic and contains \r\n elements.\r\n\r\nIf \r\n, then \r\n and f has some double root \r\n and it can be written as \r\n for some \r\n. Since the ring \r\n is isomorphic to the ring \r\n (consider the isomorphism \r\n), we can restrict ourselves to describing the structure of \r\n.\r\n\r\nWe will prove that the function \r\n,\r\n\r\nis an isomorphism. First, the polynomial \r\n is invertible if and only if \r\n (inverse is \r\n). For the choice \r\n, we have\r\n\r\nThus \r\n is onto. Second, \r\n is, in fact, a bijection, because\r\n\r\n(10)\r\nFinally, \r\n is a homomorphism, because\r\n\r\nIf \r\n, then f(x) has two roots \r\n. We have an isomorphism\r\n\r\nand \r\n. \r\n\r\n4.2 Strong Groups and Strong Primes\r\nTo achieve the verifiability property of our construction, we need \r\n to contain a strong subgroup (defined next) of order asymptotically linear in p. We remark that our definition of strong primes is stronger than the one by Rivest and Silverman [46].\r\n\r\nDefinition 10\r\n(Strong groups). For \r\n, we say that a non-trivial group \r\n is \r\n-strong, if the order of each non-trivial subgroup of \r\n is greater than \r\n.\r\n\r\nObservation 2\r\nIf \r\n and \r\n are \r\n-strong groups, then \r\n is a \r\n-strong group.\r\n\r\nIt can be seen from Lemma 1 that \r\n always contains groups of small order (e.g. \r\n). To avoid these, we descend into the subgroup of a-th powers of elements of \r\n. Below, we introduce the corresponding notation.\r\n\r\nDefinition 11\r\nFor an Abelian group \r\n and \r\n, we define the subgroup \r\n of \r\n in the multiplicative notation and \r\n in the additive notation.\r\n\r\nFurther, we show in Lemma 2 below that \r\n-strong primality (defined next) is a sufficient condition for \r\n to be a \r\n-strong group.\r\n\r\nDefinition 12\r\n(Strong primes). Let \r\n and \r\n. We say that p is a \r\n-strong prime, if \r\n and there exists \r\n, \r\n, such that \r\n and every prime factor of W is greater than \r\n.\r\n\r\nSince a is a public parameter in our setup, super-polynomial a could reveal partial information about the factorization of N. However, we could allow a to be polynomial in \r\n while maintaining hardness of factoring N.Footnote4 For the sake of simplicity of Definition 12, we rather use stronger condition \r\n. The following simple observation will be useful for proving Lemma 2.\r\n\r\nObservation 3\r\nFor \r\n.\r\n\r\nLemma 2\r\nLet p be a \r\n-strong prime and \r\n be a quadratic polynomial. Then, \r\n is a \r\n-strong group.\r\n\r\nProof\r\nFrom definition of the strong primes, there exists \r\n, whose factors are bigger than \r\n and \r\n. We denote \r\n a factor of W. Applying Observation 3 to Lemma 1, we get\r\n\r\nIn particular, we used above the fact that Observation 2 implies that \r\n as explained next. Since \r\n, all divisors of \r\n are divisors of aW. By definition of a and W in Definition 12, we also have that \r\n, which implies that any factor of \r\n divides either a or W, but not both. When we divide \r\n by all the common divisors with a, only the common divisors with W are left, which implies \r\n. The proof of the lemma is now completed by Observation 2.\r\n\r\nCorollary 1\r\nLet p be a \r\n-strong prime, q be a \r\n-strong prime, \r\n, \r\n, \r\n and \r\n. Then \r\n is \r\n-strong.\r\n\r\n4.3 Our Interactive Protocol\r\nOur interactive protocol is formally described in Fig. 3. To understand this protocol, we first recall the outline of Pietrzak’s interactive protocol from Sect. 1.2 and then highlight the hurdles. Let \r\n be an RSA modulus where p and q are strong primes and let x be a random element from \r\n. The interactive protocol in [42] allows a prover to convince the verifier of the statement\r\n\r\n“(N, x, y, T) satisfies \r\n”.\r\n\r\nThe protocol is recursive and in a round-by-round fashion reduces the claim to a smaller statement by halving the time parameter. To be precise, in each round the (honest) prover sends the “midpoint” \r\n of the current statement to the verifier and they together reduce the statement to\r\n\r\n“\r\n satisfies \r\n”,\r\n\r\nwhere \r\n and \r\n for a random challenge r. This is continued until \r\n is obtained at which point the verifier simply checks whether \r\n.\r\n\r\nThe main problem, we face while designing our protocol is ensuring that the verifier can check whether \r\n sent by prover lies in an appropriate subgroup of \r\n. In the first draft of Pietrzak’s protocol [41], prover sends a square root of \r\n, from which the original \r\n can be recovered easily (by simply squaring it) with a guarantee, that the result lies in a group of quadratic residues \r\n. Notice that the prover knows the square root of \r\n, because it is just a previous term in the sequence he computed.\r\n\r\nUsing Pietrzak’s protocol directly for our delay function would require computing a-th roots in RSA group for some arbitrary a. Since this is a computationally hard problem, we cannot use the same trick. In fact, the VDF construction of Wesolowski [54] is based on similar hardness assumption.\r\n\r\nWhile Pietrzak shifted from \r\n to the group of signed quadratic residues \r\n in his following paper [42] to get unique proofs, we resort to his old idea of ‘squaring a square root’ and generalise it.\r\n\r\nThe high level idea is simple. First, on input \r\n, prover computes the sequence \r\n. Next, during the protocol, verifier maps all elements sent by the prover by homomorphism\r\n\r\n(11)\r\ninto the target strong group \r\n. This process is illustrated in Fig. 2. Notice that the equality \r\n for the original sequence implies the equality \r\n for the mapped sequence \r\n.\r\n\r\nFig. 2.\r\nfigure 2\r\nIllustration of our computation of the iterated squaring using the a-th root of \r\n. Horizontal arrows are \r\n and diagonal arrows are \r\n.\r\n\r\nFull size image\r\nRestriction to Elements of \r\n. Mapping Eq. (11) introduces a new technical difficulty. Since \r\n is not injective, we narrow the domain inputs, for which the output of our VDF is verifiable, from \r\n to \r\n. Furthermore, the only way to verify that a certain x is an element of \r\n is to get an a-th root of x and raise it to the ath power. So we have to represent elements of \r\n by elements of \r\n anyway. To resolve these two issues, we introduce a non-unique representation of elements of \r\n.\r\n\r\nDefinition 13\r\nFor \r\n and \r\n, we denote \r\n (an element of \r\n) by [x]. Since this representation of \r\n is not unique, we define an equality relation by\r\n\r\nWe will denote by tilde () the elements that were already powered to the a by a verifier (i.e. ). Thus tilded variables verifiably belong to the target group \r\n.\r\n\r\nIn the following text, the goal of the brackets notation in Definition 13 is to distinguish places where the equality means the equality of elements of \r\n from those places, where the equality holds up to \r\n. A reader can also see the notation in Definition 13 as a concrete representation of elements of a factor group \r\n.\r\n\r\nOur security reduction 2 required the delay function to operate everywhere on \r\n. This is not a problem if the \r\n algorithm is modified to output the set \r\n.\r\n\r\nFig. 3.\r\nfigure 3\r\nOur Interactive Protocol for \r\n.\r\n\r\nFull size image\r\n4.4 Security\r\nRecall here that \r\n is \r\n-strong group, so there exist\r\n\r\n and \r\n such that\r\n\r\n(12)\r\nDefinition 14\r\nFor \r\n and \r\n, we define \r\n as i-th coordinate of \r\n, where \r\n is the isomorphism given by Eq. (12).\r\n\r\nLemma 3\r\nLet \r\n and \r\n. If \r\n, then\r\n\r\n\t(13)\r\nProof\r\nFix \r\n, \r\n and y. Let some \r\n satisfy\r\n\r\n(14)\r\nUsing notation from Definition 14, we rewrite Eq. (14) as a set of equations\r\n\r\nFor every \r\n, by reordering the terms, the j-th equation becomes\r\n\r\n(15)\r\nIf \r\n, then \r\n. Further for every \r\n. It follows that \r\n. Putting these two equations together gives us \r\n, which contradicts our assumption \r\n.\r\n\r\nIt follows that there exists \r\n such that\r\n\r\n(16)\r\nThereafter there exists \r\n such that \r\n divides \r\n and\r\n\r\n(17)\r\nFurthermore, from Eq. (15), \r\n divides \r\n. Finally, dividing eq. Eq. (15) by \r\n, we get that r is determined uniquely (\r\n),\r\n\r\nUsing the fact that \r\n, this uniqueness of r upper bounds number of \r\n, such that Eq. (14) holds, to one. It follows that the probability that Eq. (14) holds for r chosen randomly from the uniform distribution over \r\n is less than \r\n. \r\n\r\nCorollary 2\r\nThe halving protocol will turn an invalid input tuple (i.e. \r\n) into a valid output tuple (i.e. \r\n) with probability less than \r\n.\r\n\r\nTheorem 3\r\nFor any computationally unbounded prover who submits anything other than \r\n such that \r\n in phase 2 of the protocol, the soundness error is upper-bounded by \r\n\r\nProof\r\nIn each round of the protocol, T decreases to \r\n. It follows that the number of rounds of the halving protocol before reaching \r\n is upper bounded by \r\n.\r\n\r\nIf the verifier accepts the solution tuple \r\n in the last round, then the equality \r\n must hold. It follows that the initial inequality must have turned into equality in some round of the halving protocol. By Lemma 3, the probability of this event is bounded by \r\n. Finally, using the union bound for all rounds, we obtain the upper bound (\r\n. \ \r\n\r\n4.5 Our VDF\r\nAnalogously to the VDF of Pietrzak [42], we compile our public-coin interactive proof given in Fig. 3 into a VDF using the Fiat-Shamir heuristic. The complete construction is given in Fig. 4. For ease of exposition, we assume that the time parameter T is always a power of two.\r\n\r\nFig. 4.\r\nfigure 4\r\n based on Lucas sequences\r\n\r\nFull size image\r\nAs discussed in Sect. 4.3, it is crucial for the security of the protocol that the prover computes a sequence of powers of the a-th root of the challenge and the resulting value (as well as the intermediate values) received from the prover is lifted to the appropriate group by raising it to the a-th power. We use the tilde notation in Fig. 4 in order to denote elements on the sequence relative to the a-th root.\r\n\r\nNote that, by the construction, the output of our VDF is the \r\n-th power of the root of the characteristic polynomial for Lucas sequence with parameters P and Q. Therefore, the value of the delay function implicitly corresponds to the \r\n-th term of the Lucas sequence.\r\n\r\nTheorem 4\r\nLet \r\n be the statistical security parameter. The \r\n VDF defined in Fig. 4 is correct and statistically-sound with a negligible soundness error if \r\n is modelled as a random oracle, against any adversary that makes \r\n oracle queries.\r\n\r\nProof\r\nThe correctness follows directly by construction.\r\n\r\nTo prove its statistical soundness, we proceed in a similar way to [42]. We cannot apply Fiat-Shamir transformation directly, because our protocol does not have constant number of rounds, thus we use Fiat-Shamir heuristic to each round separately.\r\n\r\nFirst, we use a random oracle as the \r\n function. Second, if a malicious prover computed a proof accepted by verifier for some tuple \r\n such that\r\n\r\n(19)\r\nthen he must have succeeded in turning inequality from Eq. (19) into equality in some round. By Lemma 3, probability of such a flipping is bounded by \r\n. Every such an attempt requires one query to random oracle. Using a union bound, it follows that the probability that a malicious prover who made q queries to random oracle succeeds in flipping initial inequality into equality in some round is upper-bounded by \r\n.\r\n\r\nSince q is \r\n, \r\n is a negligible function and thus the soundness error is negligible. \ \r\n\r\nNotes\r\n1.\r\nNote that integer sequences like Fibonacci numbers and Mersenne numbers are special cases of Lucas sequences.\r\n\r\n2.\r\nThe choice of modulus N is said to be safe if \r\n for safe primes \r\n and \r\n, where \r\n and \r\n are also prime.\r\n\r\n3.\r\nFurther, using the ideas from [14, 20], it is possible to construct so-called continuous VDFs from Lucas sequences.\r\n\r\n4.\r\nSince we set a to be at most polynomial in \r\n, its is possible to go over all possible candidate values for a in time polynomial in \r\n. Thus, any algorithm that could factor N using the knowledge of a can be efficiently simulated even without the knowledge of a.\r\n\r\nReferences\r\nAbusalah, H., Kamath, C., Klein, K., Pietrzak, K., Walter, M.: Reversible proofs of sequential work. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 277–291. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17656-3_10\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nAggarwal, D., Maurer, U.: Breaking RSA generically is equivalent to factoring. IEEE Trans. Inf. Theory 62(11), 6251–6259 (2016). https://doi.org/10.1109/TIT.2016.2594197\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nArun, A., Bonneau, J., Clark, J.: Short-lived zero-knowledge proofs and signatures. In: Agrawal, S., Lin, D. (eds.) Advances in Cryptology – ASIACRYPT 2022. Lecture Notes in Computer Science, vol. 13793, pp. 487–516. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22969-5_17\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nBernstein, D., Sorenson, J.: Modular exponentiation via the explicit Chinese remainder theorem. Math. Comput. 76, 443–454 (2007). https://doi.org/10.1090/S0025-5718-06-01849-7\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nBitansky, N., et al.: PPAD is as hard as LWE and iterated squaring. IACR Cryptol. ePrint Arch., p. 1072 (2022)\r\n\r\nGoogle Scholar\r\n \r\n\r\nBitansky, N., Goldwasser, S., Jain, A., Paneth, O., Vaikuntanathan, V., Waters, B.: Time-lock puzzles from randomized encodings. In: ITCS, pp. 345–356. ACM (2016)\r\n\r\nGoogle Scholar\r\n \r\n\r\nBleichenbacher, D., Bosma, W., Lenstra, A.K.: Some remarks on Lucas-based cryptosystems. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 386–396. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-44750-4_31\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nBlock, A.R., Holmgren, J., Rosen, A., Rothblum, R.D., Soni, P.: Time- and space-efficient arguments from groups of unknown order. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12828, pp. 123–152. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84259-8_5\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nBoneh, D., Bonneau, J., Bünz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 757–788. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96884-1_25\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nBoneh, D., Bünz, B., Fisch, B.: A survey of two verifiable delay functions. IACR Cryptol. ePrint Arch. 2018, 712 (2018)\r\n\r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nBoneh, D., Venkatesan, R.: Breaking RSA may not be equivalent to factoring. In: Nyberg, K. (ed.) Advances in Cryptology - EUROCRYPT ’98. Lecture Notes in Computer Science, vol. 1403, pp. 59–71. Springer, Cham (1998). https://doi.org/10.1007/BFb0054117\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nBuchmann, J., Williams, H.C.: A key-exchange system based on imaginary quadratic fields. J. Cryptol. 1(2), 107–118 (1988). https://doi.org/10.1007/BF02351719\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nChavez-Saab, J., Rodríguez-Henríquez, F., Tibouchi, M.: Verifiable Isogeny walks: towards an isogeny-based postquantum VDF. In: AlTawy, R., Hülsing, A. (eds.) SAC 2021. LNCS, vol. 13203, pp. 441–460. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99277-4_21\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nChoudhuri, A.R., Hubáček, P., Kamath, C., Pietrzak, K., Rosen, A., Rothblum, G.N.: PPAD-hardness via iterated squaring modulo a composite. IACR Cryptol. ePrint Arch. 2019, 667 (2019)\r\n\r\nGoogle Scholar\r\n \r\n\r\nCini, V., Lai, R.W.F., Malavolta, G.: Lattice-based succinct arguments from vanishing polynomials. In: Handschuh, H., Lysyanskaya, A. (eds.) Advances in Cryptology - CRYPTO 2023. Lecture Notes in Computer Science, pp. 72–105. Springer Nature Switzerland, Cham (2023). https://doi.org/10.1007/978-3-031-38545-2_3\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nCohen, B., Pietrzak, K.: Simple proofs of sequential work. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 451–467. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_15\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nCohen, B., Pietrzak, K.: The Chia network blockchain. Technical report, Chia Network (2019). https://www.chia.net/assets/ChiaGreenPaper.pdf. Accessed 29 July 2022\r\n\r\nDöttling, N., Garg, S., Malavolta, G., Vasudevan, P.N.: Tight verifiable delay functions. In: Galdi, C., Kolesnikov, V. (eds.) SCN 2020. LNCS, vol. 12238, pp. 65–84. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-57990-6_4\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nDöttling, N., Lai, R.W.F., Malavolta, G.: Incremental proofs of sequential work. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 292–323. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17656-3_11\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nEphraim, N., Freitag, C., Komargodski, I., Pass, R.: Continuous verifiable delay functions. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 125–154. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45727-3_5\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nDe Feo, L., Masson, S., Petit, C., Sanso, A.: Verifiable delay functions from supersingular isogenies and pairings. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11921, pp. 248–277. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34578-5_10\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nFiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nFreitag, C., Pass, R., Sirkin, N.: Parallelizable delegation from LWE. IACR Cryptol. ePrint Arch., p. 1025 (2022)\r\n\r\nGoogle Scholar\r\n \r\n\r\nGoldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nHoffmann, C., Hubáček, P., Kamath, C., Klein, K., Pietrzak, K.: Practical statistically sound proofs of exponentiation in any group. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology – CRYPTO 2022. Lecture Notes in Computer Science, vol. 13508, pp. 1–30. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15979-4_13\r\n\r\nCrossRef\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nHofheinz, D., Kiltz, E.: The group of signed quadratic residues and applications. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 637–653. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_37\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nKatz, J., Loss, J., Xu, J.: On the security of time-lock puzzles and timed commitments. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part III. LNCS, vol. 12552, pp. 390–413. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64381-2_14\r\n\r\nCrossRef\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nLai, R.W.F., Malavolta, G.: Lattice-based timed cryptography. In: Handschuh, H., Lysyanskaya, A. (eds.) Advances in Cryptology - CRYPTO 2023. Lecture Notes in Computer Science, pp. 782–804. Springer Nature Switzerland, Cham (2023). https://doi.org/10.1007/978-3-031-38554-4_25\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nLehmer, D.H.: An extended theory of Lucas’ functions. Ann. Math. 31(3), 419–448 (1930). https://www.jstor.org/stable/1968235\r\n\r\nLennon, M.J.J., Smith, P.J.: LUC: A new public key system. In: Douglas, E.G. (ed.) Ninth IFIP Symposium on Computer Security, pp. 103–117. Elsevier Science Publishers (1993)\r\n\r\nGoogle Scholar\r\n \r\n\r\nLenstra, A.K., Wesolowski, B.: Trustworthy public randomness with sloth, unicorn, and trx. IJACT 3(4), 330–343 (2017)\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nLipmaa, H.: On Diophantine complexity and statistical zero-knowledge arguments. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 398–415. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40061-5_26\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nLombardi, A., Vaikuntanathan, V.: Fiat-Shamir for repeated squaring with applications to PPAD-hardness and VDFs. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 632–651. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_22\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nLucas, E.: Théorie des fonctions numériques simplement périodiques. Am. J. Math. 1(4), 289–321 (1878). https://www.jstor.org/stable/2369373\r\n\r\nLund, C., Fortnow, L., Karloff, H.J., Nisan, N.: Algebraic methods for interactive proof systems. J. ACM 39(4), 859–868 (1992)\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nMahmoody, M., Moran, T., Vadhan, S.P.: Publicly verifiable proofs of sequential work. In: ITCS, pp. 373–388. ACM (2013)\r\n\r\nGoogle Scholar\r\n \r\n\r\nMahmoody, M., Smith, C., Wu, D.J.: A note on the (Im)possibility of verifiable delay functions in the random oracle model. IACR Cryptol. ePrint Arch. 2019, 663 (2019)\r\n\r\nGoogle Scholar\r\n \r\n\r\nMalavolta, G., Thyagarajan, S.A.K.: Homomorphic time-lock puzzles and applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 620–649. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_22\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nMüller, W.B., Nöbauer, W.: Some remarks on public-key cryptosystems. Studia Sci. Math. Hungar. 16, 71–76 (1981)\r\n\r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nBressoud, D.M.: Factorization and primality testing. Math. Comput. 56(193), 400 (1991)\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nPietrzak, K.: Simple verifiable delay functions. IACR Cryptol. ePrint Arch. 2018, 627 (2018). https://eprint.iacr.org/2018/627/20180720:081000\r\n\r\nPietrzak, K.: Simple verifiable delay functions. In: ITCS. LIPIcs, vol. 124, pp. 1–15. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2019)\r\n\r\nGoogle Scholar\r\n \r\n\r\nRabin, M.O.: Transaction protection by beacons. J. Comput. Syst. Sci. 27(2), 256–267 (1983)\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nRibenboim, P.: My Numbers, My Friends: Popular Lectures on Number Theory. Springer-Verlag, New York (2000)\r\n\r\nCrossRef\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nRiesel, H.: Prime Numbers and Computer Methods for Factorization, Progress in Mathematics, vol. 57. Birkhäuser, Basel (1985)\r\n\r\nCrossRef\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nRivest, R., Silverman, R.: Are ’strong’ primes needed for RSA. Cryptology ePrint Archive, Report 2001/007 (2001). https://eprint.iacr.org/2001/007\r\n\r\nRivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems (reprint). Commun. ACM 26(1), 96–99 (1983)\r\n\r\nCrossRef\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nRivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Technical report, Massachusetts Institute of Technology (1996)\r\n\r\nGoogle Scholar\r\n \r\n\r\nRotem, L., Segev, G.: Generically speeding-up repeated squaring is equivalent to factoring: sharp thresholds for all generic-ring delay functions. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 481–509. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_17\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nRotem, L., Segev, G., Shahaf, I.: Generic-group delay functions require hidden-order groups. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 155–180. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45727-3_6\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nSchindler, P., Judmayer, A., Hittmeir, M., Stifter, N., Weippl, E.R.: RandRunner: distributed randomness from trapdoor VDFs with strong uniqueness. In: 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, 21–25 February 2021. The Internet Society (2021)\r\n\r\nGoogle Scholar\r\n \r\n\r\nShani, B.: A note on isogeny-based hybrid verifiable delay functions. IACR Cryptol. ePrint Arch. 2019, 205 (2019)\r\n\r\nGoogle Scholar\r\n \r\n\r\nValiant, P.: Incrementally verifiable computation or proofs of knowledge imply time/space efficiency. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 1–18. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78524-8_1\r\n\r\nCrossRef\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nWesolowski, B.: Efficient verifiable delay functions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 379–407. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17659-4_13\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nWesolowski, B.: Efficient verifiable delay functions. J. Cryptol. 33(4), 2113–2147 (2020). https://doi.org/10.1007/s00145-020-09364-x\r\n\r\nCrossRef\r\n \r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nWilliams, H.C.: A \r\n method of factoring. Math. Comput. 39(159), 225–234 (1982)\r\n\r\nMathSciNet\r\n \r\nMATH\r\n \r\nGoogle Scholar\r\n \r\n\r\nWilliams, H.C.: Édouard lucas and primality testing. Math. Gaz. 83, 173 (1999)\r\n\r\nCrossRef\r\n \r\nGoogle Scholar\r\n \r\n\r\nDownload references\r\n\r\nAcknowledgements\r\nWe thank Krzysztof Pietrzak and Alon Rosen for several fruitful discussions about this work and the anonymous reviewers of SCN 2022 and TCC 2023 for valuable suggestions.\r\n\r\nPavel Hubáček is supported by the Czech Academy of Sciences (RVO 67985840), by the Grant Agency of the Czech Republic under the grant agreement no. 19-27871X, and by the Charles University project UNCE/SCI/004. Chethan Kamath is supported by Azrieli International Postdoctoral Fellowship, by the European Research Council (ERC) under the European Union’s Horizon Europe research and innovation programme (grant agreement No. 101042417, acronym SPP), and by ISF grant 1789/19." alternative_title: - LNCS article_processing_charge: No author: - first_name: Charlotte full_name: Hoffmann, Charlotte id: 0f78d746-dc7d-11ea-9b2f-83f92091afe7 last_name: Hoffmann orcid: 0000-0003-2027-5549 - first_name: Pavel full_name: Hubáček, Pavel last_name: Hubáček - first_name: Chethan full_name: Kamath, Chethan last_name: Kamath - first_name: Tomáš full_name: Krňák, Tomáš last_name: Krňák citation: ama: 'Hoffmann C, Hubáček P, Kamath C, Krňák T. (Verifiable) delay functions from Lucas sequences. In: 21st International Conference on Theory of Cryptography. Vol 14372. Springer Nature; 2023:336-362. doi:10.1007/978-3-031-48624-1_13' apa: 'Hoffmann, C., Hubáček, P., Kamath, C., & Krňák, T. (2023). (Verifiable) delay functions from Lucas sequences. In 21st International Conference on Theory of Cryptography (Vol. 14372, pp. 336–362). Taipei, Taiwan: Springer Nature. https://doi.org/10.1007/978-3-031-48624-1_13' chicago: Hoffmann, Charlotte, Pavel Hubáček, Chethan Kamath, and Tomáš Krňák. “(Verifiable) Delay Functions from Lucas Sequences.” In 21st International Conference on Theory of Cryptography, 14372:336–62. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-48624-1_13. ieee: C. Hoffmann, P. Hubáček, C. Kamath, and T. Krňák, “(Verifiable) delay functions from Lucas sequences,” in 21st International Conference on Theory of Cryptography, Taipei, Taiwan, 2023, vol. 14372, pp. 336–362. ista: 'Hoffmann C, Hubáček P, Kamath C, Krňák T. 2023. (Verifiable) delay functions from Lucas sequences. 21st International Conference on Theory of Cryptography. TCC: Theory of Cryptography, LNCS, vol. 14372, 336–362.' mla: Hoffmann, Charlotte, et al. “(Verifiable) Delay Functions from Lucas Sequences.” 21st International Conference on Theory of Cryptography, vol. 14372, Springer Nature, 2023, pp. 336–62, doi:10.1007/978-3-031-48624-1_13. short: C. Hoffmann, P. Hubáček, C. Kamath, T. Krňák, in:, 21st International Conference on Theory of Cryptography, Springer Nature, 2023, pp. 336–362. conference: end_date: 2023-12-02 location: Taipei, Taiwan name: 'TCC: Theory of Cryptography' start_date: 2023-11-29 date_created: 2023-12-17T23:00:54Z date_published: 2023-11-27T00:00:00Z date_updated: 2023-12-18T09:00:00Z day: '27' department: - _id: KrPi doi: 10.1007/978-3-031-48624-1_13 intvolume: ' 14372' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2023/1404 month: '11' oa: 1 oa_version: Preprint page: 336-362 publication: 21st International Conference on Theory of Cryptography publication_identifier: eissn: - 1611-3349 isbn: - '9783031486234' issn: - 0302-9743 publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: (Verifiable) delay functions from Lucas sequences type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14372 year: '2023' ... --- _id: '14691' abstract: - lang: eng text: "Continuous Group-Key Agreement (CGKA) allows a group of users to maintain a shared key. It is the fundamental cryptographic primitive underlying group messaging schemes and related protocols, most notably TreeKEM, the underlying key agreement protocol of the Messaging Layer Security (MLS) protocol, a standard for group messaging by the IETF. CKGA works in an asynchronous setting where parties only occasionally must come online, and their messages are relayed by an untrusted server. The most expensive operation provided by CKGA is that which allows for a user to refresh their key material in order to achieve forward secrecy (old messages are secure when a user is compromised) and post-compromise security (users can heal from compromise). One caveat of early CGKA protocols is that these update operations had to be performed sequentially, with any user wanting to update their key material having had to receive and process all previous updates. Late versions of TreeKEM do allow for concurrent updates at the cost of a communication overhead per update message that is linear in the number of updating parties. This was shown to be indeed necessary when achieving PCS in just two rounds of communication by [Bienstock et al. TCC’20].\r\nThe recently proposed protocol CoCoA [Alwen et al. Eurocrypt’22], however, shows that this overhead can be reduced if PCS requirements are relaxed, and only a logarithmic number of rounds is required. The natural question, thus, is whether CoCoA is optimal in this setting.\r\nIn this work we answer this question, providing a lower bound on the cost (concretely, the amount of data to be uploaded to the server) for CGKA protocols that heal in an arbitrary k number of rounds, that shows that CoCoA is very close to optimal. Additionally, we extend CoCoA to heal in an arbitrary number of rounds, and propose a modification of it, with a reduced communication cost for certain k.\r\nWe prove our bound in a combinatorial setting where the state of the protocol progresses in rounds, and the state of the protocol in each round is captured by a set system, each set specifying a set of users who share a secret key. We show this combinatorial model is equivalent to a symbolic model capturing building blocks including PRFs and public-key encryption, related to the one used by Bienstock et al.\r\nOur lower bound is of order k•n1+1/(k-1)/log(k), where 2≤k≤log(n) is the number of updates per user the protocol requires to heal. This generalizes the n2 bound for k=2 from Bienstock et al.. This bound almost matches the k⋅n1+2/(k-1) or k2⋅n1+1/(k-1) efficiency we get for the variants of the CoCoA protocol also introduced in this paper." alternative_title: - LNCS article_processing_charge: No author: - first_name: Benedikt full_name: Auerbach, Benedikt id: D33D2B18-E445-11E9-ABB7-15F4E5697425 last_name: Auerbach orcid: 0000-0002-7553-6606 - first_name: Miguel full_name: Cueto Noval, Miguel id: ffc563a3-f6e0-11ea-865d-e3cce03d17cc last_name: Cueto Noval - first_name: Guillermo full_name: Pascual Perez, Guillermo id: 2D7ABD02-F248-11E8-B48F-1D18A9856A87 last_name: Pascual Perez orcid: 0000-0001-8630-415X - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 citation: ama: 'Auerbach B, Cueto Noval M, Pascual Perez G, Pietrzak KZ. On the cost of post-compromise security in concurrent Continuous Group-Key Agreement. In: 21st International Conference on Theory of Cryptography. Vol 14371. Springer Nature; 2023:271-300. doi:10.1007/978-3-031-48621-0_10' apa: 'Auerbach, B., Cueto Noval, M., Pascual Perez, G., & Pietrzak, K. Z. (2023). On the cost of post-compromise security in concurrent Continuous Group-Key Agreement. In 21st International Conference on Theory of Cryptography (Vol. 14371, pp. 271–300). Taipei, Taiwan: Springer Nature. https://doi.org/10.1007/978-3-031-48621-0_10' chicago: Auerbach, Benedikt, Miguel Cueto Noval, Guillermo Pascual Perez, and Krzysztof Z Pietrzak. “On the Cost of Post-Compromise Security in Concurrent Continuous Group-Key Agreement.” In 21st International Conference on Theory of Cryptography, 14371:271–300. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-48621-0_10. ieee: B. Auerbach, M. Cueto Noval, G. Pascual Perez, and K. Z. Pietrzak, “On the cost of post-compromise security in concurrent Continuous Group-Key Agreement,” in 21st International Conference on Theory of Cryptography, Taipei, Taiwan, 2023, vol. 14371, pp. 271–300. ista: 'Auerbach B, Cueto Noval M, Pascual Perez G, Pietrzak KZ. 2023. On the cost of post-compromise security in concurrent Continuous Group-Key Agreement. 21st International Conference on Theory of Cryptography. TCC: Theory of Cryptography, LNCS, vol. 14371, 271–300.' mla: Auerbach, Benedikt, et al. “On the Cost of Post-Compromise Security in Concurrent Continuous Group-Key Agreement.” 21st International Conference on Theory of Cryptography, vol. 14371, Springer Nature, 2023, pp. 271–300, doi:10.1007/978-3-031-48621-0_10. short: B. Auerbach, M. Cueto Noval, G. Pascual Perez, K.Z. Pietrzak, in:, 21st International Conference on Theory of Cryptography, Springer Nature, 2023, pp. 271–300. conference: end_date: 2023-12-02 location: Taipei, Taiwan name: 'TCC: Theory of Cryptography' start_date: 2023-11-29 date_created: 2023-12-17T23:00:53Z date_published: 2023-11-27T00:00:00Z date_updated: 2023-12-18T08:36:51Z day: '27' department: - _id: KrPi doi: 10.1007/978-3-031-48621-0_10 intvolume: ' 14371' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2023/1123 month: '11' oa: 1 oa_version: Preprint page: 271-300 publication: 21st International Conference on Theory of Cryptography publication_identifier: eissn: - 1611-3349 isbn: - '9783031486203' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: On the cost of post-compromise security in concurrent Continuous Group-Key Agreement type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14371 year: '2023' ... --- _id: '14692' abstract: - lang: eng text: "The generic-group model (GGM) aims to capture algorithms working over groups of prime order that only rely on the group operation, but do not exploit any additional structure given by the concrete implementation of the group. In it, it is possible to prove information-theoretic lower bounds on the hardness of problems like the discrete logarithm (DL) or computational Diffie-Hellman (CDH). Thus, since its introduction, it has served as a valuable tool to assess the concrete security provided by cryptographic schemes based on such problems. A work on the related algebraic-group model (AGM) introduced a method, used by many subsequent works, to adapt GGM lower bounds for one problem to another, by means of conceptually simple reductions.\r\nIn this work, we propose an alternative approach to extend GGM bounds from one problem to another. Following an idea by Yun [EC15], we show that, in the GGM, the security of a large class of problems can be reduced to that of geometric search-problems. By reducing the security of the resulting geometric-search problems to variants of the search-by-hypersurface problem, for which information theoretic lower bounds exist, we give alternative proofs of several results that used the AGM approach.\r\nThe main advantage of our approach is that our reduction from geometric search-problems works, as well, for the GGM with preprocessing (more precisely the bit-fixing GGM introduced by Coretti, Dodis and Guo [Crypto18]). As a consequence, this opens up the possibility of transferring preprocessing GGM bounds from one problem to another, also by means of simple reductions. Concretely, we prove novel preprocessing bounds on the hardness of the d-strong discrete logarithm, the d-strong Diffie-Hellman inversion, and multi-instance CDH problems, as well as a large class of Uber assumptions. Additionally, our approach applies to Shoup’s GGM without additional restrictions on the query behavior of the adversary, while the recent works of Zhang, Zhou, and Katz [AC22] and Zhandry [Crypto22] highlight that this is not the case for the AGM approach." alternative_title: - LNCS article_processing_charge: No author: - first_name: Benedikt full_name: Auerbach, Benedikt id: D33D2B18-E445-11E9-ABB7-15F4E5697425 last_name: Auerbach orcid: 0000-0002-7553-6606 - first_name: Charlotte full_name: Hoffmann, Charlotte id: 0f78d746-dc7d-11ea-9b2f-83f92091afe7 last_name: Hoffmann orcid: 0000-0003-2027-5549 - first_name: Guillermo full_name: Pascual Perez, Guillermo id: 2D7ABD02-F248-11E8-B48F-1D18A9856A87 last_name: Pascual Perez orcid: 0000-0001-8630-415X citation: ama: 'Auerbach B, Hoffmann C, Pascual Perez G. Generic-group lower bounds via reductions between geometric-search problems: With and without preprocessing. In: 21st International Conference on Theory of Cryptography. Vol 14371. Springer Nature; 2023:301-330. doi:10.1007/978-3-031-48621-0_11' apa: 'Auerbach, B., Hoffmann, C., & Pascual Perez, G. (2023). Generic-group lower bounds via reductions between geometric-search problems: With and without preprocessing. In 21st International Conference on Theory of Cryptography (Vol. 14371, pp. 301–330). Springer Nature. https://doi.org/10.1007/978-3-031-48621-0_11' chicago: 'Auerbach, Benedikt, Charlotte Hoffmann, and Guillermo Pascual Perez. “Generic-Group Lower Bounds via Reductions between Geometric-Search Problems: With and without Preprocessing.” In 21st International Conference on Theory of Cryptography, 14371:301–30. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-48621-0_11.' ieee: 'B. Auerbach, C. Hoffmann, and G. Pascual Perez, “Generic-group lower bounds via reductions between geometric-search problems: With and without preprocessing,” in 21st International Conference on Theory of Cryptography, 2023, vol. 14371, pp. 301–330.' ista: 'Auerbach B, Hoffmann C, Pascual Perez G. 2023. Generic-group lower bounds via reductions between geometric-search problems: With and without preprocessing. 21st International Conference on Theory of Cryptography. , LNCS, vol. 14371, 301–330.' mla: 'Auerbach, Benedikt, et al. “Generic-Group Lower Bounds via Reductions between Geometric-Search Problems: With and without Preprocessing.” 21st International Conference on Theory of Cryptography, vol. 14371, Springer Nature, 2023, pp. 301–30, doi:10.1007/978-3-031-48621-0_11.' short: B. Auerbach, C. Hoffmann, G. Pascual Perez, in:, 21st International Conference on Theory of Cryptography, Springer Nature, 2023, pp. 301–330. date_created: 2023-12-17T23:00:54Z date_published: 2023-11-27T00:00:00Z date_updated: 2023-12-18T09:17:03Z day: '27' department: - _id: KrPi doi: 10.1007/978-3-031-48621-0_11 intvolume: ' 14371' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2023/808 month: '11' oa: 1 oa_version: Preprint page: 301-330 publication: 21st International Conference on Theory of Cryptography publication_identifier: eissn: - 1611-3349 isbn: - '9783031486203' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Generic-group lower bounds via reductions between geometric-search problems: With and without preprocessing' type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14371 year: '2023' ... --- _id: '14736' abstract: - lang: eng text: Payment channel networks (PCNs) are a promising technology to improve the scalability of cryptocurrencies. PCNs, however, face the challenge that the frequent usage of certain routes may deplete channels in one direction, and hence prevent further transactions. In order to reap the full potential of PCNs, recharging and rebalancing mechanisms are required to provision channels, as well as an admission control logic to decide which transactions to reject in case capacity is insufficient. This paper presents a formal model of this optimisation problem. In particular, we consider an online algorithms perspective, where transactions arrive over time in an unpredictable manner. Our main contributions are competitive online algorithms which come with provable guarantees over time. We empirically evaluate our algorithms on randomly generated transactions to compare the average performance of our algorithms to our theoretical bounds. We also show how this model and approach differs from related problems in classic communication networks. acknowledgement: Supported by the German Federal Ministry of Education and Research (BMBF), grant 16KISK020K (6G-RIC), 2021–2025, and ERC CoG 863818 (ForM-SMArt). alternative_title: - LNCS article_processing_charge: No author: - first_name: Mahsa full_name: Bastankhah, Mahsa last_name: Bastankhah - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Mohammad Ali full_name: Maddah-Ali, Mohammad Ali last_name: Maddah-Ali - first_name: Stefan full_name: Schmid, Stefan last_name: Schmid - first_name: Jakub full_name: Svoboda, Jakub id: 130759D2-D7DD-11E9-87D2-DE0DE6697425 last_name: Svoboda orcid: 0000-0002-1419-3267 - first_name: Michelle X full_name: Yeo, Michelle X id: 2D82B818-F248-11E8-B48F-1D18A9856A87 last_name: Yeo citation: ama: 'Bastankhah M, Chatterjee K, Maddah-Ali MA, Schmid S, Svoboda J, Yeo MX. R2: Boosting liquidity in payment channel networks with online admission control. In: 27th International Conference on Financial Cryptography and Data Security. Vol 13950. Springer Nature; 2023:309-325. doi:10.1007/978-3-031-47754-6_18' apa: 'Bastankhah, M., Chatterjee, K., Maddah-Ali, M. A., Schmid, S., Svoboda, J., & Yeo, M. X. (2023). R2: Boosting liquidity in payment channel networks with online admission control. In 27th International Conference on Financial Cryptography and Data Security (Vol. 13950, pp. 309–325). Bol, Brac, Croatia: Springer Nature. https://doi.org/10.1007/978-3-031-47754-6_18' chicago: 'Bastankhah, Mahsa, Krishnendu Chatterjee, Mohammad Ali Maddah-Ali, Stefan Schmid, Jakub Svoboda, and Michelle X Yeo. “R2: Boosting Liquidity in Payment Channel Networks with Online Admission Control.” In 27th International Conference on Financial Cryptography and Data Security, 13950:309–25. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-47754-6_18.' ieee: 'M. Bastankhah, K. Chatterjee, M. A. Maddah-Ali, S. Schmid, J. Svoboda, and M. X. Yeo, “R2: Boosting liquidity in payment channel networks with online admission control,” in 27th International Conference on Financial Cryptography and Data Security, Bol, Brac, Croatia, 2023, vol. 13950, pp. 309–325.' ista: 'Bastankhah M, Chatterjee K, Maddah-Ali MA, Schmid S, Svoboda J, Yeo MX. 2023. R2: Boosting liquidity in payment channel networks with online admission control. 27th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13950, 309–325.' mla: 'Bastankhah, Mahsa, et al. “R2: Boosting Liquidity in Payment Channel Networks with Online Admission Control.” 27th International Conference on Financial Cryptography and Data Security, vol. 13950, Springer Nature, 2023, pp. 309–25, doi:10.1007/978-3-031-47754-6_18.' short: M. Bastankhah, K. Chatterjee, M.A. Maddah-Ali, S. Schmid, J. Svoboda, M.X. Yeo, in:, 27th International Conference on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 309–325. conference: end_date: 2023-05-05 location: Bol, Brac, Croatia name: 'FC: Financial Cryptography and Data Security' start_date: 2023-05-01 date_created: 2024-01-08T09:30:22Z date_published: 2023-12-01T00:00:00Z date_updated: 2024-01-08T09:36:36Z day: '01' department: - _id: KrCh - _id: KrPi doi: 10.1007/978-3-031-47754-6_18 ec_funded: 1 intvolume: ' 13950' language: - iso: eng month: '12' oa_version: None page: 309-325 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' publication: 27th International Conference on Financial Cryptography and Data Security publication_identifier: eisbn: - '9783031477546' eissn: - 1611-3349 isbn: - '9783031477539' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: 'R2: Boosting liquidity in payment channel networks with online admission control' type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13950 year: '2023' ... --- _id: '14744' abstract: - lang: eng text: "Sharding distributed ledgers is a promising on-chain solution for scaling blockchains but lacks formal grounds, nurturing skepticism on whether such complex systems can scale blockchains securely. We fill this gap by introducing the first formal framework as well as a roadmap to robust sharding. In particular, we first define the properties sharded distributed ledgers should fulfill. We build upon and extend the Bitcoin backbone protocol by defining consistency and scalability. Consistency encompasses the need for atomic execution of cross-shard transactions to preserve safety, whereas scalability encapsulates the speedup a sharded system can gain in comparison to a non-sharded system.\r\nUsing our model, we explore the limitations of sharding. We show that a sharded ledger with n participants cannot scale under a fully adaptive adversary, but it can scale up to m shards where n=c'm log m, under an epoch-adaptive adversary; the constant c' encompasses the trade-off between security and scalability. This is possible only if the sharded ledgers create succinct proofs of the valid state updates at every epoch. We leverage our results to identify the sufficient components for robust sharding, which we incorporate in a protocol abstraction termed Divide & Scale. To demonstrate the power of our framework, we analyze the most prominent sharded blockchains (Elastico, Monoxide, OmniLedger, RapidChain) and pinpoint where they fail to meet the desired properties." acknowledgement: The work was partially supported by the Austrian Science Fund (FWF) through the project CoRaF (grant agreement 2020388). alternative_title: - LNCS article_processing_charge: No author: - first_name: Zeta full_name: Avarikioti, Zeta last_name: Avarikioti - first_name: Antoine full_name: Desjardins, Antoine id: 06d0c166-aec1-11ee-a7c0-b96e840a602b last_name: Desjardins - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Roger full_name: Wattenhofer, Roger last_name: Wattenhofer citation: ama: 'Avarikioti Z, Desjardins A, Kokoris Kogias E, Wattenhofer R. Divide & Scale: Formalization and roadmap to robust sharding. In: 30th International Colloquium on Structural Information and Communication Complexity. Vol 13892. Springer Nature; 2023:199-245. doi:10.1007/978-3-031-32733-9_10' apa: 'Avarikioti, Z., Desjardins, A., Kokoris Kogias, E., & Wattenhofer, R. (2023). Divide & Scale: Formalization and roadmap to robust sharding. In 30th International Colloquium on Structural Information and Communication Complexity (Vol. 13892, pp. 199–245). Alcalá de Henares, Spain: Springer Nature. https://doi.org/10.1007/978-3-031-32733-9_10' chicago: 'Avarikioti, Zeta, Antoine Desjardins, Eleftherios Kokoris Kogias, and Roger Wattenhofer. “Divide & Scale: Formalization and Roadmap to Robust Sharding.” In 30th International Colloquium on Structural Information and Communication Complexity, 13892:199–245. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-32733-9_10.' ieee: 'Z. Avarikioti, A. Desjardins, E. Kokoris Kogias, and R. Wattenhofer, “Divide & Scale: Formalization and roadmap to robust sharding,” in 30th International Colloquium on Structural Information and Communication Complexity, Alcalá de Henares, Spain, 2023, vol. 13892, pp. 199–245.' ista: 'Avarikioti Z, Desjardins A, Kokoris Kogias E, Wattenhofer R. 2023. Divide & Scale: Formalization and roadmap to robust sharding. 30th International Colloquium on Structural Information and Communication Complexity. SIROCCO: Structural Information and Communication Complexity, LNCS, vol. 13892, 199–245.' mla: 'Avarikioti, Zeta, et al. “Divide & Scale: Formalization and Roadmap to Robust Sharding.” 30th International Colloquium on Structural Information and Communication Complexity, vol. 13892, Springer Nature, 2023, pp. 199–245, doi:10.1007/978-3-031-32733-9_10.' short: Z. Avarikioti, A. Desjardins, E. Kokoris Kogias, R. Wattenhofer, in:, 30th International Colloquium on Structural Information and Communication Complexity, Springer Nature, 2023, pp. 199–245. conference: end_date: 2023-06-09 location: Alcalá de Henares, Spain name: 'SIROCCO: Structural Information and Communication Complexity' start_date: 2023-06-06 date_created: 2024-01-08T12:56:46Z date_published: 2023-06-01T00:00:00Z date_updated: 2024-01-09T07:40:57Z day: '01' department: - _id: ElKo doi: 10.1007/978-3-031-32733-9_10 intvolume: ' 13892' language: - iso: eng month: '06' oa_version: None page: 199-245 publication: 30th International Colloquium on Structural Information and Communication Complexity publication_identifier: eisbn: - '9783031327339' eissn: - 1611-3349 isbn: - '9783031327322' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Divide & Scale: Formalization and roadmap to robust sharding' type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13892 year: '2023' ... --- _id: '14456' abstract: - lang: eng text: In this paper, we present novel algorithms that efficiently compute a shortest reconfiguration sequence between two given dominating sets in trees and interval graphs under the TOKEN SLIDING model. In this problem, a graph is provided along with its two dominating sets, which can be imagined as tokens placed on vertices. The objective is to find a shortest sequence of dominating sets that transforms one set into the other, with each set in the sequence resulting from sliding a single token in the previous set. While identifying any sequence has been well studied, our work presents the first polynomial algorithms for this optimization variant in the context of dominating sets. alternative_title: - LNCS article_processing_charge: No author: - first_name: Jan Matyáš full_name: Křišťan, Jan Matyáš last_name: Křišťan - first_name: Jakub full_name: Svoboda, Jakub id: 130759D2-D7DD-11E9-87D2-DE0DE6697425 last_name: Svoboda orcid: 0000-0002-1419-3267 citation: ama: 'Křišťan JM, Svoboda J. Shortest dominating set reconfiguration under token sliding. In: 24th International Symposium on Fundamentals of Computation Theory. Vol 14292. Springer Nature; 2023:333-347. doi:10.1007/978-3-031-43587-4_24' apa: 'Křišťan, J. M., & Svoboda, J. (2023). Shortest dominating set reconfiguration under token sliding. In 24th International Symposium on Fundamentals of Computation Theory (Vol. 14292, pp. 333–347). Trier, Germany: Springer Nature. https://doi.org/10.1007/978-3-031-43587-4_24' chicago: Křišťan, Jan Matyáš, and Jakub Svoboda. “Shortest Dominating Set Reconfiguration under Token Sliding.” In 24th International Symposium on Fundamentals of Computation Theory, 14292:333–47. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-43587-4_24. ieee: J. M. Křišťan and J. Svoboda, “Shortest dominating set reconfiguration under token sliding,” in 24th International Symposium on Fundamentals of Computation Theory, Trier, Germany, 2023, vol. 14292, pp. 333–347. ista: 'Křišťan JM, Svoboda J. 2023. Shortest dominating set reconfiguration under token sliding. 24th International Symposium on Fundamentals of Computation Theory. FCT: Fundamentals of Computation Theory, LNCS, vol. 14292, 333–347.' mla: Křišťan, Jan Matyáš, and Jakub Svoboda. “Shortest Dominating Set Reconfiguration under Token Sliding.” 24th International Symposium on Fundamentals of Computation Theory, vol. 14292, Springer Nature, 2023, pp. 333–47, doi:10.1007/978-3-031-43587-4_24. short: J.M. Křišťan, J. Svoboda, in:, 24th International Symposium on Fundamentals of Computation Theory, Springer Nature, 2023, pp. 333–347. conference: end_date: 2023-09-21 location: Trier, Germany name: 'FCT: Fundamentals of Computation Theory' start_date: 2023-09-18 date_created: 2023-10-29T23:01:16Z date_published: 2023-09-21T00:00:00Z date_updated: 2024-01-22T08:10:49Z day: '21' department: - _id: KrCh doi: 10.1007/978-3-031-43587-4_24 external_id: arxiv: - '2307.10847' intvolume: ' 14292' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2307.10847 month: '09' oa: 1 oa_version: Preprint page: 333-347 publication: 24th International Symposium on Fundamentals of Computation Theory publication_identifier: eissn: - 1611-3349 isbn: - '9783031435867' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: link: - relation: erratum url: https://doi.org/10.1007/978-3-031-43587-4_31 scopus_import: '1' status: public title: Shortest dominating set reconfiguration under token sliding type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14292 year: '2023' ... --- _id: '14829' abstract: - lang: eng text: 'This paper explores a modular design architecture aimed at helping blockchains (and other SMR implementation) to scale to a very large number of processes. This comes in contrast to existing monolithic architectures that interleave transaction dissemination, ordering, and execution in a single functionality. To achieve this we first split the monolith to multiple layers which can use existing distributed computing primitives. The exact specifications of the data dissemination part are formally defined by the Proof of Availability & Retrieval (PoA &R) abstraction. Solutions to the PoA &R problem contain two related sub-protocols: one that “pushes” information into the network and another that “pulls” this information. Regarding the latter, there is a dearth of research literature which is rectified in this paper. We present a family of pulling sub-protocols and rigorously analyze them. Extensive simulations support the theoretical claims of efficiency and robustness in case of a very large number of players. Finally, actual implementation and deployment on a small number of machines (roughly the size of several industrial systems) demonstrates the viability of the architecture’s paradigm.' acknowledgement: 'This work is partially supported by Meta. Eleftherios Kokoris-Kogias is partially supported by Austrian Science Fund (FWF) grant No: F8512-N. Shir Cohen is supported by the Adams Fellowship Program of the Israel Academy of Sciences and Humanities.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Shir full_name: Cohen, Shir last_name: Cohen - first_name: Guy full_name: Goren, Guy last_name: Goren - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Alberto full_name: Sonnino, Alberto last_name: Sonnino - first_name: Alexander full_name: Spiegelman, Alexander last_name: Spiegelman citation: ama: 'Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. Proof of availability and retrieval in a modular blockchain architecture. In: 27th International Conference on Financial Cryptography and Data Security. Vol 13951. Springer Nature; 2023:36-53. doi:10.1007/978-3-031-47751-5_3' apa: 'Cohen, S., Goren, G., Kokoris Kogias, E., Sonnino, A., & Spiegelman, A. (2023). Proof of availability and retrieval in a modular blockchain architecture. In 27th International Conference on Financial Cryptography and Data Security (Vol. 13951, pp. 36–53). Bol, Brac, Croatia: Springer Nature. https://doi.org/10.1007/978-3-031-47751-5_3' chicago: Cohen, Shir, Guy Goren, Eleftherios Kokoris Kogias, Alberto Sonnino, and Alexander Spiegelman. “Proof of Availability and Retrieval in a Modular Blockchain Architecture.” In 27th International Conference on Financial Cryptography and Data Security, 13951:36–53. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-47751-5_3. ieee: S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, and A. Spiegelman, “Proof of availability and retrieval in a modular blockchain architecture,” in 27th International Conference on Financial Cryptography and Data Security, Bol, Brac, Croatia, 2023, vol. 13951, pp. 36–53. ista: 'Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. 2023. Proof of availability and retrieval in a modular blockchain architecture. 27th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13951, 36–53.' mla: Cohen, Shir, et al. “Proof of Availability and Retrieval in a Modular Blockchain Architecture.” 27th International Conference on Financial Cryptography and Data Security, vol. 13951, Springer Nature, 2023, pp. 36–53, doi:10.1007/978-3-031-47751-5_3. short: S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, in:, 27th International Conference on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 36–53. conference: end_date: 2023-05-05 location: Bol, Brac, Croatia name: 'FC: Financial Cryptography and Data Security' start_date: 2023-05-01 date_created: 2024-01-18T07:41:12Z date_published: 2023-12-01T00:00:00Z date_updated: 2024-01-22T13:58:07Z day: '01' department: - _id: ElKo doi: 10.1007/978-3-031-47751-5_3 intvolume: ' 13951' language: - iso: eng main_file_link: - open_access: '1' url: https://fc23.ifca.ai/preproceedings/150.pdf month: '12' oa: 1 oa_version: Submitted Version page: 36-53 project: - _id: 34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f grant_number: F8512 name: Secure Network and Hardware for Efficient Blockchains publication: 27th International Conference on Financial Cryptography and Data Security publication_identifier: eisbn: - '9783031477515' eissn: - 1611-3349 isbn: - '9783031477508' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Proof of availability and retrieval in a modular blockchain architecture type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13951 year: '2023' ... --- _id: '14411' abstract: - lang: eng text: "Partially specified Boolean networks (PSBNs) represent a promising framework for the qualitative modelling of biological systems in which the logic of interactions is not completely known. Phenotype control aims to stabilise the network in states exhibiting specific traits.\r\nIn this paper, we define the phenotype control problem in the context of asynchronous PSBNs and propose a novel semi-symbolic algorithm for solving this problem with permanent variable perturbations." acknowledgement: This work was supported by the Czech Foundation grant No. GA22-10845S, Grant Agency of Masaryk University grant No. MUNI/G/1771/2020, and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 101034413. alternative_title: - LNBI article_processing_charge: No author: - first_name: Nikola full_name: Beneš, Nikola last_name: Beneš - first_name: Luboš full_name: Brim, Luboš last_name: Brim - first_name: Samuel full_name: Pastva, Samuel id: 07c5ea74-f61c-11ec-a664-aa7c5d957b2b last_name: Pastva orcid: 0000-0003-1993-0331 - first_name: David full_name: Šafránek, David last_name: Šafránek - first_name: Eva full_name: Šmijáková, Eva last_name: Šmijáková citation: ama: 'Beneš N, Brim L, Pastva S, Šafránek D, Šmijáková E. Phenotype control of partially specified boolean networks. In: 21st International Conference on Computational Methods in Systems Biology. Vol 14137. Springer Nature; 2023:18-35. doi:10.1007/978-3-031-42697-1_2' apa: 'Beneš, N., Brim, L., Pastva, S., Šafránek, D., & Šmijáková, E. (2023). Phenotype control of partially specified boolean networks. In 21st International Conference on Computational Methods in Systems Biology (Vol. 14137, pp. 18–35). Luxembourg City, Luxembourg: Springer Nature. https://doi.org/10.1007/978-3-031-42697-1_2' chicago: Beneš, Nikola, Luboš Brim, Samuel Pastva, David Šafránek, and Eva Šmijáková. “Phenotype Control of Partially Specified Boolean Networks.” In 21st International Conference on Computational Methods in Systems Biology, 14137:18–35. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-42697-1_2. ieee: N. Beneš, L. Brim, S. Pastva, D. Šafránek, and E. Šmijáková, “Phenotype control of partially specified boolean networks,” in 21st International Conference on Computational Methods in Systems Biology, Luxembourg City, Luxembourg, 2023, vol. 14137, pp. 18–35. ista: 'Beneš N, Brim L, Pastva S, Šafránek D, Šmijáková E. 2023. Phenotype control of partially specified boolean networks. 21st International Conference on Computational Methods in Systems Biology. CMSB: Computational Methods in Systems Biology, LNBI, vol. 14137, 18–35.' mla: Beneš, Nikola, et al. “Phenotype Control of Partially Specified Boolean Networks.” 21st International Conference on Computational Methods in Systems Biology, vol. 14137, Springer Nature, 2023, pp. 18–35, doi:10.1007/978-3-031-42697-1_2. short: N. Beneš, L. Brim, S. Pastva, D. Šafránek, E. Šmijáková, in:, 21st International Conference on Computational Methods in Systems Biology, Springer Nature, 2023, pp. 18–35. conference: end_date: 2023-09-15 location: Luxembourg City, Luxembourg name: 'CMSB: Computational Methods in Systems Biology' start_date: 2023-09-13 date_created: 2023-10-08T22:01:18Z date_published: 2023-09-09T00:00:00Z date_updated: 2024-02-20T09:02:04Z day: '09' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-031-42697-1_2 ec_funded: 1 file: - access_level: open_access checksum: 6f71bdaedb770b52380222fd9f4d7937 content_type: application/pdf creator: spastva date_created: 2024-02-16T08:26:32Z date_updated: 2024-02-16T08:26:32Z file_id: '14997' file_name: cmsb2023.pdf file_size: 691582 relation: main_file success: 1 file_date_updated: 2024-02-16T08:26:32Z has_accepted_license: '1' intvolume: ' 14137' language: - iso: eng month: '09' oa: 1 oa_version: Submitted Version page: 18-35 project: - _id: fc2ed2f7-9c52-11eb-aca3-c01059dda49c call_identifier: H2020 grant_number: '101034413' name: 'IST-BRIDGE: International postdoctoral program' publication: 21st International Conference on Computational Methods in Systems Biology publication_identifier: eissn: - 1611-3349 isbn: - '9783031426964' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Phenotype control of partially specified boolean networks tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 14137 year: '2023' ... --- _id: '14758' abstract: - lang: eng text: 'We present a flexible and efficient toolchain to symbolically solve (standard) Rabin games, fair-adversarial Rabin games, and 2 1/2 license type-player Rabin games. To our best knowledge, our tools are the first ones to be able to solve these problems. Furthermore, using these flexible game solvers as a back-end, we implemented a tool for computing correct-by-construction controllers for stochastic dynamical systems under LTL specifications. Our implementations use the recent theoretical result that all of these games can be solved using the same symbolic fixpoint algorithm but utilizing different, domain specific calculations of the involved predecessor operators. The main feature of our toolchain is the utilization of two programming abstractions: one to separate the symbolic fixpoint computations from the predecessor calculations, and another one to allow the integration of different BDD libraries as back-ends. In particular, we employ a multi-threaded execution of the fixpoint algorithm by using the multi-threaded BDD library Sylvan, which leads to enormous computational savings.' acknowledgement: 'Authors ordered alphabetically. R. Majumdar and A.-K. Schmuck are partially supported by DFG project 389792660 TRR 248-CPEC. A.-K. Schmuck is additionally funded through DFG project (SCHM 3541/1-1). K. Mallik is supported by the ERC project ERC-2020-AdG 101020093. M. Rychlicki is supported by the EPSRC project EP/V00252X/1. S. Soudjani is supported by the following projects: EPSRC EP/V043676/1, EIC 101070802, and ERC 101089047.' alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: Rupak full_name: Majumdar, Rupak last_name: Majumdar - first_name: Kaushik full_name: Mallik, Kaushik id: 0834ff3c-6d72-11ec-94e0-b5b0a4fb8598 last_name: Mallik orcid: 0000-0001-9864-7475 - first_name: Mateusz full_name: Rychlicki, Mateusz last_name: Rychlicki - first_name: Anne-Kathrin full_name: Schmuck, Anne-Kathrin last_name: Schmuck - first_name: Sadegh full_name: Soudjani, Sadegh last_name: Soudjani citation: ama: 'Majumdar R, Mallik K, Rychlicki M, Schmuck A-K, Soudjani S. A flexible toolchain for symbolic rabin games under fair and stochastic uncertainties. In: 35th International Conference on Computer Aided Verification. Vol 13966. Springer Nature; 2023:3-15. doi:10.1007/978-3-031-37709-9_1' apa: 'Majumdar, R., Mallik, K., Rychlicki, M., Schmuck, A.-K., & Soudjani, S. (2023). A flexible toolchain for symbolic rabin games under fair and stochastic uncertainties. In 35th International Conference on Computer Aided Verification (Vol. 13966, pp. 3–15). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-37709-9_1' chicago: Majumdar, Rupak, Kaushik Mallik, Mateusz Rychlicki, Anne-Kathrin Schmuck, and Sadegh Soudjani. “A Flexible Toolchain for Symbolic Rabin Games under Fair and Stochastic Uncertainties.” In 35th International Conference on Computer Aided Verification, 13966:3–15. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-37709-9_1. ieee: R. Majumdar, K. Mallik, M. Rychlicki, A.-K. Schmuck, and S. Soudjani, “A flexible toolchain for symbolic rabin games under fair and stochastic uncertainties,” in 35th International Conference on Computer Aided Verification, Paris, France, 2023, vol. 13966, pp. 3–15. ista: 'Majumdar R, Mallik K, Rychlicki M, Schmuck A-K, Soudjani S. 2023. A flexible toolchain for symbolic rabin games under fair and stochastic uncertainties. 35th International Conference on Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 13966, 3–15.' mla: Majumdar, Rupak, et al. “A Flexible Toolchain for Symbolic Rabin Games under Fair and Stochastic Uncertainties.” 35th International Conference on Computer Aided Verification, vol. 13966, Springer Nature, 2023, pp. 3–15, doi:10.1007/978-3-031-37709-9_1. short: R. Majumdar, K. Mallik, M. Rychlicki, A.-K. Schmuck, S. Soudjani, in:, 35th International Conference on Computer Aided Verification, Springer Nature, 2023, pp. 3–15. conference: end_date: 2023-07-22 location: Paris, France name: 'CAV: Computer Aided Verification' start_date: 2023-07-17 date_created: 2024-01-08T13:18:00Z date_published: 2023-07-16T00:00:00Z date_updated: 2024-02-27T07:39:51Z day: '16' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-031-37709-9_1 ec_funded: 1 file: - access_level: open_access checksum: 1a361d83db0244fd32c03b544c294b5a content_type: application/pdf creator: dernst date_created: 2024-01-09T10:01:07Z date_updated: 2024-01-09T10:01:07Z file_id: '14765' file_name: 2023_LNCSCAV_Majumdar.pdf file_size: 405147 relation: main_file success: 1 file_date_updated: 2024-01-09T10:01:07Z has_accepted_license: '1' intvolume: ' 13966' language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 3-15 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: 35th International Conference on Computer Aided Verification publication_identifier: eisbn: - '9783031377099' eissn: - 1611-3349 isbn: - '9783031377082' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '14994' relation: research_data status: public scopus_import: '1' status: public title: A flexible toolchain for symbolic rabin games under fair and stochastic uncertainties tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13966 year: '2023' ... --- _id: '13139' abstract: - lang: eng text: A classical problem for Markov chains is determining their stationary (or steady-state) distribution. This problem has an equally classical solution based on eigenvectors and linear equation systems. However, this approach does not scale to large instances, and iterative solutions are desirable. It turns out that a naive approach, as used by current model checkers, may yield completely wrong results. We present a new approach, which utilizes recent advances in partial exploration and mean payoff computation to obtain a correct, converging approximation. alternative_title: - LNCS article_processing_charge: No author: - first_name: Tobias full_name: Meggendorfer, Tobias id: b21b0c15-30a2-11eb-80dc-f13ca25802e1 last_name: Meggendorfer orcid: 0000-0002-1712-2165 citation: ama: 'Meggendorfer T. Correct approximation of stationary distributions. In: TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems. Vol 13993. Springer Nature; 2023:489-507. doi:10.1007/978-3-031-30823-9_25' apa: 'Meggendorfer, T. (2023). Correct approximation of stationary distributions. In TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems (Vol. 13993, pp. 489–507). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-30823-9_25' chicago: 'Meggendorfer, Tobias. “Correct Approximation of Stationary Distributions.” In TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, 13993:489–507. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-30823-9_25.' ieee: 'T. Meggendorfer, “Correct approximation of stationary distributions,” in TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, Paris, France, 2023, vol. 13993, pp. 489–507.' ista: 'Meggendorfer T. 2023. Correct approximation of stationary distributions. TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems. TACAS: Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 13993, 489–507.' mla: 'Meggendorfer, Tobias. “Correct Approximation of Stationary Distributions.” TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, vol. 13993, Springer Nature, 2023, pp. 489–507, doi:10.1007/978-3-031-30823-9_25.' short: 'T. Meggendorfer, in:, TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature, 2023, pp. 489–507.' conference: end_date: 2023-04-27 location: Paris, France name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2023-04-22 date_created: 2023-06-18T22:00:46Z date_published: 2023-04-22T00:00:00Z date_updated: 2024-02-27T07:19:33Z day: '22' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-031-30823-9_25 external_id: arxiv: - '2301.08137' file: - access_level: open_access checksum: 59f707a3949c03793251b0d04c62542a content_type: application/pdf creator: dernst date_created: 2023-06-19T07:18:40Z date_updated: 2023-06-19T07:18:40Z file_id: '13148' file_name: 2023_LNCS_Meggendorfer.pdf file_size: 521951 relation: main_file success: 1 file_date_updated: 2023-06-19T07:18:40Z has_accepted_license: '1' intvolume: ' 13993' language: - iso: eng month: '04' oa: 1 oa_version: Published Version page: 489-507 publication: 'TACAS 2023: Tools and Algorithms for the Construction and Analysis of Systems' publication_identifier: eissn: - 1611-3349 isbn: - '9783031308222' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '14990' relation: research_data status: public scopus_import: '1' status: public title: Correct approximation of stationary distributions tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13993 year: '2023' ... --- _id: '14260' abstract: - lang: eng text: "This paper presents Lincheck, a new practical and user-friendly framework for testing concurrent algorithms on the Java Virtual Machine (JVM). Lincheck provides a simple and declarative way to write concurrent tests: instead of describing how to perform the test, users specify what to test by declaring all the operations to examine; the framework automatically handles the rest. As a result, tests written with Lincheck are concise and easy to understand. The framework automatically generates a set of concurrent scenarios, examines them using stress-testing or bounded model checking, and verifies that the results of each invocation are correct. Notably, if an error is detected via model checking, Lincheck provides an easy-to-follow trace to reproduce it, significantly simplifying the bug investigation.\r\n\r\nTo the best of our knowledge, Lincheck is the first production-ready tool on the JVM that offers such a simple way of writing concurrent tests, without requiring special skills or expertise. We successfully integrated Lincheck in the development process of several large projects, such as Kotlin Coroutines, and identified new bugs in popular concurrency libraries, such as a race in Java’s standard ConcurrentLinkedDeque and a liveliness bug in Java’s AbstractQueuedSynchronizer framework, which is used in most of the synchronization primitives. We believe that Lincheck can significantly improve the quality and productivity of concurrent algorithms research and development and become the state-of-the-art tool for checking their correctness." alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: Nikita full_name: Koval, Nikita id: 2F4DB10C-F248-11E8-B48F-1D18A9856A87 last_name: Koval - first_name: Alexander full_name: Fedorov, Alexander id: 2e711909-896a-11ed-bdf8-eb0f5a2984c6 last_name: Fedorov - first_name: Maria full_name: Sokolova, Maria last_name: Sokolova - first_name: Dmitry full_name: Tsitelov, Dmitry last_name: Tsitelov - first_name: Dan-Adrian full_name: Alistarh, Dan-Adrian id: 4A899BFC-F248-11E8-B48F-1D18A9856A87 last_name: Alistarh orcid: 0000-0003-3650-940X citation: ama: 'Koval N, Fedorov A, Sokolova M, Tsitelov D, Alistarh D-A. Lincheck: A practical framework for testing concurrent data structures on JVM. In: 35th International Conference on Computer Aided Verification . Vol 13964. Springer Nature; 2023:156-169. doi:10.1007/978-3-031-37706-8_8' apa: 'Koval, N., Fedorov, A., Sokolova, M., Tsitelov, D., & Alistarh, D.-A. (2023). Lincheck: A practical framework for testing concurrent data structures on JVM. In 35th International Conference on Computer Aided Verification (Vol. 13964, pp. 156–169). Paris, France: Springer Nature. https://doi.org/10.1007/978-3-031-37706-8_8' chicago: 'Koval, Nikita, Alexander Fedorov, Maria Sokolova, Dmitry Tsitelov, and Dan-Adrian Alistarh. “Lincheck: A Practical Framework for Testing Concurrent Data Structures on JVM.” In 35th International Conference on Computer Aided Verification , 13964:156–69. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-37706-8_8.' ieee: 'N. Koval, A. Fedorov, M. Sokolova, D. Tsitelov, and D.-A. Alistarh, “Lincheck: A practical framework for testing concurrent data structures on JVM,” in 35th International Conference on Computer Aided Verification , Paris, France, 2023, vol. 13964, pp. 156–169.' ista: 'Koval N, Fedorov A, Sokolova M, Tsitelov D, Alistarh D-A. 2023. Lincheck: A practical framework for testing concurrent data structures on JVM. 35th International Conference on Computer Aided Verification . CAV: Computer Aided Verification, LNCS, vol. 13964, 156–169.' mla: 'Koval, Nikita, et al. “Lincheck: A Practical Framework for Testing Concurrent Data Structures on JVM.” 35th International Conference on Computer Aided Verification , vol. 13964, Springer Nature, 2023, pp. 156–69, doi:10.1007/978-3-031-37706-8_8.' short: N. Koval, A. Fedorov, M. Sokolova, D. Tsitelov, D.-A. Alistarh, in:, 35th International Conference on Computer Aided Verification , Springer Nature, 2023, pp. 156–169. conference: end_date: 2023-07-22 location: Paris, France name: 'CAV: Computer Aided Verification' start_date: 2023-07-17 date_created: 2023-09-03T22:01:16Z date_published: 2023-07-17T00:00:00Z date_updated: 2024-02-27T07:46:52Z day: '17' ddc: - '000' department: - _id: DaAl - _id: GradSch doi: 10.1007/978-3-031-37706-8_8 file: - access_level: open_access checksum: c346016393123a0a2338ad4d976f61bc content_type: application/pdf creator: dernst date_created: 2023-09-06T08:16:25Z date_updated: 2023-09-06T08:16:25Z file_id: '14275' file_name: 2023_LNCS_Koval.pdf file_size: 421408 relation: main_file success: 1 file_date_updated: 2023-09-06T08:16:25Z has_accepted_license: '1' intvolume: ' 13964' language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 156-169 publication: '35th International Conference on Computer Aided Verification ' publication_identifier: eissn: - 1611-3349 isbn: - '9783031377051' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '14995' relation: research_data status: public scopus_import: '1' status: public title: 'Lincheck: A practical framework for testing concurrent data structures on JVM' tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13964 year: '2023' ... --- _id: '13236' abstract: - lang: eng text: We present an auction algorithm using multiplicative instead of constant weight updates to compute a (1−ε)-approximate maximum weight matching (MWM) in a bipartite graph with n vertices and m edges in time O(mε−1log(ε−1)), matching the running time of the linear-time approximation algorithm of Duan and Pettie [JACM ’14]. Our algorithm is very simple and it can be extended to give a dynamic data structure that maintains a (1−ε)-approximate maximum weight matching under (1) one-sided vertex deletions (with incident edges) and (2) one-sided vertex insertions (with incident edges sorted by weight) to the other side. The total time time used is O(mε−1log(ε−1)), where m is the sum of the number of initially existing and inserted edges. acknowledgement: The first author thanks to Chandra Chekuri for useful discussions about this paper. This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (Grant agreement No. 101019564 “The Design of Modern Fully Dynamic Data Structures (MoDynStruct)” and from the Austrian Science Fund (FWF) project “Fast Algorithms for a Reactive Network Layer (ReactNet)”, P 33775-N, with additional funding from the netidee SCIENCE Stiftung, 2020–2024. alternative_title: - LNCS article_processing_charge: No author: - first_name: Da Wei full_name: Zheng, Da Wei last_name: Zheng - first_name: Monika H full_name: Henzinger, Monika H id: 540c9bbd-f2de-11ec-812d-d04a5be85630 last_name: Henzinger orcid: 0000-0002-5008-6530 citation: ama: 'Zheng DW, Henzinger MH. Multiplicative auction algorithm for approximate maximum weight bipartite matching. In: International Conference on Integer Programming and Combinatorial Optimization. Vol 13904. Springer Nature; 2023:453-465. doi:10.1007/978-3-031-32726-1_32' apa: 'Zheng, D. W., & Henzinger, M. H. (2023). Multiplicative auction algorithm for approximate maximum weight bipartite matching. In International Conference on Integer Programming and Combinatorial Optimization (Vol. 13904, pp. 453–465). Madison, WI, United States: Springer Nature. https://doi.org/10.1007/978-3-031-32726-1_32' chicago: Zheng, Da Wei, and Monika H Henzinger. “Multiplicative Auction Algorithm for Approximate Maximum Weight Bipartite Matching.” In International Conference on Integer Programming and Combinatorial Optimization, 13904:453–65. Springer Nature, 2023. https://doi.org/10.1007/978-3-031-32726-1_32. ieee: D. W. Zheng and M. H. Henzinger, “Multiplicative auction algorithm for approximate maximum weight bipartite matching,” in International Conference on Integer Programming and Combinatorial Optimization, Madison, WI, United States, 2023, vol. 13904, pp. 453–465. ista: 'Zheng DW, Henzinger MH. 2023. Multiplicative auction algorithm for approximate maximum weight bipartite matching. International Conference on Integer Programming and Combinatorial Optimization. IPCO: Integer Programming and Combinatorial Optimization, LNCS, vol. 13904, 453–465.' mla: Zheng, Da Wei, and Monika H. Henzinger. “Multiplicative Auction Algorithm for Approximate Maximum Weight Bipartite Matching.” International Conference on Integer Programming and Combinatorial Optimization, vol. 13904, Springer Nature, 2023, pp. 453–65, doi:10.1007/978-3-031-32726-1_32. short: D.W. Zheng, M.H. Henzinger, in:, International Conference on Integer Programming and Combinatorial Optimization, Springer Nature, 2023, pp. 453–465. conference: end_date: 2023-06-23 location: Madison, WI, United States name: 'IPCO: Integer Programming and Combinatorial Optimization' start_date: 2023-06-21 date_created: 2023-07-16T22:01:11Z date_published: 2023-05-22T00:00:00Z date_updated: 2024-03-19T08:32:32Z day: '22' department: - _id: MoHe doi: 10.1007/978-3-031-32726-1_32 ec_funded: 1 external_id: arxiv: - '2301.09217' intvolume: ' 13904' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2301.09217 month: '05' oa: 1 oa_version: Preprint page: 453-465 project: - _id: bd9ca328-d553-11ed-ba76-dc4f890cfe62 call_identifier: H2020 grant_number: '101019564' name: The design and evaluation of modern fully dynamic data structures - _id: bd9e3a2e-d553-11ed-ba76-8aa684ce17fe grant_number: 'P33775 ' name: Fast Algorithms for a Reactive Network Layer publication: International Conference on Integer Programming and Combinatorial Optimization publication_identifier: eissn: - 1611-3349 isbn: - '9783031327254' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '15121' relation: later_version status: public scopus_import: '1' status: public title: Multiplicative auction algorithm for approximate maximum weight bipartite matching type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13904 year: '2023' ... --- _id: '11429' abstract: - lang: eng text: "This book constitutes the refereed proceedings of the 18th International Symposium on Web and Wireless Geographical Information Systems, W2GIS 2022, held in Konstanz, Germany, in April 2022.\r\nThe 7 full papers presented together with 6 short papers in the volume were carefully reviewed and selected from 16 submissions. \ The papers cover topics that range from mobile GIS and Location-Based Services to Spatial Information Retrieval and Wireless Sensor Networks." alternative_title: - LNCS article_processing_charge: No citation: ama: 'Karimipour F, Storandt S, eds. Web and Wireless Geographical Information Systems. Vol 13238. 1st ed. Cham: Springer Nature; 2022. doi:10.1007/978-3-031-06245-2' apa: 'Karimipour, F., & Storandt, S. (Eds.). (2022). Web and Wireless Geographical Information Systems (1st ed., Vol. 13238). Cham: Springer Nature. https://doi.org/10.1007/978-3-031-06245-2' chicago: 'Karimipour, Farid, and Sabine Storandt, eds. Web and Wireless Geographical Information Systems. 1st ed. Vol. 13238. Cham: Springer Nature, 2022. https://doi.org/10.1007/978-3-031-06245-2.' ieee: 'F. Karimipour and S. Storandt, Eds., Web and Wireless Geographical Information Systems, 1st ed., vol. 13238. Cham: Springer Nature, 2022.' ista: 'Karimipour F, Storandt S eds. 2022. Web and Wireless Geographical Information Systems 1st ed., Cham: Springer Nature, 153p.' mla: Karimipour, Farid, and Sabine Storandt, editors. Web and Wireless Geographical Information Systems. 1st ed., vol. 13238, Springer Nature, 2022, doi:10.1007/978-3-031-06245-2. short: F. Karimipour, S. Storandt, eds., Web and Wireless Geographical Information Systems, 1st ed., Springer Nature, Cham, 2022. date_created: 2022-06-02T05:40:53Z date_published: 2022-05-01T00:00:00Z date_updated: 2022-06-02T05:56:22Z day: '01' department: - _id: HeEd doi: 10.1007/978-3-031-06245-2 edition: '1' editor: - first_name: Farid full_name: Karimipour, Farid id: 2A2BCDC4-CF62-11E9-BE5E-3B1EE6697425 last_name: Karimipour orcid: 0000-0001-6746-4174 - first_name: Sabine full_name: Storandt, Sabine last_name: Storandt intvolume: ' 13238' language: - iso: eng month: '05' oa_version: None page: '153' place: Cham publication_identifier: eisbn: - '9783031062452' eissn: - 1611-3349 isbn: - '9783031062445' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: Web and Wireless Geographical Information Systems type: book_editor user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13238 year: '2022' ... --- _id: '12171' abstract: - lang: eng text: 'We propose an algorithmic approach for synthesizing linear hybrid automata from time-series data. Unlike existing approaches, our approach provides a whole family of models with the same discrete structure but different dynamics. Each model in the family is guaranteed to capture the input data up to a precision error ε, in the following sense: For each time series, the model contains an execution that is ε-close to the data points. Our construction allows to effectively choose a model from this family with minimal precision error ε. We demonstrate the algorithm’s efficiency and its ability to find precise models in two case studies.' acknowledgement: This work was supported in part by the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement no. 847635, by the ERC-2020-AdG 101020093, by DIREC - Digital Research Centre Denmark, and by the Villum Investigator Grant S4OS. alternative_title: - LNCS article_processing_charge: No author: - first_name: Miriam full_name: Garcia Soto, Miriam id: 4B3207F6-F248-11E8-B48F-1D18A9856A87 last_name: Garcia Soto orcid: 0000-0003-2936-5719 - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Christian full_name: Schilling, Christian id: 3A2F4DCE-F248-11E8-B48F-1D18A9856A87 last_name: Schilling orcid: 0000-0003-3658-1065 citation: ama: 'Garcia Soto M, Henzinger TA, Schilling C. Synthesis of parametric hybrid automata from time series. In: 20th International Symposium on Automated Technology for Verification and Analysis. Vol 13505. Springer Nature; 2022:337-353. doi:10.1007/978-3-031-19992-9_22' apa: 'Garcia Soto, M., Henzinger, T. A., & Schilling, C. (2022). Synthesis of parametric hybrid automata from time series. In 20th International Symposium on Automated Technology for Verification and Analysis (Vol. 13505, pp. 337–353). Virtual: Springer Nature. https://doi.org/10.1007/978-3-031-19992-9_22' chicago: Garcia Soto, Miriam, Thomas A Henzinger, and Christian Schilling. “Synthesis of Parametric Hybrid Automata from Time Series.” In 20th International Symposium on Automated Technology for Verification and Analysis, 13505:337–53. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-19992-9_22. ieee: M. Garcia Soto, T. A. Henzinger, and C. Schilling, “Synthesis of parametric hybrid automata from time series,” in 20th International Symposium on Automated Technology for Verification and Analysis, Virtual, 2022, vol. 13505, pp. 337–353. ista: 'Garcia Soto M, Henzinger TA, Schilling C. 2022. Synthesis of parametric hybrid automata from time series. 20th International Symposium on Automated Technology for Verification and Analysis. ATVA: Automated Technology for Verification and Analysis, LNCS, vol. 13505, 337–353.' mla: Garcia Soto, Miriam, et al. “Synthesis of Parametric Hybrid Automata from Time Series.” 20th International Symposium on Automated Technology for Verification and Analysis, vol. 13505, Springer Nature, 2022, pp. 337–53, doi:10.1007/978-3-031-19992-9_22. short: M. Garcia Soto, T.A. Henzinger, C. Schilling, in:, 20th International Symposium on Automated Technology for Verification and Analysis, Springer Nature, 2022, pp. 337–353. conference: end_date: 2022-10-28 location: Virtual name: 'ATVA: Automated Technology for Verification and Analysis' start_date: 2022-10-25 date_created: 2023-01-12T12:11:16Z date_published: 2022-10-21T00:00:00Z date_updated: 2023-02-13T09:27:55Z day: '21' department: - _id: ToHe doi: 10.1007/978-3-031-19992-9_22 ec_funded: 1 external_id: arxiv: - '2208.06383' intvolume: ' 13505' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2208.06383 month: '10' oa: 1 oa_version: Preprint page: 337-353 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: 20th International Symposium on Automated Technology for Verification and Analysis publication_identifier: eisbn: - '9783031199929' eissn: - 1611-3349 isbn: - '9783031199912' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Synthesis of parametric hybrid automata from time series type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13505 year: '2022' ... --- _id: '10891' abstract: - lang: eng text: We present a formal framework for the online black-box monitoring of software using monitors with quantitative verdict functions. Quantitative verdict functions have several advantages. First, quantitative monitors can be approximate, i.e., the value of the verdict function does not need to correspond exactly to the value of the property under observation. Second, quantitative monitors can be quantified universally, i.e., for every possible observed behavior, the monitor tries to make the best effort to estimate the value of the property under observation. Third, quantitative monitors can watch boolean as well as quantitative properties, such as average response time. Fourth, quantitative monitors can use non-finite-state resources, such as counters. As a consequence, quantitative monitors can be compared according to how many resources they use (e.g., the number of counters) and how precisely they approximate the property under observation. This allows for a rich spectrum of cost-precision trade-offs in monitoring software. acknowledgement: The formal framework for quantitative monitoring which is presented in this invited talk was defined jointly with N. Ege Saraç at LICS 2021. This work was supported in part by the Wittgenstein Award Z211-N23 of the Austrian Science Fund. article_processing_charge: No author: - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 citation: ama: 'Henzinger TA. Quantitative monitoring of software. In: Software Verification. Vol 13124. LNCS. Springer Nature; 2022:3-6. doi:10.1007/978-3-030-95561-8_1' apa: 'Henzinger, T. A. (2022). Quantitative monitoring of software. In Software Verification (Vol. 13124, pp. 3–6). New Haven, CT, United States: Springer Nature. https://doi.org/10.1007/978-3-030-95561-8_1' chicago: Henzinger, Thomas A. “Quantitative Monitoring of Software.” In Software Verification, 13124:3–6. LNCS. Springer Nature, 2022. https://doi.org/10.1007/978-3-030-95561-8_1. ieee: T. A. Henzinger, “Quantitative monitoring of software,” in Software Verification, New Haven, CT, United States, 2022, vol. 13124, pp. 3–6. ista: 'Henzinger TA. 2022. Quantitative monitoring of software. Software Verification. NSV: Numerical Software VerificationLNCS vol. 13124, 3–6.' mla: Henzinger, Thomas A. “Quantitative Monitoring of Software.” Software Verification, vol. 13124, Springer Nature, 2022, pp. 3–6, doi:10.1007/978-3-030-95561-8_1. short: T.A. Henzinger, in:, Software Verification, Springer Nature, 2022, pp. 3–6. conference: end_date: 2021-10-19 location: New Haven, CT, United States name: 'NSV: Numerical Software Verification' start_date: 2021-10-18 date_created: 2022-03-20T23:01:40Z date_published: 2022-02-22T00:00:00Z date_updated: 2023-08-03T06:11:55Z day: '22' department: - _id: ToHe doi: 10.1007/978-3-030-95561-8_1 external_id: isi: - '000771713200001' intvolume: ' 13124' isi: 1 language: - iso: eng month: '02' oa_version: None page: 3-6 project: - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: Software Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783030955601' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Quantitative monitoring of software type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13124 year: '2022' ... --- _id: '11355' abstract: - lang: eng text: "Contract-based design is a promising methodology for taming the complexity of developing sophisticated systems. A formal contract distinguishes between assumptions, which are constraints that the designer of a component puts on the environments in which the component can be used safely, and guarantees, which are promises that the designer asks from the team that implements the component. A theory of formal contracts can be formalized as an interface theory, which supports the composition and refinement of both assumptions and guarantees.\r\nAlthough there is a rich landscape of contract-based design methods that address functional and extra-functional properties, we present the first interface theory that is designed for ensuring system-wide security properties. Our framework provides a refinement relation and a composition operation that support both incremental design and independent implementability. We develop our theory for both stateless and stateful interfaces. We illustrate the applicability of our framework with an example inspired from the automotive domain." acknowledgement: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 956123 and was funded in part by the FWF project W1255-N23 and by the ERC-2020-AdG 101020093. alternative_title: - LNCS article_processing_charge: No author: - first_name: Ezio full_name: Bartocci, Ezio last_name: Bartocci - first_name: Thomas full_name: Ferrere, Thomas id: 40960E6E-F248-11E8-B48F-1D18A9856A87 last_name: Ferrere orcid: 0000-0001-5199-3143 - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Dejan full_name: Nickovic, Dejan id: 41BCEE5C-F248-11E8-B48F-1D18A9856A87 last_name: Nickovic - first_name: Ana Oliveira full_name: Da Costa, Ana Oliveira last_name: Da Costa citation: ama: 'Bartocci E, Ferrere T, Henzinger TA, Nickovic D, Da Costa AO. Information-flow interfaces. In: Fundamental Approaches to Software Engineering. Vol 13241. Springer Nature; 2022:3-22. doi:10.1007/978-3-030-99429-7_1' apa: 'Bartocci, E., Ferrere, T., Henzinger, T. A., Nickovic, D., & Da Costa, A. O. (2022). Information-flow interfaces. In Fundamental Approaches to Software Engineering (Vol. 13241, pp. 3–22). Munich, Germany: Springer Nature. https://doi.org/10.1007/978-3-030-99429-7_1' chicago: Bartocci, Ezio, Thomas Ferrere, Thomas A Henzinger, Dejan Nickovic, and Ana Oliveira Da Costa. “Information-Flow Interfaces.” In Fundamental Approaches to Software Engineering, 13241:3–22. Springer Nature, 2022. https://doi.org/10.1007/978-3-030-99429-7_1. ieee: E. Bartocci, T. Ferrere, T. A. Henzinger, D. Nickovic, and A. O. Da Costa, “Information-flow interfaces,” in Fundamental Approaches to Software Engineering, Munich, Germany, 2022, vol. 13241, pp. 3–22. ista: 'Bartocci E, Ferrere T, Henzinger TA, Nickovic D, Da Costa AO. 2022. Information-flow interfaces. Fundamental Approaches to Software Engineering. FASE: Fundamental Approaches to Software Engineering, LNCS, vol. 13241, 3–22.' mla: Bartocci, Ezio, et al. “Information-Flow Interfaces.” Fundamental Approaches to Software Engineering, vol. 13241, Springer Nature, 2022, pp. 3–22, doi:10.1007/978-3-030-99429-7_1. short: E. Bartocci, T. Ferrere, T.A. Henzinger, D. Nickovic, A.O. Da Costa, in:, Fundamental Approaches to Software Engineering, Springer Nature, 2022, pp. 3–22. conference: end_date: 2022-04-07 location: Munich, Germany name: 'FASE: Fundamental Approaches to Software Engineering' start_date: 2022-04-02 date_created: 2022-05-08T22:01:44Z date_published: 2022-03-29T00:00:00Z date_updated: 2023-08-03T07:03:40Z day: '29' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-030-99429-7_1 ec_funded: 1 external_id: isi: - '000782393600001' file: - access_level: open_access checksum: 7f6f860b20b8de2a249e9c1b4eee15cf content_type: application/pdf creator: dernst date_created: 2022-05-09T06:52:44Z date_updated: 2022-05-09T06:52:44Z file_id: '11357' file_name: 2022_LNCS_Bartocci.pdf file_size: 479146 relation: main_file success: 1 file_date_updated: 2022-05-09T06:52:44Z has_accepted_license: '1' intvolume: ' 13241' isi: 1 language: - iso: eng month: '03' oa: 1 oa_version: Published Version page: 3-22 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: Fundamental Approaches to Software Engineering publication_identifier: eissn: - 1611-3349 isbn: - '9783030994280' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Information-flow interfaces tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13241 year: '2022' ... --- _id: '11476' abstract: - lang: eng text: "Messaging platforms like Signal are widely deployed and provide strong security in an asynchronous setting. It is a challenging problem to construct a protocol with similar security guarantees that can efficiently scale to large groups. A major bottleneck are the frequent key rotations users need to perform to achieve post compromise forward security.\r\n\r\nIn current proposals – most notably in TreeKEM (which is part of the IETF’s Messaging Layer Security (MLS) protocol draft) – for users in a group of size n to rotate their keys, they must each craft a message of size log(n) to be broadcast to the group using an (untrusted) delivery server.\r\n\r\nIn larger groups, having users sequentially rotate their keys requires too much bandwidth (or takes too long), so variants allowing any T≤n users to simultaneously rotate their keys in just 2 communication rounds have been suggested (e.g. “Propose and Commit” by MLS). Unfortunately, 2-round concurrent updates are either damaging or expensive (or both); i.e. they either result in future operations being more costly (e.g. via “blanking” or “tainting”) or are costly themselves requiring Ω(T) communication for each user [Bienstock et al., TCC’20].\r\n\r\nIn this paper we propose CoCoA; a new scheme that allows for T concurrent updates that are neither damaging nor costly. That is, they add no cost to future operations yet they only require Ω(log2(n)) communication per user. To circumvent the [Bienstock et al.] lower bound, CoCoA increases the number of rounds needed to complete all updates from 2 up to (at most) log(n); though typically fewer rounds are needed.\r\n\r\nThe key insight of our protocol is the following: in the (non-concurrent version of) TreeKEM, a delivery server which gets T concurrent update requests will approve one and reject the remaining T−1. In contrast, our server attempts to apply all of them. If more than one user requests to rotate the same key during a round, the server arbitrarily picks a winner. Surprisingly, we prove that regardless of how the server chooses the winners, all previously compromised users will recover after at most log(n) such update rounds.\r\n\r\nTo keep the communication complexity low, CoCoA is a server-aided CGKA. That is, the delivery server no longer blindly forwards packets, but instead actively computes individualized packets tailored to each user. As the server is untrusted, this change requires us to develop new mechanisms ensuring robustness of the protocol." acknowledgement: We thank Marta Mularczyk and Yiannis Tselekounis for their very helpful feedback on an earlier draft of this paper. alternative_title: - LNCS article_processing_charge: No author: - first_name: Joël full_name: Alwen, Joël last_name: Alwen - first_name: Benedikt full_name: Auerbach, Benedikt id: D33D2B18-E445-11E9-ABB7-15F4E5697425 last_name: Auerbach orcid: 0000-0002-7553-6606 - first_name: Miguel full_name: Cueto Noval, Miguel id: ffc563a3-f6e0-11ea-865d-e3cce03d17cc last_name: Cueto Noval - first_name: Karen full_name: Klein, Karen id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87 last_name: Klein - first_name: Guillermo full_name: Pascual Perez, Guillermo id: 2D7ABD02-F248-11E8-B48F-1D18A9856A87 last_name: Pascual Perez - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Michael full_name: Walter, Michael last_name: Walter citation: ama: 'Alwen J, Auerbach B, Cueto Noval M, et al. CoCoA: Concurrent continuous group key agreement. In: Advances in Cryptology – EUROCRYPT 2022. Vol 13276. Cham: Springer Nature; 2022:815–844. doi:10.1007/978-3-031-07085-3_28' apa: 'Alwen, J., Auerbach, B., Cueto Noval, M., Klein, K., Pascual Perez, G., Pietrzak, K. Z., & Walter, M. (2022). CoCoA: Concurrent continuous group key agreement. In Advances in Cryptology – EUROCRYPT 2022 (Vol. 13276, pp. 815–844). Cham: Springer Nature. https://doi.org/10.1007/978-3-031-07085-3_28' chicago: 'Alwen, Joël, Benedikt Auerbach, Miguel Cueto Noval, Karen Klein, Guillermo Pascual Perez, Krzysztof Z Pietrzak, and Michael Walter. “CoCoA: Concurrent Continuous Group Key Agreement.” In Advances in Cryptology – EUROCRYPT 2022, 13276:815–844. Cham: Springer Nature, 2022. https://doi.org/10.1007/978-3-031-07085-3_28.' ieee: 'J. Alwen et al., “CoCoA: Concurrent continuous group key agreement,” in Advances in Cryptology – EUROCRYPT 2022, Trondheim, Norway, 2022, vol. 13276, pp. 815–844.' ista: 'Alwen J, Auerbach B, Cueto Noval M, Klein K, Pascual Perez G, Pietrzak KZ, Walter M. 2022. CoCoA: Concurrent continuous group key agreement. Advances in Cryptology – EUROCRYPT 2022. EUROCRYPT: Annual International Conference on the Theory and Applications of Cryptology and Information Security, LNCS, vol. 13276, 815–844.' mla: 'Alwen, Joël, et al. “CoCoA: Concurrent Continuous Group Key Agreement.” Advances in Cryptology – EUROCRYPT 2022, vol. 13276, Springer Nature, 2022, pp. 815–844, doi:10.1007/978-3-031-07085-3_28.' short: J. Alwen, B. Auerbach, M. Cueto Noval, K. Klein, G. Pascual Perez, K.Z. Pietrzak, M. Walter, in:, Advances in Cryptology – EUROCRYPT 2022, Springer Nature, Cham, 2022, pp. 815–844. conference: end_date: 2022-06-03 location: Trondheim, Norway name: 'EUROCRYPT: Annual International Conference on the Theory and Applications of Cryptology and Information Security' start_date: 2022-05-30 date_created: 2022-06-30T16:48:00Z date_published: 2022-05-25T00:00:00Z date_updated: 2023-08-03T07:25:02Z day: '25' department: - _id: GradSch - _id: KrPi doi: 10.1007/978-3-031-07085-3_28 ec_funded: 1 external_id: isi: - '000832305300028' intvolume: ' 13276' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2022/251 month: '05' oa: 1 oa_version: Preprint page: 815–844 place: Cham project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program publication: Advances in Cryptology – EUROCRYPT 2022 publication_identifier: eisbn: - '9783031070853' eissn: - 1611-3349 isbn: - '9783031070846' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'CoCoA: Concurrent continuous group key agreement' type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13276 year: '2022' ... --- _id: '11707' abstract: - lang: eng text: 'In this work we introduce the graph-theoretic notion of mendability: for each locally checkable graph problem we can define its mending radius, which captures the idea of how far one needs to modify a partial solution in order to “patch a hole.” We explore how mendability is connected to the existence of efficient algorithms, especially in distributed, parallel, and fault-tolerant settings. It is easy to see that O(1)-mendable problems are also solvable in O(log∗n) rounds in the LOCAL model of distributed computing. One of the surprises is that in paths and cycles, a converse also holds in the following sense: if a problem Π can be solved in O(log∗n), there is always a restriction Π′⊆Π that is still efficiently solvable but that is also O(1)-mendable. We also explore the structure of the landscape of mendability. For example, we show that in trees, the mending radius of any locally checkable problem is O(1), Θ(logn), or Θ(n), while in general graphs the structure is much more diverse.' acknowledgement: This project has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 840605. This work was supported in part by the Academy of Finland, Grants 314888 and 333837. The authors would also like to thank David Harris, Neven Villani, and the anonymous reviewers for their very helpful comments and feedback on previous versions of this work. article_processing_charge: No author: - first_name: Alkida full_name: Balliu, Alkida last_name: Balliu - first_name: Juho full_name: Hirvonen, Juho last_name: Hirvonen - first_name: Darya full_name: Melnyk, Darya last_name: Melnyk - first_name: Dennis full_name: Olivetti, Dennis last_name: Olivetti - first_name: Joel full_name: Rybicki, Joel id: 334EFD2E-F248-11E8-B48F-1D18A9856A87 last_name: Rybicki orcid: 0000-0002-6432-6646 - first_name: Jukka full_name: Suomela, Jukka last_name: Suomela citation: ama: 'Balliu A, Hirvonen J, Melnyk D, Olivetti D, Rybicki J, Suomela J. Local mending. In: Parter M, ed. International Colloquium on Structural Information and Communication Complexity. Vol 13298. LNCS. Springer Nature; 2022:1-20. doi:10.1007/978-3-031-09993-9_1' apa: 'Balliu, A., Hirvonen, J., Melnyk, D., Olivetti, D., Rybicki, J., & Suomela, J. (2022). Local mending. In M. Parter (Ed.), International Colloquium on Structural Information and Communication Complexity (Vol. 13298, pp. 1–20). Paderborn, Germany: Springer Nature. https://doi.org/10.1007/978-3-031-09993-9_1' chicago: Balliu, Alkida, Juho Hirvonen, Darya Melnyk, Dennis Olivetti, Joel Rybicki, and Jukka Suomela. “Local Mending.” In International Colloquium on Structural Information and Communication Complexity, edited by Merav Parter, 13298:1–20. LNCS. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-09993-9_1. ieee: A. Balliu, J. Hirvonen, D. Melnyk, D. Olivetti, J. Rybicki, and J. Suomela, “Local mending,” in International Colloquium on Structural Information and Communication Complexity, Paderborn, Germany, 2022, vol. 13298, pp. 1–20. ista: 'Balliu A, Hirvonen J, Melnyk D, Olivetti D, Rybicki J, Suomela J. 2022. Local mending. International Colloquium on Structural Information and Communication Complexity. SIROCCO: Structural Information and Communication ComplexityLNCS vol. 13298, 1–20.' mla: Balliu, Alkida, et al. “Local Mending.” International Colloquium on Structural Information and Communication Complexity, edited by Merav Parter, vol. 13298, Springer Nature, 2022, pp. 1–20, doi:10.1007/978-3-031-09993-9_1. short: A. Balliu, J. Hirvonen, D. Melnyk, D. Olivetti, J. Rybicki, J. Suomela, in:, M. Parter (Ed.), International Colloquium on Structural Information and Communication Complexity, Springer Nature, 2022, pp. 1–20. conference: end_date: 2022-06-29 location: Paderborn, Germany name: 'SIROCCO: Structural Information and Communication Complexity' start_date: 2022-06-27 date_created: 2022-07-31T22:01:49Z date_published: 2022-06-25T00:00:00Z date_updated: 2023-08-03T12:16:29Z day: '25' department: - _id: DaAl doi: 10.1007/978-3-031-09993-9_1 ec_funded: 1 editor: - first_name: Merav full_name: Parter, Merav last_name: Parter external_id: arxiv: - '2102.08703' isi: - '000876977400001' intvolume: ' 13298' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/2102.08703 month: '06' oa: 1 oa_version: Preprint page: 1-20 project: - _id: 26A5D39A-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '840605' name: Coordination in constrained and natural distributed systems publication: International Colloquium on Structural Information and Communication Complexity publication_identifier: eissn: - 1611-3349 isbn: - '9783031099922' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Local mending type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13298 year: '2022' ... --- _id: '12516' abstract: - lang: eng text: "The homogeneous continuous LWE (hCLWE) problem is to distinguish samples of a specific high-dimensional Gaussian mixture from standard normal samples. It was shown to be at least as hard as Learning with Errors, but no reduction in the other direction is currently known.\r\nWe present four new public-key encryption schemes based on the hardness of hCLWE, with varying tradeoffs between decryption and security errors, and different discretization techniques. Our schemes yield a polynomial-time algorithm for solving hCLWE using a Statistical Zero-Knowledge oracle." acknowledgement: "We are grateful to Devika Sharma and Luca Trevisan for their insight and advice and to an anonymous reviewer for helpful comments.\r\n\r\nThis work was supported by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (Grant agreement No. 101019547). The first author was additionally supported by RGC GRF CUHK14209920 and the fourth author was additionally supported by ISF grant No. 1399/17, project PROMETHEUS (Grant 780701), and Cariplo CRYPTONOMEX grant." alternative_title: - LNCS article_processing_charge: No author: - first_name: Andrej full_name: Bogdanov, Andrej last_name: Bogdanov - first_name: Miguel full_name: Cueto Noval, Miguel id: ffc563a3-f6e0-11ea-865d-e3cce03d17cc last_name: Cueto Noval - first_name: Charlotte full_name: Hoffmann, Charlotte id: 0f78d746-dc7d-11ea-9b2f-83f92091afe7 last_name: Hoffmann - first_name: Alon full_name: Rosen, Alon last_name: Rosen citation: ama: 'Bogdanov A, Cueto Noval M, Hoffmann C, Rosen A. Public-Key Encryption from Homogeneous CLWE. In: Theory of Cryptography. Vol 13748. Springer Nature; 2022:565-592. doi:10.1007/978-3-031-22365-5_20' apa: 'Bogdanov, A., Cueto Noval, M., Hoffmann, C., & Rosen, A. (2022). Public-Key Encryption from Homogeneous CLWE. In Theory of Cryptography (Vol. 13748, pp. 565–592). Chicago, IL, United States: Springer Nature. https://doi.org/10.1007/978-3-031-22365-5_20' chicago: Bogdanov, Andrej, Miguel Cueto Noval, Charlotte Hoffmann, and Alon Rosen. “Public-Key Encryption from Homogeneous CLWE.” In Theory of Cryptography, 13748:565–92. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-22365-5_20. ieee: A. Bogdanov, M. Cueto Noval, C. Hoffmann, and A. Rosen, “Public-Key Encryption from Homogeneous CLWE,” in Theory of Cryptography, Chicago, IL, United States, 2022, vol. 13748, pp. 565–592. ista: 'Bogdanov A, Cueto Noval M, Hoffmann C, Rosen A. 2022. Public-Key Encryption from Homogeneous CLWE. Theory of Cryptography. TCC: Theory of Cryptography, LNCS, vol. 13748, 565–592.' mla: Bogdanov, Andrej, et al. “Public-Key Encryption from Homogeneous CLWE.” Theory of Cryptography, vol. 13748, Springer Nature, 2022, pp. 565–92, doi:10.1007/978-3-031-22365-5_20. short: A. Bogdanov, M. Cueto Noval, C. Hoffmann, A. Rosen, in:, Theory of Cryptography, Springer Nature, 2022, pp. 565–592. conference: end_date: 2022-11-10 location: Chicago, IL, United States name: 'TCC: Theory of Cryptography' start_date: 2022-11-07 date_created: 2023-02-05T23:01:00Z date_published: 2022-12-21T00:00:00Z date_updated: 2023-08-04T10:39:30Z day: '21' department: - _id: KrPi doi: 10.1007/978-3-031-22365-5_20 external_id: isi: - '000921318200020' intvolume: ' 13748' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2022/093 month: '12' oa: 1 oa_version: Preprint page: 565-592 publication: Theory of Cryptography publication_identifier: eissn: - 1611-3349 isbn: - '9783031223648' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Public-Key Encryption from Homogeneous CLWE type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13748 year: '2022' ... --- _id: '12167' abstract: - lang: eng text: "Payment channels effectively move the transaction load off-chain thereby successfully addressing the inherent scalability problem most cryptocurrencies face. A major drawback of payment channels is the need to “top up” funds on-chain when a channel is depleted. Rebalancing was proposed to alleviate this issue, where parties with depleting channels move their funds along a cycle to replenish their channels off-chain. Protocols for rebalancing so far either introduce local solutions or compromise privacy.\r\nIn this work, we present an opt-in rebalancing protocol that is both private and globally optimal, meaning our protocol maximizes the total amount of rebalanced funds. We study rebalancing from the framework of linear programming. To obtain full privacy guarantees, we leverage multi-party computation in solving the linear program, which is executed by selected participants to maintain efficiency. Finally, we efficiently decompose the rebalancing solution into incentive-compatible cycles which conserve user balances when executed atomically." alternative_title: - LNCS article_processing_charge: No author: - first_name: Georgia full_name: Avarikioti, Georgia id: c20482a0-3b89-11eb-9862-88cf6404b88c last_name: Avarikioti - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Iosif full_name: Salem, Iosif last_name: Salem - first_name: Stefan full_name: Schmid, Stefan last_name: Schmid - first_name: Samarth full_name: Tiwari, Samarth last_name: Tiwari - first_name: Michelle X full_name: Yeo, Michelle X id: 2D82B818-F248-11E8-B48F-1D18A9856A87 last_name: Yeo citation: ama: 'Avarikioti G, Pietrzak KZ, Salem I, Schmid S, Tiwari S, Yeo MX. Hide & Seek: Privacy-preserving rebalancing on payment channel networks. In: Financial Cryptography and Data Security. Vol 13411. Springer Nature; 2022:358-373. doi:10.1007/978-3-031-18283-9_17' apa: 'Avarikioti, G., Pietrzak, K. Z., Salem, I., Schmid, S., Tiwari, S., & Yeo, M. X. (2022). Hide & Seek: Privacy-preserving rebalancing on payment channel networks. In Financial Cryptography and Data Security (Vol. 13411, pp. 358–373). Grenada: Springer Nature. https://doi.org/10.1007/978-3-031-18283-9_17' chicago: 'Avarikioti, Georgia, Krzysztof Z Pietrzak, Iosif Salem, Stefan Schmid, Samarth Tiwari, and Michelle X Yeo. “Hide & Seek: Privacy-Preserving Rebalancing on Payment Channel Networks.” In Financial Cryptography and Data Security, 13411:358–73. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-18283-9_17.' ieee: 'G. Avarikioti, K. Z. Pietrzak, I. Salem, S. Schmid, S. Tiwari, and M. X. Yeo, “Hide & Seek: Privacy-preserving rebalancing on payment channel networks,” in Financial Cryptography and Data Security, Grenada, 2022, vol. 13411, pp. 358–373.' ista: 'Avarikioti G, Pietrzak KZ, Salem I, Schmid S, Tiwari S, Yeo MX. 2022. Hide & Seek: Privacy-preserving rebalancing on payment channel networks. Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13411, 358–373.' mla: 'Avarikioti, Georgia, et al. “Hide & Seek: Privacy-Preserving Rebalancing on Payment Channel Networks.” Financial Cryptography and Data Security, vol. 13411, Springer Nature, 2022, pp. 358–73, doi:10.1007/978-3-031-18283-9_17.' short: G. Avarikioti, K.Z. Pietrzak, I. Salem, S. Schmid, S. Tiwari, M.X. Yeo, in:, Financial Cryptography and Data Security, Springer Nature, 2022, pp. 358–373. conference: end_date: 2022-05-06 location: Grenada name: 'FC: Financial Cryptography and Data Security' start_date: 2022-05-02 date_created: 2023-01-12T12:10:38Z date_published: 2022-10-22T00:00:00Z date_updated: 2023-09-05T15:10:57Z day: '22' department: - _id: KrPi doi: 10.1007/978-3-031-18283-9_17 external_id: arxiv: - '2110.08848' intvolume: ' 13411' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2110.08848 month: '10' oa: 1 oa_version: Preprint page: 358-373 publication: Financial Cryptography and Data Security publication_identifier: eisbn: - '9783031182839' eissn: - 1611-3349 isbn: - '9783031182822' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Hide & Seek: Privacy-preserving rebalancing on payment channel networks' type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13411 year: '2022' ... --- _id: '12302' abstract: - lang: eng text: 'We propose a novel algorithm to decide the language inclusion between (nondeterministic) Büchi automata, a PSPACE-complete problem. Our approach, like others before, leverage a notion of quasiorder to prune the search for a counterexample by discarding candidates which are subsumed by others for the quasiorder. Discarded candidates are guaranteed to not compromise the completeness of the algorithm. The novelty of our work lies in the quasiorder used to discard candidates. We introduce FORQs (family of right quasiorders) that we obtain by adapting the notion of family of right congruences put forward by Maler and Staiger in 1993. We define a FORQ-based inclusion algorithm which we prove correct and instantiate it for a specific FORQ, called the structural FORQ, induced by the Büchi automaton to the right of the inclusion sign. The resulting implementation, called FORKLIFT, scales up better than the state-of-the-art on a variety of benchmarks including benchmarks from program verification and theorem proving for word combinatorics. Artifact: https://doi.org/10.5281/zenodo.6552870' acknowledgement: This work was partially funded by the ESF Investing in your future, the Madrid regional project S2018/TCS-4339 BLOQUES, the Spanish project PGC2018-102210-B-I00 BOSCO, the Ramón y Cajal fellowship RYC-2016-20281, and the ERC grant PR1001ERC02. alternative_title: - LNCS article_processing_charge: No author: - first_name: Kyveli full_name: Doveri, Kyveli last_name: Doveri - first_name: Pierre full_name: Ganty, Pierre last_name: Ganty - first_name: Nicolas Adrien full_name: Mazzocchi, Nicolas Adrien id: b26baa86-3308-11ec-87b0-8990f34baa85 last_name: Mazzocchi citation: ama: 'Doveri K, Ganty P, Mazzocchi NA. FORQ-based language inclusion formal testing. In: Computer Aided Verification. Vol 13372. Springer Nature; 2022:109-129. doi:10.1007/978-3-031-13188-2_6' apa: 'Doveri, K., Ganty, P., & Mazzocchi, N. A. (2022). FORQ-based language inclusion formal testing. In Computer Aided Verification (Vol. 13372, pp. 109–129). Haifa, Israel: Springer Nature. https://doi.org/10.1007/978-3-031-13188-2_6' chicago: Doveri, Kyveli, Pierre Ganty, and Nicolas Adrien Mazzocchi. “FORQ-Based Language Inclusion Formal Testing.” In Computer Aided Verification, 13372:109–29. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-13188-2_6. ieee: K. Doveri, P. Ganty, and N. A. Mazzocchi, “FORQ-based language inclusion formal testing,” in Computer Aided Verification, Haifa, Israel, 2022, vol. 13372, pp. 109–129. ista: 'Doveri K, Ganty P, Mazzocchi NA. 2022. FORQ-based language inclusion formal testing. Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 13372, 109–129.' mla: Doveri, Kyveli, et al. “FORQ-Based Language Inclusion Formal Testing.” Computer Aided Verification, vol. 13372, Springer Nature, 2022, pp. 109–29, doi:10.1007/978-3-031-13188-2_6. short: K. Doveri, P. Ganty, N.A. Mazzocchi, in:, Computer Aided Verification, Springer Nature, 2022, pp. 109–129. conference: end_date: 2022-08-10 location: Haifa, Israel name: 'CAV: Computer Aided Verification' start_date: 2022-08-07 date_created: 2023-01-16T10:06:31Z date_published: 2022-08-06T00:00:00Z date_updated: 2023-09-05T15:13:36Z day: '06' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-031-13188-2_6 ec_funded: 1 external_id: arxiv: - '2207.13549' isi: - '000870310500006' file: - access_level: open_access checksum: edc363b1be5447a09063e115c247918a content_type: application/pdf creator: dernst date_created: 2023-01-30T12:51:02Z date_updated: 2023-01-30T12:51:02Z file_id: '12465' file_name: 2022_LNCS_Doveri.pdf file_size: 497682 relation: main_file success: 1 file_date_updated: 2023-01-30T12:51:02Z has_accepted_license: '1' intvolume: ' 13372' isi: 1 language: - iso: eng month: '08' oa: 1 oa_version: Published Version page: 109-129 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: Computer Aided Verification publication_identifier: eisbn: - '9783031131882' eissn: - 1611-3349 isbn: - '9783031131875' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: FORQ-based language inclusion formal testing tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13372 year: '2022' ... --- _id: '12176' abstract: - lang: eng text: "A proof of exponentiation (PoE) in a group G of unknown order allows a prover to convince a verifier that a tuple (x,q,T,y)∈G×N×N×G satisfies xqT=y. This primitive has recently found exciting applications in the constructions of verifiable delay functions and succinct arguments of knowledge. The most practical PoEs only achieve soundness either under computational assumptions, i.e., they are arguments (Wesolowski, Journal of Cryptology 2020), or in groups that come with the promise of not having any small subgroups (Pietrzak, ITCS 2019). The only statistically-sound PoE in general groups of unknown order is due to Block et al. (CRYPTO 2021), and can be seen as an elaborate parallel repetition of Pietrzak’s PoE: to achieve λ bits of security, say λ=80, the number of repetitions required (and thus the blow-up in communication) is as large as λ.\r\n\r\nIn this work, we propose a statistically-sound PoE for the case where the exponent q is the product of all primes up to some bound B. We show that, in this case, it suffices to run only λ/log(B) parallel instances of Pietrzak’s PoE, which reduces the concrete proof-size compared to Block et al. by an order of magnitude. Furthermore, we show that in the known applications where PoEs are used as a building block such structured exponents are viable. Finally, we also discuss batching of our PoE, showing that many proofs (for the same G and q but different x and T) can be batched by adding only a single element to the proof per additional statement." acknowledgement: "We would like to thank the authors of [BHR+21] for clarifying several questions we had\r\nregarding their results. Pavel Hubá£ek was supported by the Grant Agency of the Czech\r\nRepublic under the grant agreement no. 19-27871X and by the Charles University project\r\nUNCE/SCI/004. Chethan Kamath is supported by Azrieli International Postdoctoral Fellowship\r\nand ISF grants 484/18 and 1789/19. Karen Klein was supported in part by ERC CoG grant\r\n724307 and conducted part of this work at Institute of Science and Technology Austria." alternative_title: - LNCS article_processing_charge: No author: - first_name: Charlotte full_name: Hoffmann, Charlotte id: 0f78d746-dc7d-11ea-9b2f-83f92091afe7 last_name: Hoffmann orcid: 0000-0003-2027-5549 - first_name: Pavel full_name: Hubáček, Pavel last_name: Hubáček - first_name: Chethan full_name: Kamath, Chethan last_name: Kamath - first_name: Karen full_name: Klein, Karen last_name: Klein - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 citation: ama: 'Hoffmann C, Hubáček P, Kamath C, Klein K, Pietrzak KZ. Practical statistically-sound proofs of exponentiation in any group. In: Advances in Cryptology – CRYPTO 2022. Vol 13508. Springer Nature; 2022:370-399. doi:10.1007/978-3-031-15979-4_13' apa: 'Hoffmann, C., Hubáček, P., Kamath, C., Klein, K., & Pietrzak, K. Z. (2022). Practical statistically-sound proofs of exponentiation in any group. In Advances in Cryptology – CRYPTO 2022 (Vol. 13508, pp. 370–399). Santa Barbara, CA, United States: Springer Nature. https://doi.org/10.1007/978-3-031-15979-4_13' chicago: Hoffmann, Charlotte, Pavel Hubáček, Chethan Kamath, Karen Klein, and Krzysztof Z Pietrzak. “Practical Statistically-Sound Proofs of Exponentiation in Any Group.” In Advances in Cryptology – CRYPTO 2022, 13508:370–99. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-15979-4_13. ieee: C. Hoffmann, P. Hubáček, C. Kamath, K. Klein, and K. Z. Pietrzak, “Practical statistically-sound proofs of exponentiation in any group,” in Advances in Cryptology – CRYPTO 2022, Santa Barbara, CA, United States, 2022, vol. 13508, pp. 370–399. ista: 'Hoffmann C, Hubáček P, Kamath C, Klein K, Pietrzak KZ. 2022. Practical statistically-sound proofs of exponentiation in any group. Advances in Cryptology – CRYPTO 2022. CRYYPTO: International Cryptology Conference, LNCS, vol. 13508, 370–399.' mla: Hoffmann, Charlotte, et al. “Practical Statistically-Sound Proofs of Exponentiation in Any Group.” Advances in Cryptology – CRYPTO 2022, vol. 13508, Springer Nature, 2022, pp. 370–99, doi:10.1007/978-3-031-15979-4_13. short: C. Hoffmann, P. Hubáček, C. Kamath, K. Klein, K.Z. Pietrzak, in:, Advances in Cryptology – CRYPTO 2022, Springer Nature, 2022, pp. 370–399. conference: end_date: 2022-08-18 location: Santa Barbara, CA, United States name: 'CRYYPTO: International Cryptology Conference' start_date: 2022-08-15 date_created: 2023-01-12T12:12:07Z date_published: 2022-10-13T00:00:00Z date_updated: 2023-09-05T15:12:27Z day: '13' department: - _id: KrPi doi: 10.1007/978-3-031-15979-4_13 external_id: isi: - '000886792700013' intvolume: ' 13508' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2022/1021 month: '10' oa: 1 oa_version: Preprint page: 370-399 publication: Advances in Cryptology – CRYPTO 2022 publication_identifier: eisbn: - '9783031159794' eissn: - 1611-3349 isbn: - '9783031159787' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Practical statistically-sound proofs of exponentiation in any group type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13508 year: '2022' ... --- _id: '12298' abstract: - lang: eng text: 'Existing committee-based Byzantine state machine replication (SMR) protocols, typically deployed in production blockchains, face a clear trade-off: (1) they either achieve linear communication cost in the steady state, but sacrifice liveness during periods of asynchrony, or (2) they are robust (progress with probability one) but pay quadratic communication cost. We believe this trade-off is unwarranted since existing linear protocols still have asymptotic quadratic cost in the worst case. We design Ditto, a Byzantine SMR protocol that enjoys the best of both worlds: optimal communication on and off the steady state (linear and quadratic, respectively) and progress guarantee under asynchrony and DDoS attacks. We achieve this by replacing the view-synchronization of partially synchronous protocols with an asynchronous fallback mechanism at no extra asymptotic cost. Specifically, we start from HotStuff, a state-of-the-art linear protocol, and gradually build Ditto. As a separate contribution and an intermediate step, we design a 2-chain version of HotStuff, Jolteon, which leverages a quadratic view-change mechanism to reduce the latency of the standard 3-chain HotStuff. We implement and experimentally evaluate all our systems to prove that breaking the robustness-efficiency trade-off is in the realm of practicality.' acknowledgement: We thank our shepherd Aniket Kate and the anonymous reviewers at FC 2022 for their helpful feedback. This work is supported by the Novi team at Facebook. We also thank the Novi Research and Engineering teams for valuable feedback, and in particular Mathieu Baudet, Andrey Chursin, George Danezis, Zekun Li, and Dahlia Malkhi for discussions that shaped this work. alternative_title: - LNCS article_processing_charge: No author: - first_name: Rati full_name: Gelashvili, Rati last_name: Gelashvili - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Alberto full_name: Sonnino, Alberto last_name: Sonnino - first_name: Alexander full_name: Spiegelman, Alexander last_name: Spiegelman - first_name: Zhuolun full_name: Xiang, Zhuolun last_name: Xiang citation: ama: 'Gelashvili R, Kokoris Kogias E, Sonnino A, Spiegelman A, Xiang Z. Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback. In: Financial Cryptography and Data Security. Vol 13411. Springer Nature; 2022:296-315. doi:10.1007/978-3-031-18283-9_14' apa: 'Gelashvili, R., Kokoris Kogias, E., Sonnino, A., Spiegelman, A., & Xiang, Z. (2022). Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback. In Financial Cryptography and Data Security (Vol. 13411, pp. 296–315). Radisson Grenada Beach Resort, Grenada: Springer Nature. https://doi.org/10.1007/978-3-031-18283-9_14' chicago: 'Gelashvili, Rati, Eleftherios Kokoris Kogias, Alberto Sonnino, Alexander Spiegelman, and Zhuolun Xiang. “Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback.” In Financial Cryptography and Data Security, 13411:296–315. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-18283-9_14.' ieee: 'R. Gelashvili, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, and Z. Xiang, “Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback,” in Financial Cryptography and Data Security, Radisson Grenada Beach Resort, Grenada, 2022, vol. 13411, pp. 296–315.' ista: 'Gelashvili R, Kokoris Kogias E, Sonnino A, Spiegelman A, Xiang Z. 2022. Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback. Financial Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 13411, 296–315.' mla: 'Gelashvili, Rati, et al. “Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback.” Financial Cryptography and Data Security, vol. 13411, Springer Nature, 2022, pp. 296–315, doi:10.1007/978-3-031-18283-9_14.' short: R. Gelashvili, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, Z. Xiang, in:, Financial Cryptography and Data Security, Springer Nature, 2022, pp. 296–315. conference: end_date: 2022-05-06 location: Radisson Grenada Beach Resort, Grenada name: 'FC: Financial Cryptography' start_date: 2022-05-02 date_created: 2023-01-16T10:05:51Z date_published: 2022-10-22T00:00:00Z date_updated: 2023-09-05T15:13:17Z day: '22' department: - _id: ElKo doi: 10.1007/978-3-031-18283-9_14 external_id: arxiv: - '2106.10362' intvolume: ' 13411' language: - iso: eng main_file_link: - open_access: '1' url: ' https://doi.org/10.48550/arXiv.2106.10362' month: '10' oa: 1 oa_version: Preprint page: 296-315 publication: Financial Cryptography and Data Security publication_identifier: eisbn: - '9783031182839' eissn: - 1611-3349 isbn: - '9783031182822' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback' type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13411 year: '2022' ... --- _id: '12168' abstract: - lang: eng text: "Advances in blockchains have influenced the State-Machine-Replication (SMR) world and many state-of-the-art blockchain-SMR solutions are based on two pillars: Chaining and Leader-rotation. A predetermined round-robin mechanism used for Leader-rotation, however, has an undesirable behavior: crashed parties become designated leaders infinitely often, slowing down overall system performance. In this paper, we provide a new Leader-Aware SMR framework that, among other desirable properties, formalizes a Leader-utilization requirement that bounds the number of rounds whose leaders are faulty in crash-only executions.\r\nWe introduce Carousel, a novel, reputation-based Leader-rotation solution to achieve Leader-Aware SMR. The challenge in adaptive Leader-rotation is that it cannot rely on consensus to determine a leader, since consensus itself needs a leader. Carousel uses the available on-chain information to determine a leader locally and achieves Liveness despite this difficulty. A HotStuff implementation fitted with Carousel demonstrates drastic performance improvements: it increases throughput over 2x in faultless settings and provided a 20x throughput increase and 5x latency reduction in the presence of faults." alternative_title: - LNCS article_processing_charge: No author: - first_name: Shir full_name: Cohen, Shir last_name: Cohen - first_name: Rati full_name: Gelashvili, Rati last_name: Gelashvili - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Zekun full_name: Li, Zekun last_name: Li - first_name: Dahlia full_name: Malkhi, Dahlia last_name: Malkhi - first_name: Alberto full_name: Sonnino, Alberto last_name: Sonnino - first_name: Alexander full_name: Spiegelman, Alexander last_name: Spiegelman citation: ama: 'Cohen S, Gelashvili R, Kokoris Kogias E, et al. Be aware of your leaders. In: International Conference on Financial Cryptography and Data Security. Vol 13411. Springer Nature; 2022:279-295. doi:10.1007/978-3-031-18283-9_13' apa: 'Cohen, S., Gelashvili, R., Kokoris Kogias, E., Li, Z., Malkhi, D., Sonnino, A., & Spiegelman, A. (2022). Be aware of your leaders. In International Conference on Financial Cryptography and Data Security (Vol. 13411, pp. 279–295). Grenada: Springer Nature. https://doi.org/10.1007/978-3-031-18283-9_13' chicago: Cohen, Shir, Rati Gelashvili, Eleftherios Kokoris Kogias, Zekun Li, Dahlia Malkhi, Alberto Sonnino, and Alexander Spiegelman. “Be Aware of Your Leaders.” In International Conference on Financial Cryptography and Data Security, 13411:279–95. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-18283-9_13. ieee: S. Cohen et al., “Be aware of your leaders,” in International Conference on Financial Cryptography and Data Security, Grenada, 2022, vol. 13411, pp. 279–295. ista: 'Cohen S, Gelashvili R, Kokoris Kogias E, Li Z, Malkhi D, Sonnino A, Spiegelman A. 2022. Be aware of your leaders. International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13411, 279–295.' mla: Cohen, Shir, et al. “Be Aware of Your Leaders.” International Conference on Financial Cryptography and Data Security, vol. 13411, Springer Nature, 2022, pp. 279–95, doi:10.1007/978-3-031-18283-9_13. short: S. Cohen, R. Gelashvili, E. Kokoris Kogias, Z. Li, D. Malkhi, A. Sonnino, A. Spiegelman, in:, International Conference on Financial Cryptography and Data Security, Springer Nature, 2022, pp. 279–295. conference: end_date: 2022-05-06 location: Grenada name: 'FC: Financial Cryptography and Data Security' start_date: 2022-05-02 date_created: 2023-01-12T12:10:49Z date_published: 2022-10-22T00:00:00Z date_updated: 2023-09-05T15:11:35Z day: '22' department: - _id: ElKo doi: 10.1007/978-3-031-18283-9_13 external_id: arxiv: - '2110.00960' intvolume: ' 13411' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.2110.00960 month: '10' oa: 1 oa_version: Preprint page: 279-295 publication: International Conference on Financial Cryptography and Data Security publication_identifier: eisbn: - '9783031182839' eissn: - 1611-3349 isbn: - '9783031182822' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Be aware of your leaders type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13411 year: '2022' ... --- _id: '12170' abstract: - lang: eng text: We present PET, a specialized and highly optimized framework for partial exploration on probabilistic systems. Over the last decade, several significant advances in the analysis of Markov decision processes employed partial exploration. In a nutshell, this idea allows to focus computation on specific parts of the system, guided by heuristics, while maintaining correctness. In particular, only relevant parts of the system are constructed on demand, which in turn potentially allows to omit constructing large parts of the system. Depending on the model, this leads to dramatic speed-ups, in extreme cases even up to an arbitrary factor. PET unifies several previous implementations and provides a flexible framework to easily implement partial exploration for many further problems. Our experimental evaluation shows significant improvements compared to the previous implementations while vastly reducing the overhead required to add support for additional properties. acknowledgement: We thank Pranav Ashok and Maximilian Weininger for their contributions to spiritual predecessors of PET as well as motivating the initial development of this tool. alternative_title: - LNCS article_processing_charge: No author: - first_name: Tobias full_name: Meggendorfer, Tobias id: b21b0c15-30a2-11eb-80dc-f13ca25802e1 last_name: Meggendorfer orcid: 0000-0002-1712-2165 citation: ama: 'Meggendorfer T. PET – A partial exploration tool for probabilistic verification. In: 20th International Symposium on Automated Technology for Verification and Analysis. Vol 13505. Springer Nature; 2022:320-326. doi:10.1007/978-3-031-19992-9_20' apa: 'Meggendorfer, T. (2022). PET – A partial exploration tool for probabilistic verification. In 20th International Symposium on Automated Technology for Verification and Analysis (Vol. 13505, pp. 320–326). Virtual: Springer Nature. https://doi.org/10.1007/978-3-031-19992-9_20' chicago: Meggendorfer, Tobias. “PET – A Partial Exploration Tool for Probabilistic Verification.” In 20th International Symposium on Automated Technology for Verification and Analysis, 13505:320–26. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-19992-9_20. ieee: T. Meggendorfer, “PET – A partial exploration tool for probabilistic verification,” in 20th International Symposium on Automated Technology for Verification and Analysis, Virtual, 2022, vol. 13505, pp. 320–326. ista: 'Meggendorfer T. 2022. PET – A partial exploration tool for probabilistic verification. 20th International Symposium on Automated Technology for Verification and Analysis. ATVA: Automated Technology for Verification and Analysis, LNCS, vol. 13505, 320–326.' mla: Meggendorfer, Tobias. “PET – A Partial Exploration Tool for Probabilistic Verification.” 20th International Symposium on Automated Technology for Verification and Analysis, vol. 13505, Springer Nature, 2022, pp. 320–26, doi:10.1007/978-3-031-19992-9_20. short: T. Meggendorfer, in:, 20th International Symposium on Automated Technology for Verification and Analysis, Springer Nature, 2022, pp. 320–326. conference: end_date: 2022-10-28 location: Virtual name: 'ATVA: Automated Technology for Verification and Analysis' start_date: 2022-10-25 date_created: 2023-01-12T12:11:07Z date_published: 2022-10-21T00:00:00Z date_updated: 2023-09-05T15:11:51Z day: '21' department: - _id: KrCh doi: 10.1007/978-3-031-19992-9_20 intvolume: ' 13505' language: - iso: eng month: '10' oa_version: None page: 320-326 publication: 20th International Symposium on Automated Technology for Verification and Analysis publication_identifier: eisbn: - '9783031199929' eissn: - 1611-3349 isbn: - '9783031199912' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: PET – A partial exploration tool for probabilistic verification type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13505 year: '2022' ... --- _id: '12175' abstract: - lang: eng text: An automaton is history-deterministic (HD) if one can safely resolve its non-deterministic choices on the fly. In a recent paper, Henzinger, Lehtinen and Totzke studied this in the context of Timed Automata [9], where it was conjectured that the class of timed ω-languages recognised by HD-timed automata strictly extends that of deterministic ones. We provide a proof for this fact. acknowledgement: This work was supported in part by the ERC-2020-AdG 101020093, the EPSRC project EP/V025848/1, and the EPSRC project EP/X017796/1. alternative_title: - LNCS article_processing_charge: No author: - first_name: Sougata full_name: Bose, Sougata last_name: Bose - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Karoliina full_name: Lehtinen, Karoliina last_name: Lehtinen - first_name: Sven full_name: Schewe, Sven last_name: Schewe - first_name: Patrick full_name: Totzke, Patrick last_name: Totzke citation: ama: 'Bose S, Henzinger TA, Lehtinen K, Schewe S, Totzke P. History-deterministic timed automata are not determinizable. In: 16th International Conference on Reachability Problems. Vol 13608. Springer Nature; 2022:67-76. doi:10.1007/978-3-031-19135-0_5' apa: 'Bose, S., Henzinger, T. A., Lehtinen, K., Schewe, S., & Totzke, P. (2022). History-deterministic timed automata are not determinizable. In 16th International Conference on Reachability Problems (Vol. 13608, pp. 67–76). Kaiserslautern, Germany: Springer Nature. https://doi.org/10.1007/978-3-031-19135-0_5' chicago: Bose, Sougata, Thomas A Henzinger, Karoliina Lehtinen, Sven Schewe, and Patrick Totzke. “History-Deterministic Timed Automata Are Not Determinizable.” In 16th International Conference on Reachability Problems, 13608:67–76. Springer Nature, 2022. https://doi.org/10.1007/978-3-031-19135-0_5. ieee: S. Bose, T. A. Henzinger, K. Lehtinen, S. Schewe, and P. Totzke, “History-deterministic timed automata are not determinizable,” in 16th International Conference on Reachability Problems, Kaiserslautern, Germany, 2022, vol. 13608, pp. 67–76. ista: 'Bose S, Henzinger TA, Lehtinen K, Schewe S, Totzke P. 2022. History-deterministic timed automata are not determinizable. 16th International Conference on Reachability Problems. RC: Reachability Problems, LNCS, vol. 13608, 67–76.' mla: Bose, Sougata, et al. “History-Deterministic Timed Automata Are Not Determinizable.” 16th International Conference on Reachability Problems, vol. 13608, Springer Nature, 2022, pp. 67–76, doi:10.1007/978-3-031-19135-0_5. short: S. Bose, T.A. Henzinger, K. Lehtinen, S. Schewe, P. Totzke, in:, 16th International Conference on Reachability Problems, Springer Nature, 2022, pp. 67–76. conference: end_date: 2022-10-21 location: Kaiserslautern, Germany name: 'RC: Reachability Problems' start_date: 2022-10-17 date_created: 2023-01-12T12:11:57Z date_published: 2022-10-12T00:00:00Z date_updated: 2023-09-05T15:12:08Z day: '12' department: - _id: ToHe doi: 10.1007/978-3-031-19135-0_5 ec_funded: 1 intvolume: ' 13608' language: - iso: eng main_file_link: - open_access: '1' url: https://hal.science/hal-03849398/ month: '10' oa: 1 oa_version: Preprint page: 67-76 project: - _id: 62781420-2b32-11ec-9570-8d9b63373d4d call_identifier: H2020 grant_number: '101020093' name: Vigilant Algorithmic Monitoring of Software publication: 16th International Conference on Reachability Problems publication_identifier: eisbn: - '9783031191350' eissn: - 1611-3349 isbn: - '9783031191343' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: History-deterministic timed automata are not determinizable type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 13608 year: '2022' ... --- _id: '11185' abstract: - lang: eng text: Bundling crossings is a strategy which can enhance the readability of graph drawings. In this paper we consider bundlings for families of pseudosegments, i.e., simple curves such that any two have share at most one point at which they cross. Our main result is that there is a polynomial-time algorithm to compute an 8-approximation of the bundled crossing number of such instances (up to adding a term depending on the facial structure). This 8-approximation also holds for bundlings of good drawings of graphs. In the special case of circular drawings the approximation factor is 8 (no extra term), this improves upon the 10-approximation of Fink et al. [6]. We also show how to compute a 92-approximation when the intersection graph of the pseudosegments is bipartite. acknowledgement: This work was initiated during the Workshop on Geometric Graphs in November 2019 in Strobl, Austria. We would like to thank Oswin Aichholzer, Fabian Klute, Man-Kwun Chiu, Martin Balko, Pavel Valtr for their avid discussions during the workshop. The first author has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Sklodowska Curie grant agreement No 754411. The second author has been supported by the German Research Foundation DFG Project FE 340/12-1. article_processing_charge: No author: - first_name: Alan M full_name: Arroyo Guevara, Alan M id: 3207FDC6-F248-11E8-B48F-1D18A9856A87 last_name: Arroyo Guevara orcid: 0000-0003-2401-8670 - first_name: Stefan full_name: Felsner, Stefan last_name: Felsner citation: ama: 'Arroyo Guevara AM, Felsner S. Approximating the bundled crossing number. In: WALCOM 2022: Algorithms and Computation. Vol 13174. LNCS. Springer Nature; 2022:383-395. doi:10.1007/978-3-030-96731-4_31' apa: 'Arroyo Guevara, A. M., & Felsner, S. (2022). Approximating the bundled crossing number. In WALCOM 2022: Algorithms and Computation (Vol. 13174, pp. 383–395). Jember, Indonesia: Springer Nature. https://doi.org/10.1007/978-3-030-96731-4_31' chicago: 'Arroyo Guevara, Alan M, and Stefan Felsner. “Approximating the Bundled Crossing Number.” In WALCOM 2022: Algorithms and Computation, 13174:383–95. LNCS. Springer Nature, 2022. https://doi.org/10.1007/978-3-030-96731-4_31.' ieee: 'A. M. Arroyo Guevara and S. Felsner, “Approximating the bundled crossing number,” in WALCOM 2022: Algorithms and Computation, Jember, Indonesia, 2022, vol. 13174, pp. 383–395.' ista: 'Arroyo Guevara AM, Felsner S. 2022. Approximating the bundled crossing number. WALCOM 2022: Algorithms and Computation. WALCOM: Algorithms and ComputationLNCS vol. 13174, 383–395.' mla: 'Arroyo Guevara, Alan M., and Stefan Felsner. “Approximating the Bundled Crossing Number.” WALCOM 2022: Algorithms and Computation, vol. 13174, Springer Nature, 2022, pp. 383–95, doi:10.1007/978-3-030-96731-4_31.' short: 'A.M. Arroyo Guevara, S. Felsner, in:, WALCOM 2022: Algorithms and Computation, Springer Nature, 2022, pp. 383–395.' conference: end_date: 2022-03-26 location: Jember, Indonesia name: 'WALCOM: Algorithms and Computation' start_date: 2022-03-24 date_created: 2022-04-17T22:01:47Z date_published: 2022-03-16T00:00:00Z date_updated: 2023-09-25T10:56:10Z day: '16' department: - _id: UlWa doi: 10.1007/978-3-030-96731-4_31 ec_funded: 1 external_id: arxiv: - '2109.14892' intvolume: ' 13174' language: - iso: eng main_file_link: - open_access: '1' url: ' https://doi.org/10.48550/arXiv.2109.14892' month: '03' oa: 1 oa_version: Preprint page: 383-395 project: - _id: 260C2330-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '754411' name: ISTplus - Postdoctoral Fellowships publication: 'WALCOM 2022: Algorithms and Computation' publication_identifier: eissn: - 1611-3349 isbn: - '9783030967307' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '13969' relation: later_version status: public scopus_import: '1' series_title: LNCS status: public title: Approximating the bundled crossing number type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13174 year: '2022' ... --- _id: '12000' abstract: - lang: eng text: "We consider the quantitative problem of obtaining lower-bounds on the probability of termination of a given non-deterministic probabilistic program. Specifically, given a non-termination threshold p∈[0,1], we aim for certificates proving that the program terminates with probability at least 1−p. The basic idea of our approach is to find a terminating stochastic invariant, i.e. a subset SI of program states such that (i) the probability of the program ever leaving SI is no more than p, and (ii) almost-surely, the program either leaves SI or terminates.\r\n\r\nWhile stochastic invariants are already well-known, we provide the first proof that the idea above is not only sound, but also complete for quantitative termination analysis. We then introduce a novel sound and complete characterization of stochastic invariants that enables template-based approaches for easy synthesis of quantitative termination certificates, especially in affine or polynomial forms. Finally, by combining this idea with the existing martingale-based methods that are relatively complete for qualitative termination analysis, we obtain the first automated, sound, and relatively complete algorithm for quantitative termination analysis. Notably, our completeness guarantees for quantitative termination analysis are as strong as the best-known methods for the qualitative variant.\r\n\r\nOur prototype implementation demonstrates the effectiveness of our approach on various probabilistic programs. We also demonstrate that our algorithm certifies lower bounds on termination probability for probabilistic programs that are beyond the reach of previous methods." acknowledgement: This research was partially supported by the ERC CoG 863818 (ForM-SMArt), the HKUST-Kaisa Joint Research Institute Project Grant HKJRI3A-055, the HKUST Startup Grant R9272 and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 665385. alternative_title: - LNCS article_processing_charge: Yes (in subscription journal) author: - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Amir Kafshdar full_name: Goharshady, Amir Kafshdar id: 391365CE-F248-11E8-B48F-1D18A9856A87 last_name: Goharshady orcid: 0000-0003-1702-6584 - first_name: Tobias full_name: Meggendorfer, Tobias id: b21b0c15-30a2-11eb-80dc-f13ca25802e1 last_name: Meggendorfer orcid: 0000-0002-1712-2165 - first_name: Dorde full_name: Zikelic, Dorde id: 294AA7A6-F248-11E8-B48F-1D18A9856A87 last_name: Zikelic orcid: 0000-0002-4681-1699 citation: ama: 'Chatterjee K, Goharshady AK, Meggendorfer T, Zikelic D. Sound and complete certificates for auantitative termination analysis of probabilistic programs. In: Proceedings of the 34th International Conference on Computer Aided Verification. Vol 13371. Springer; 2022:55-78. doi:10.1007/978-3-031-13185-1_4' apa: 'Chatterjee, K., Goharshady, A. K., Meggendorfer, T., & Zikelic, D. (2022). Sound and complete certificates for auantitative termination analysis of probabilistic programs. In Proceedings of the 34th International Conference on Computer Aided Verification (Vol. 13371, pp. 55–78). Haifa, Israel: Springer. https://doi.org/10.1007/978-3-031-13185-1_4' chicago: Chatterjee, Krishnendu, Amir Kafshdar Goharshady, Tobias Meggendorfer, and Dorde Zikelic. “Sound and Complete Certificates for Auantitative Termination Analysis of Probabilistic Programs.” In Proceedings of the 34th International Conference on Computer Aided Verification, 13371:55–78. Springer, 2022. https://doi.org/10.1007/978-3-031-13185-1_4. ieee: K. Chatterjee, A. K. Goharshady, T. Meggendorfer, and D. Zikelic, “Sound and complete certificates for auantitative termination analysis of probabilistic programs,” in Proceedings of the 34th International Conference on Computer Aided Verification, Haifa, Israel, 2022, vol. 13371, pp. 55–78. ista: 'Chatterjee K, Goharshady AK, Meggendorfer T, Zikelic D. 2022. Sound and complete certificates for auantitative termination analysis of probabilistic programs. Proceedings of the 34th International Conference on Computer Aided Verification. CAV: Computer Aided Verification, LNCS, vol. 13371, 55–78.' mla: Chatterjee, Krishnendu, et al. “Sound and Complete Certificates for Auantitative Termination Analysis of Probabilistic Programs.” Proceedings of the 34th International Conference on Computer Aided Verification, vol. 13371, Springer, 2022, pp. 55–78, doi:10.1007/978-3-031-13185-1_4. short: K. Chatterjee, A.K. Goharshady, T. Meggendorfer, D. Zikelic, in:, Proceedings of the 34th International Conference on Computer Aided Verification, Springer, 2022, pp. 55–78. conference: end_date: 2022-08-10 location: Haifa, Israel name: 'CAV: Computer Aided Verification' start_date: 2022-08-07 date_created: 2022-08-28T22:02:02Z date_published: 2022-08-07T00:00:00Z date_updated: 2023-11-30T10:55:37Z day: '07' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-031-13185-1_4 ec_funded: 1 external_id: isi: - '000870304500004' file: - access_level: open_access checksum: 24e0f810ec52735a90ade95198bc641d content_type: application/pdf creator: alisjak date_created: 2022-08-29T09:17:01Z date_updated: 2022-08-29T09:17:01Z file_id: '12003' file_name: 2022_LNCS_Chatterjee.pdf file_size: 505094 relation: main_file success: 1 file_date_updated: 2022-08-29T09:17:01Z has_accepted_license: '1' intvolume: ' 13371' isi: 1 language: - iso: eng month: '08' oa: 1 oa_version: Published Version page: 55-78 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program publication: Proceedings of the 34th International Conference on Computer Aided Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783031131844' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' related_material: record: - id: '14539' relation: dissertation_contains status: public scopus_import: '1' status: public title: Sound and complete certificates for auantitative termination analysis of probabilistic programs tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13371 year: '2022' ... --- _id: '11771' abstract: - lang: eng text: "Classic dynamic data structure problems maintain a data structure subject to a sequence S of updates and they answer queries using the latest version of the data structure, i.e., the data structure after processing the whole sequence. To handle operations that change the sequence S of updates, Demaine et al. [7] introduced retroactive data structures (RDS). A retroactive operation modifies the update sequence S in a given position t, called time, and either creates or cancels an update in S at time t. A fully retroactive data structure supports queries at any time t: a query at time t is answered using only the updates of S up to time t. While efficient RDS have been proposed for classic data structures, e.g., stack, priority queue and binary search tree, the retroactive version of graph problems are rarely studied.\r\n\r\nIn this paper we study retroactive graph problems including connectivity, minimum spanning forest (MSF), maximum degree, etc. We show that under the OMv conjecture (proposed by Henzinger et al. [15]), there does not exist fully RDS maintaining connectivity or MSF, or incremental fully RDS maintaining the maximum degree with \U0001D442(\U0001D45B1−\U0001D716) time per operation, for any constant \U0001D716>0. Furthermore, We provide RDS with almost tight time per operation. We give fully RDS for maintaining the maximum degree, connectivity and MSF in \U0001D442̃ (\U0001D45B) time per operation. We also give an algorithm for the incremental (insertion-only) fully retroactive connectivity with \U0001D442̃ (1) time per operation, showing that the lower bound cannot be extended to this setting.\r\n\r\nWe also study a restricted version of RDS, where the only change to S is the swap of neighboring updates and show that for this problem we can beat the above hardness result. This also implies the first non-trivial dynamic Reeb graph computation algorithm." alternative_title: - LNCS article_processing_charge: No author: - first_name: Monika H full_name: Henzinger, Monika H id: 540c9bbd-f2de-11ec-812d-d04a5be85630 last_name: Henzinger orcid: 0000-0002-5008-6530 - first_name: Xiaowei full_name: Wu, Xiaowei last_name: Wu citation: ama: 'Henzinger MH, Wu X. Upper and lower bounds for fully retroactive graph problems. In: 17th International Symposium on Algorithms and Data Structures. Vol 12808. Springer Nature; 2021:471–484. doi:10.1007/978-3-030-83508-8_34' apa: 'Henzinger, M. H., & Wu, X. (2021). Upper and lower bounds for fully retroactive graph problems. In 17th International Symposium on Algorithms and Data Structures (Vol. 12808, pp. 471–484). Virtual: Springer Nature. https://doi.org/10.1007/978-3-030-83508-8_34' chicago: Henzinger, Monika H, and Xiaowei Wu. “Upper and Lower Bounds for Fully Retroactive Graph Problems.” In 17th International Symposium on Algorithms and Data Structures, 12808:471–484. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-83508-8_34. ieee: M. H. Henzinger and X. Wu, “Upper and lower bounds for fully retroactive graph problems,” in 17th International Symposium on Algorithms and Data Structures, Virtual, 2021, vol. 12808, pp. 471–484. ista: 'Henzinger MH, Wu X. 2021. Upper and lower bounds for fully retroactive graph problems. 17th International Symposium on Algorithms and Data Structures. WADS: Workshop on Algorithms and Data Structures, LNCS, vol. 12808, 471–484.' mla: Henzinger, Monika H., and Xiaowei Wu. “Upper and Lower Bounds for Fully Retroactive Graph Problems.” 17th International Symposium on Algorithms and Data Structures, vol. 12808, Springer Nature, 2021, pp. 471–484, doi:10.1007/978-3-030-83508-8_34. short: M.H. Henzinger, X. Wu, in:, 17th International Symposium on Algorithms and Data Structures, Springer Nature, 2021, pp. 471–484. conference: end_date: 2021-08-11 location: Virtual name: 'WADS: Workshop on Algorithms and Data Structures' start_date: 2021-08-09 date_created: 2022-08-08T13:01:29Z date_published: 2021-08-09T00:00:00Z date_updated: 2023-02-10T08:31:50Z day: '09' doi: 10.1007/978-3-030-83508-8_34 extern: '1' external_id: arxiv: - '1910.03332' intvolume: ' 12808' language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/1910.03332 month: '08' oa: 1 oa_version: Preprint page: 471–484 publication: 17th International Symposium on Algorithms and Data Structures publication_identifier: eisbn: - '9783030835088' eissn: - 1611-3349 isbn: - '9783030835071' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Upper and lower bounds for fully retroactive graph problems type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 12808 year: '2021' ... --- _id: '9210' abstract: - lang: eng text: "Modern neural networks can easily fit their training set perfectly. Surprisingly, despite being “overfit” in this way, they tend to generalize well to future data, thereby defying the classic bias–variance trade-off of machine learning theory. Of the many possible explanations, a prevalent one is that training by stochastic gradient descent (SGD) imposes an implicit bias that leads it to learn simple functions, and these simple functions generalize well. However, the specifics of this implicit bias are not well understood.\r\nIn this work, we explore the smoothness conjecture which states that SGD is implicitly biased towards learning functions that are smooth. We propose several measures to formalize the intuitive notion of smoothness, and we conduct experiments to determine whether SGD indeed implicitly optimizes for these measures. Our findings rule out the possibility that smoothness measures based on first-order derivatives are being implicitly enforced. They are supportive, though, of the smoothness conjecture for measures based on second-order derivatives." article_processing_charge: No author: - first_name: Vaclav full_name: Volhejn, Vaclav id: d5235fb4-7a6d-11eb-b254-f25d12d631a8 last_name: Volhejn - first_name: Christoph full_name: Lampert, Christoph id: 40C20FD2-F248-11E8-B48F-1D18A9856A87 last_name: Lampert orcid: 0000-0001-8622-7887 citation: ama: 'Volhejn V, Lampert C. Does SGD implicitly optimize for smoothness? In: 42nd German Conference on Pattern Recognition. Vol 12544. LNCS. Springer; 2021:246-259. doi:10.1007/978-3-030-71278-5_18' apa: 'Volhejn, V., & Lampert, C. (2021). Does SGD implicitly optimize for smoothness? In 42nd German Conference on Pattern Recognition (Vol. 12544, pp. 246–259). Tübingen, Germany: Springer. https://doi.org/10.1007/978-3-030-71278-5_18' chicago: Volhejn, Vaclav, and Christoph Lampert. “Does SGD Implicitly Optimize for Smoothness?” In 42nd German Conference on Pattern Recognition, 12544:246–59. LNCS. Springer, 2021. https://doi.org/10.1007/978-3-030-71278-5_18. ieee: V. Volhejn and C. Lampert, “Does SGD implicitly optimize for smoothness?,” in 42nd German Conference on Pattern Recognition, Tübingen, Germany, 2021, vol. 12544, pp. 246–259. ista: 'Volhejn V, Lampert C. 2021. Does SGD implicitly optimize for smoothness? 42nd German Conference on Pattern Recognition. DAGM GCPR: German Conference on Pattern Recognition LNCS vol. 12544, 246–259.' mla: Volhejn, Vaclav, and Christoph Lampert. “Does SGD Implicitly Optimize for Smoothness?” 42nd German Conference on Pattern Recognition, vol. 12544, Springer, 2021, pp. 246–59, doi:10.1007/978-3-030-71278-5_18. short: V. Volhejn, C. Lampert, in:, 42nd German Conference on Pattern Recognition, Springer, 2021, pp. 246–259. conference: end_date: 2020-10-01 location: Tübingen, Germany name: 'DAGM GCPR: German Conference on Pattern Recognition ' start_date: 2020-09-28 date_created: 2021-03-01T09:01:16Z date_published: 2021-03-17T00:00:00Z date_updated: 2022-08-12T07:28:47Z day: '17' ddc: - '510' department: - _id: ChLa doi: 10.1007/978-3-030-71278-5_18 file: - access_level: open_access checksum: 3e3628ab1cf658d82524963f808004ea content_type: application/pdf creator: dernst date_created: 2022-08-12T07:27:58Z date_updated: 2022-08-12T07:27:58Z file_id: '11820' file_name: 2020_GCPR_submitted_Volhejn.pdf file_size: 420234 relation: main_file success: 1 file_date_updated: 2022-08-12T07:27:58Z has_accepted_license: '1' intvolume: ' 12544' language: - iso: eng month: '03' oa: 1 oa_version: Submitted Version page: 246-259 publication: 42nd German Conference on Pattern Recognition publication_identifier: eissn: - 1611-3349 isbn: - '9783030712778' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Does SGD implicitly optimize for smoothness? type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 12544 year: '2021' ... --- _id: '9620' abstract: - lang: eng text: "In this note, we introduce a distributed twist on the classic coupon collector problem: a set of m collectors wish to each obtain a set of n coupons; for this, they can each sample coupons uniformly at random, but can also meet in pairwise interactions, during which they can exchange coupons. By doing so, they hope to reduce the number of coupons that must be sampled by each collector in order to obtain a full set. This extension is natural when considering real-world manifestations of the coupon collector phenomenon, and has been remarked upon and studied empirically (Hayes and Hannigan 2006, Ahmad et al. 2014, Delmarcelle 2019).\r\n\r\nWe provide the first theoretical analysis for such a scenario. We find that “coupon collecting with friends” can indeed significantly reduce the number of coupons each collector must sample, and raises interesting connections to the more traditional variants of the problem. While our analysis is in most cases asymptotically tight, there are several open questions raised, regarding finer-grained analysis of both “coupon collecting with friends,” and of a long-studied variant of the original problem in which a collector requires multiple full sets of coupons." acknowledgement: Peter Davies is supported by the European Union’s Horizon2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No. 754411. alternative_title: - LNCS article_processing_charge: No author: - first_name: Dan-Adrian full_name: Alistarh, Dan-Adrian id: 4A899BFC-F248-11E8-B48F-1D18A9856A87 last_name: Alistarh orcid: 0000-0003-3650-940X - first_name: Peter full_name: Davies, Peter id: 11396234-BB50-11E9-B24C-90FCE5697425 last_name: Davies orcid: 0000-0002-5646-9524 citation: ama: 'Alistarh D-A, Davies P. Collecting coupons is faster with friends. In: Structural Information and Communication Complexity. Vol 12810. Springer Nature; 2021:3-12. doi:10.1007/978-3-030-79527-6_1' apa: 'Alistarh, D.-A., & Davies, P. (2021). Collecting coupons is faster with friends. In Structural Information and Communication Complexity (Vol. 12810, pp. 3–12). Wrocław, Poland: Springer Nature. https://doi.org/10.1007/978-3-030-79527-6_1' chicago: Alistarh, Dan-Adrian, and Peter Davies. “Collecting Coupons Is Faster with Friends.” In Structural Information and Communication Complexity, 12810:3–12. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-79527-6_1. ieee: D.-A. Alistarh and P. Davies, “Collecting coupons is faster with friends,” in Structural Information and Communication Complexity, Wrocław, Poland, 2021, vol. 12810, pp. 3–12. ista: 'Alistarh D-A, Davies P. 2021. Collecting coupons is faster with friends. Structural Information and Communication Complexity. SIROCCO: International Colloquium on Structural Information and Communication Complexity, LNCS, vol. 12810, 3–12.' mla: Alistarh, Dan-Adrian, and Peter Davies. “Collecting Coupons Is Faster with Friends.” Structural Information and Communication Complexity, vol. 12810, Springer Nature, 2021, pp. 3–12, doi:10.1007/978-3-030-79527-6_1. short: D.-A. Alistarh, P. Davies, in:, Structural Information and Communication Complexity, Springer Nature, 2021, pp. 3–12. conference: end_date: 2021-07-01 location: Wrocław, Poland name: ' SIROCCO: International Colloquium on Structural Information and Communication Complexity' start_date: 2021-06-28 date_created: 2021-07-01T11:04:43Z date_published: 2021-06-20T00:00:00Z date_updated: 2023-02-23T14:02:46Z day: '20' ddc: - '000' department: - _id: DaAl doi: 10.1007/978-3-030-79527-6_1 ec_funded: 1 file: - access_level: open_access checksum: fe37fb9af3f5016c1084af9d6e7109bd content_type: application/pdf creator: pdavies date_created: 2021-07-01T11:21:40Z date_updated: 2021-07-01T11:21:40Z file_id: '9621' file_name: Population_Coupon_Collector.pdf file_size: 319728 relation: main_file file_date_updated: 2021-07-01T11:21:40Z has_accepted_license: '1' intvolume: ' 12810' language: - iso: eng month: '06' oa: 1 oa_version: Preprint page: 3-12 project: - _id: 260C2330-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '754411' name: ISTplus - Postdoctoral Fellowships publication: Structural Information and Communication Complexity publication_identifier: eisbn: - '9783030795276' eissn: - 1611-3349 isbn: - '9783030795269' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: Collecting coupons is faster with friends type: conference user_id: D865714E-FA4E-11E9-B85B-F5C5E5697425 volume: 12810 year: '2021' ... --- _id: '12767' abstract: - lang: eng text: "Several problems in planning and reactive synthesis can be reduced to the analysis of two-player quantitative graph games. Optimization is one form of analysis. We argue that in many cases it may be better to replace the optimization problem with the satisficing problem, where instead of searching for optimal solutions, the goal is to search for solutions that adhere to a given threshold bound.\r\nThis work defines and investigates the satisficing problem on a two-player graph game with the discounted-sum cost model. We show that while the satisficing problem can be solved using numerical methods just like the optimization problem, this approach does not render compelling benefits over optimization. When the discount factor is, however, an integer, we present another approach to satisficing, which is purely based on automata methods. We show that this approach is algorithmically more performant – both theoretically and empirically – and demonstrates the broader applicability of satisficing over optimization." acknowledgement: We thank anonymous reviewers for valuable inputs. This work is supported in part by NSF grant 2030859 to the CRA for the CIFellows Project, NSF grants IIS-1527668, CCF-1704883, IIS-1830549, the ERC CoG 863818 (ForM-SMArt), and an award from the Maryland Procurement Office. alternative_title: - LNCS article_processing_charge: No author: - first_name: Suguman full_name: Bansal, Suguman last_name: Bansal - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Moshe Y. full_name: Vardi, Moshe Y. last_name: Vardi citation: ama: 'Bansal S, Chatterjee K, Vardi MY. On satisficing in quantitative games. In: 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Vol 12651. Springer Nature; 2021:20-37. doi:10.1007/978-3-030-72016-2' apa: 'Bansal, S., Chatterjee, K., & Vardi, M. Y. (2021). On satisficing in quantitative games. In 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (Vol. 12651, pp. 20–37). Luxembourg City, Luxembourg: Springer Nature. https://doi.org/10.1007/978-3-030-72016-2' chicago: Bansal, Suguman, Krishnendu Chatterjee, and Moshe Y. Vardi. “On Satisficing in Quantitative Games.” In 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, 12651:20–37. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-72016-2. ieee: S. Bansal, K. Chatterjee, and M. Y. Vardi, “On satisficing in quantitative games,” in 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, Luxembourg City, Luxembourg, 2021, vol. 12651, pp. 20–37. ista: 'Bansal S, Chatterjee K, Vardi MY. 2021. On satisficing in quantitative games. 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems. TACAS: Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 12651, 20–37.' mla: Bansal, Suguman, et al. “On Satisficing in Quantitative Games.” 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, vol. 12651, Springer Nature, 2021, pp. 20–37, doi:10.1007/978-3-030-72016-2. short: S. Bansal, K. Chatterjee, M.Y. Vardi, in:, 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, Springer Nature, 2021, pp. 20–37. conference: end_date: 2021-04-01 location: Luxembourg City, Luxembourg name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2021-03-27 date_created: 2023-03-26T22:01:09Z date_published: 2021-03-21T00:00:00Z date_updated: 2023-03-28T11:03:11Z day: '21' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-030-72016-2 ec_funded: 1 external_id: arxiv: - '2101.02594' file: - access_level: open_access checksum: b020b78b23587ce7610b1aafb4e63438 content_type: application/pdf creator: dernst date_created: 2023-03-28T11:00:33Z date_updated: 2023-03-28T11:00:33Z file_id: '12777' file_name: 2021_LNCS_Bansal.pdf file_size: 747418 relation: main_file success: 1 file_date_updated: 2023-03-28T11:00:33Z has_accepted_license: '1' intvolume: ' 12651' language: - iso: eng month: '03' oa: 1 oa_version: Published Version page: 20-37 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' publication: 27th International Conference on Tools and Algorithms for the Construction and Analysis of Systems publication_identifier: eissn: - 1611-3349 isbn: - '9783030720155' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: On satisficing in quantitative games tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 12651 year: '2021' ... --- _id: '10076' abstract: - lang: eng text: We present a novel approach for blockchain asset owners to reclaim their funds in case of accidental private-key loss or transfer to a mistyped address. Our solution can be deployed upon failure or absence of proactively implemented backup mechanisms, such as secret sharing and cold storage. The main advantages against previous proposals is it does not require any prior action from users and works with both single-key and multi-sig accounts. We achieve this by a 3-phase Commit()→Reveal()→Claim()−or−Challenge() smart contract that enables accessing funds of addresses for which the spending key is not available. We provide an analysis of the threat and incentive models and formalize the concept of reactive KEy-Loss Protection (KELP). acknowledgement: The authors would like to thank all anonymous reviewers of FC21 WTSC workshop for comments and suggestions that greatly improved the quality of this paper. alternative_title: - LNCS article_processing_charge: No author: - first_name: Sam full_name: Blackshear, Sam last_name: Blackshear - first_name: Konstantinos full_name: Chalkias, Konstantinos last_name: Chalkias - first_name: Panagiotis full_name: Chatzigiannis, Panagiotis last_name: Chatzigiannis - first_name: Riyaz full_name: Faizullabhoy, Riyaz last_name: Faizullabhoy - first_name: Irakliy full_name: Khaburzaniya, Irakliy last_name: Khaburzaniya - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Joshua full_name: Lind, Joshua last_name: Lind - first_name: David full_name: Wong, David last_name: Wong - first_name: Tim full_name: Zakian, Tim last_name: Zakian citation: ama: 'Blackshear S, Chalkias K, Chatzigiannis P, et al. Reactive key-loss protection in blockchains. In: FC 2021 Workshops. Vol 12676. Springer Nature; 2021:431-450. doi:10.1007/978-3-662-63958-0_34' apa: 'Blackshear, S., Chalkias, K., Chatzigiannis, P., Faizullabhoy, R., Khaburzaniya, I., Kokoris Kogias, E., … Zakian, T. (2021). Reactive key-loss protection in blockchains. In FC 2021 Workshops (Vol. 12676, pp. 431–450). Virtual: Springer Nature. https://doi.org/10.1007/978-3-662-63958-0_34' chicago: Blackshear, Sam, Konstantinos Chalkias, Panagiotis Chatzigiannis, Riyaz Faizullabhoy, Irakliy Khaburzaniya, Eleftherios Kokoris Kogias, Joshua Lind, David Wong, and Tim Zakian. “Reactive Key-Loss Protection in Blockchains.” In FC 2021 Workshops, 12676:431–50. Springer Nature, 2021. https://doi.org/10.1007/978-3-662-63958-0_34. ieee: S. Blackshear et al., “Reactive key-loss protection in blockchains,” in FC 2021 Workshops, Virtual, 2021, vol. 12676, pp. 431–450. ista: 'Blackshear S, Chalkias K, Chatzigiannis P, Faizullabhoy R, Khaburzaniya I, Kokoris Kogias E, Lind J, Wong D, Zakian T. 2021. Reactive key-loss protection in blockchains. FC 2021 Workshops. FC: International Conference on Financial Cryptography and Data Security, LNCS, vol. 12676, 431–450.' mla: Blackshear, Sam, et al. “Reactive Key-Loss Protection in Blockchains.” FC 2021 Workshops, vol. 12676, Springer Nature, 2021, pp. 431–50, doi:10.1007/978-3-662-63958-0_34. short: S. Blackshear, K. Chalkias, P. Chatzigiannis, R. Faizullabhoy, I. Khaburzaniya, E. Kokoris Kogias, J. Lind, D. Wong, T. Zakian, in:, FC 2021 Workshops, Springer Nature, 2021, pp. 431–450. conference: end_date: 2021-03-05 location: Virtual name: 'FC: International Conference on Financial Cryptography and Data Security' start_date: 2021-03-01 date_created: 2021-10-03T22:01:24Z date_published: 2021-09-17T00:00:00Z date_updated: 2023-08-14T07:06:16Z day: '17' department: - _id: ElKo doi: 10.1007/978-3-662-63958-0_34 external_id: isi: - '000713005000034' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://research.fb.com/publications/reactive-key-loss-protection-in-blockchains/ month: '09' oa: 1 oa_version: Preprint page: 431-450 publication: FC 2021 Workshops publication_identifier: eisbn: - 978-3-662-63958-0 eissn: - 1611-3349 isbn: - 978-3-6626-3957-3 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Reactive key-loss protection in blockchains type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: '12676 ' year: '2021' ... --- _id: '10108' abstract: - lang: eng text: We argue that the time is ripe to investigate differential monitoring, in which the specification of a program's behavior is implicitly given by a second program implementing the same informal specification. Similar ideas have been proposed before, and are currently implemented in restricted form for testing and specialized run-time analyses, aspects of which we combine. We discuss the challenges of implementing differential monitoring as a general-purpose, black-box run-time monitoring framework, and present promising results of a preliminary implementation, showing low monitoring overheads for diverse programs. acknowledgement: The authors would like to thank Borzoo Bonakdarpour, Derek Dreyer, Adrian Francalanza, Owolabi Legunsen, Mae Milano, Manuel Rigger, Cesar Sanchez, and the members of the IST Verification Seminar for their helpful comments and insights on various stages of this work, as well as the reviewers of RV’21 for their helpful suggestions on the actual paper. alternative_title: - LNCS article_processing_charge: No author: - first_name: Fabian full_name: Mühlböck, Fabian id: 6395C5F6-89DF-11E9-9C97-6BDFE5697425 last_name: Mühlböck orcid: 0000-0003-1548-0177 - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 citation: ama: 'Mühlböck F, Henzinger TA. Differential monitoring. In: International Conference on Runtime Verification. Vol 12974. Cham: Springer Nature; 2021:231-243. doi:10.1007/978-3-030-88494-9_12' apa: 'Mühlböck, F., & Henzinger, T. A. (2021). Differential monitoring. In International Conference on Runtime Verification (Vol. 12974, pp. 231–243). Cham: Springer Nature. https://doi.org/10.1007/978-3-030-88494-9_12' chicago: 'Mühlböck, Fabian, and Thomas A Henzinger. “Differential Monitoring.” In International Conference on Runtime Verification, 12974:231–43. Cham: Springer Nature, 2021. https://doi.org/10.1007/978-3-030-88494-9_12.' ieee: F. Mühlböck and T. A. Henzinger, “Differential monitoring,” in International Conference on Runtime Verification, Virtual, 2021, vol. 12974, pp. 231–243. ista: 'Mühlböck F, Henzinger TA. 2021. Differential monitoring. International Conference on Runtime Verification. RV: Runtime Verification, LNCS, vol. 12974, 231–243.' mla: Mühlböck, Fabian, and Thomas A. Henzinger. “Differential Monitoring.” International Conference on Runtime Verification, vol. 12974, Springer Nature, 2021, pp. 231–43, doi:10.1007/978-3-030-88494-9_12. short: F. Mühlböck, T.A. Henzinger, in:, International Conference on Runtime Verification, Springer Nature, Cham, 2021, pp. 231–243. conference: end_date: 2021-10-14 location: Virtual name: 'RV: Runtime Verification' start_date: 2021-10-11 date_created: 2021-10-07T23:30:10Z date_published: 2021-10-06T00:00:00Z date_updated: 2023-08-14T07:20:30Z day: '06' ddc: - '005' department: - _id: ToHe doi: 10.1007/978-3-030-88494-9_12 external_id: isi: - '000719383800012' file: - access_level: open_access checksum: 554c7fdb259eda703a8b6328a6dad55a content_type: application/pdf creator: fmuehlbo date_created: 2021-10-07T23:32:18Z date_updated: 2021-10-07T23:32:18Z file_id: '10109' file_name: differentialmonitoring-cameraready-openaccess.pdf file_size: 350632 relation: main_file success: 1 file_date_updated: 2021-10-07T23:32:18Z has_accepted_license: '1' intvolume: ' 12974' isi: 1 keyword: - run-time verification - software engineering - implicit specification language: - iso: eng month: '10' oa: 1 oa_version: Preprint page: 231-243 place: Cham project: - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: International Conference on Runtime Verification publication_identifier: eisbn: - 978-3-030-88494-9 eissn: - 1611-3349 isbn: - 978-3-030-88493-2 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '9946' relation: extended_version status: public scopus_import: '1' status: public title: Differential monitoring type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 12974 year: '2021' ... --- _id: '10325' abstract: - lang: eng text: Since the inception of Bitcoin, a plethora of distributed ledgers differing in design and purpose has been created. While by design, blockchains provide no means to securely communicate with external systems, numerous attempts towards trustless cross-chain communication have been proposed over the years. Today, cross-chain communication (CCC) plays a fundamental role in cryptocurrency exchanges, scalability efforts via sharding, extension of existing systems through sidechains, and bootstrapping of new blockchains. Unfortunately, existing proposals are designed ad-hoc for specific use-cases, making it hard to gain confidence in their correctness and composability. We provide the first systematic exposition of cross-chain communication protocols. We formalize the underlying research problem and show that CCC is impossible without a trusted third party, contrary to common beliefs in the blockchain community. With this result in mind, we develop a framework to design new and evaluate existing CCC protocols, focusing on the inherent trust assumptions thereof, and derive a classification covering the field of cross-chain communication to date. We conclude by discussing open challenges for CCC research and the implications of interoperability on the security and privacy of blockchains. acknowledgement: 'We would like express our gratitude to Georgia Avarikioti, Daniel Perez and Dominik Harz for helpful comments and feedback on earlier versions of this manuscript. We also thank Nicholas Stifter, Aljosha Judmayer, Philipp Schindler, Edgar Weippl, and Alistair Stewart for insightful discussions during the early stages of this research. We also wish to thank the anonymous reviewers for their valuable comments that helped improve the presentation of our results. This research was funded by Bridge 1 858561 SESC; Bridge 1 864738 PR4DLT (all FFG); the Christian Doppler Laboratory for Security and Quality Improvement in the Production System Lifecycle (CDL-SQI); the competence center SBA-K1 funded by COMET; Chaincode Labs through the project SLN: Scalability for the Lightning Network; and by the Austrian Science Fund (FWF) through the Meitner program (project M-2608). Mustafa Al-Bassam is funded by a scholarship from the Alan Turing Institute. Alexei Zamyatin conducted the early stages of this work during his time at SBA Research, and was supported by a Binance Research Fellowship.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Alexei full_name: Zamyatin, Alexei last_name: Zamyatin - first_name: Mustafa full_name: Al-Bassam, Mustafa last_name: Al-Bassam - first_name: Dionysis full_name: Zindros, Dionysis last_name: Zindros - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Pedro full_name: Moreno-Sanchez, Pedro last_name: Moreno-Sanchez - first_name: Aggelos full_name: Kiayias, Aggelos last_name: Kiayias - first_name: William J. full_name: Knottenbelt, William J. last_name: Knottenbelt citation: ama: 'Zamyatin A, Al-Bassam M, Zindros D, et al. SoK: Communication across distributed ledgers. In: 25th International Conference on Financial Cryptography and Data Security. Vol 12675. Springer Nature; 2021:3-36. doi:10.1007/978-3-662-64331-0_1' apa: 'Zamyatin, A., Al-Bassam, M., Zindros, D., Kokoris Kogias, E., Moreno-Sanchez, P., Kiayias, A., & Knottenbelt, W. J. (2021). SoK: Communication across distributed ledgers. In 25th International Conference on Financial Cryptography and Data Security (Vol. 12675, pp. 3–36). Virtual: Springer Nature. https://doi.org/10.1007/978-3-662-64331-0_1' chicago: 'Zamyatin, Alexei, Mustafa Al-Bassam, Dionysis Zindros, Eleftherios Kokoris Kogias, Pedro Moreno-Sanchez, Aggelos Kiayias, and William J. Knottenbelt. “SoK: Communication across Distributed Ledgers.” In 25th International Conference on Financial Cryptography and Data Security, 12675:3–36. Springer Nature, 2021. https://doi.org/10.1007/978-3-662-64331-0_1.' ieee: 'A. Zamyatin et al., “SoK: Communication across distributed ledgers,” in 25th International Conference on Financial Cryptography and Data Security, Virtual, 2021, vol. 12675, pp. 3–36.' ista: 'Zamyatin A, Al-Bassam M, Zindros D, Kokoris Kogias E, Moreno-Sanchez P, Kiayias A, Knottenbelt WJ. 2021. SoK: Communication across distributed ledgers. 25th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 12675, 3–36.' mla: 'Zamyatin, Alexei, et al. “SoK: Communication across Distributed Ledgers.” 25th International Conference on Financial Cryptography and Data Security, vol. 12675, Springer Nature, 2021, pp. 3–36, doi:10.1007/978-3-662-64331-0_1.' short: A. Zamyatin, M. Al-Bassam, D. Zindros, E. Kokoris Kogias, P. Moreno-Sanchez, A. Kiayias, W.J. Knottenbelt, in:, 25th International Conference on Financial Cryptography and Data Security, Springer Nature, 2021, pp. 3–36. conference: end_date: 2021-03-05 location: Virtual name: 'FC: Financial Cryptography' start_date: 2021-03-01 date_created: 2021-11-21T23:01:29Z date_published: 2021-10-23T00:00:00Z date_updated: 2023-08-14T12:59:26Z day: '23' department: - _id: ElKo doi: 10.1007/978-3-662-64331-0_1 external_id: isi: - '000712016200001' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2019/1128 month: '10' oa: 1 oa_version: Preprint page: 3-36 publication: 25th International Conference on Financial Cryptography and Data Security publication_identifier: eisbn: - 978-3-662-64331-0 eissn: - 1611-3349 isbn: - 9-783-6626-4330-3 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'SoK: Communication across distributed ledgers' type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: '12675 ' year: '2021' ... --- _id: '10324' abstract: - lang: eng text: Off-chain protocols (channels) are a promising solution to the scalability and privacy challenges of blockchain payments. Current proposals, however, require synchrony assumptions to preserve the safety of a channel, leaking to an adversary the exact amount of time needed to control the network for a successful attack. In this paper, we introduce Brick, the first payment channel that remains secure under network asynchrony and concurrently provides correct incentives. The core idea is to incorporate the conflict resolution process within the channel by introducing a rational committee of external parties, called wardens. Hence, if a party wants to close a channel unilaterally, it can only get the committee’s approval for the last valid state. Additionally, Brick provides sub-second latency because it does not employ heavy-weight consensus. Instead, Brick uses consistent broadcast to announce updates and close the channel, a light-weight abstraction that is powerful enough to preserve safety and liveness to any rational parties. We formally define and prove for Brick the properties a payment channel construction should fulfill. We also design incentives for Brick such that honest and rational behavior aligns. Finally, we provide a reference implementation of the smart contracts in Solidity. acknowledgement: We would like to thank Kaoutar Elkhiyaoui for her valuable feedback as well as Jakub Sliwinski for his impactful contribution to this work. alternative_title: - LNCS article_processing_charge: No author: - first_name: Zeta full_name: Avarikioti, Zeta last_name: Avarikioti - first_name: Eleftherios full_name: Kokoris Kogias, Eleftherios id: f5983044-d7ef-11ea-ac6d-fd1430a26d30 last_name: Kokoris Kogias - first_name: Roger full_name: Wattenhofer, Roger last_name: Wattenhofer - first_name: Dionysis full_name: Zindros, Dionysis last_name: Zindros citation: ama: 'Avarikioti Z, Kokoris Kogias E, Wattenhofer R, Zindros D. Brick: Asynchronous incentive-compatible payment channels. In: 25th International Conference on Financial Cryptography and Data Security. Vol 12675. Springer Nature; 2021:209-230. doi:10.1007/978-3-662-64331-0_11' apa: 'Avarikioti, Z., Kokoris Kogias, E., Wattenhofer, R., & Zindros, D. (2021). Brick: Asynchronous incentive-compatible payment channels. In 25th International Conference on Financial Cryptography and Data Security (Vol. 12675, pp. 209–230). Virtual: Springer Nature. https://doi.org/10.1007/978-3-662-64331-0_11' chicago: 'Avarikioti, Zeta, Eleftherios Kokoris Kogias, Roger Wattenhofer, and Dionysis Zindros. “Brick: Asynchronous Incentive-Compatible Payment Channels.” In 25th International Conference on Financial Cryptography and Data Security, 12675:209–30. Springer Nature, 2021. https://doi.org/10.1007/978-3-662-64331-0_11.' ieee: 'Z. Avarikioti, E. Kokoris Kogias, R. Wattenhofer, and D. Zindros, “Brick: Asynchronous incentive-compatible payment channels,” in 25th International Conference on Financial Cryptography and Data Security, Virtual, 2021, vol. 12675, pp. 209–230.' ista: 'Avarikioti Z, Kokoris Kogias E, Wattenhofer R, Zindros D. 2021. Brick: Asynchronous incentive-compatible payment channels. 25th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 12675, 209–230.' mla: 'Avarikioti, Zeta, et al. “Brick: Asynchronous Incentive-Compatible Payment Channels.” 25th International Conference on Financial Cryptography and Data Security, vol. 12675, Springer Nature, 2021, pp. 209–30, doi:10.1007/978-3-662-64331-0_11.' short: Z. Avarikioti, E. Kokoris Kogias, R. Wattenhofer, D. Zindros, in:, 25th International Conference on Financial Cryptography and Data Security, Springer Nature, 2021, pp. 209–230. conference: end_date: 2021-03-05 location: Virtual name: 'FC: Financial Cryptography' start_date: 2021-03-01 date_created: 2021-11-21T23:01:29Z date_published: 2021-10-23T00:00:00Z date_updated: 2023-08-14T12:59:58Z day: '23' department: - _id: ElKo doi: 10.1007/978-3-662-64331-0_11 external_id: arxiv: - '1905.11360' isi: - '000712016200011' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/1905.11360 month: '10' oa: 1 oa_version: Preprint page: 209-230 publication: 25th International Conference on Financial Cryptography and Data Security publication_identifier: eisbn: - 978-3-662-64331-0 eissn: - 1611-3349 isbn: - 9-783-6626-4330-3 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Brick: Asynchronous incentive-compatible payment channels' type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: '12675 ' year: '2021' ... --- _id: '10407' abstract: - lang: eng text: Digital hardware Trojans are integrated circuits whose implementation differ from the specification in an arbitrary and malicious way. For example, the circuit can differ from its specified input/output behavior after some fixed number of queries (known as “time bombs”) or on some particular input (known as “cheat codes”). To detect such Trojans, countermeasures using multiparty computation (MPC) or verifiable computation (VC) have been proposed. On a high level, to realize a circuit with specification F one has more sophisticated circuits F⋄ manufactured (where F⋄ specifies a MPC or VC of F ), and then embeds these F⋄ ’s into a master circuit which must be trusted but is relatively simple compared to F . Those solutions impose a significant overhead as F⋄ is much more complex than F , also the master circuits are not exactly trivial. In this work, we show that in restricted settings, where F has no evolving state and is queried on independent inputs, we can achieve a relaxed security notion using very simple constructions. In particular, we do not change the specification of the circuit at all (i.e., F=F⋄ ). Moreover the master circuit basically just queries a subset of its manufactured circuits and checks if they’re all the same. The security we achieve guarantees that, if the manufactured circuits are initially tested on up to T inputs, the master circuit will catch Trojans that try to deviate on significantly more than a 1/T fraction of the inputs. This bound is optimal for the type of construction considered, and we provably achieve it using a construction where 12 instantiations of F need to be embedded into the master. We also discuss an extremely simple construction with just 2 instantiations for which we conjecture that it already achieves the optimal bound. alternative_title: - LNCS article_processing_charge: No author: - first_name: Suvradip full_name: Chakraborty, Suvradip id: B9CD0494-D033-11E9-B219-A439E6697425 last_name: Chakraborty - first_name: Stefan full_name: Dziembowski, Stefan last_name: Dziembowski - first_name: Małgorzata full_name: Gałązka, Małgorzata last_name: Gałązka - first_name: Tomasz full_name: Lizurej, Tomasz last_name: Lizurej - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Michelle X full_name: Yeo, Michelle X id: 2D82B818-F248-11E8-B48F-1D18A9856A87 last_name: Yeo citation: ama: 'Chakraborty S, Dziembowski S, Gałązka M, Lizurej T, Pietrzak KZ, Yeo MX. Trojan-resilience without cryptography. In: Vol 13043. Springer Nature; 2021:397-428. doi:10.1007/978-3-030-90453-1_14' apa: 'Chakraborty, S., Dziembowski, S., Gałązka, M., Lizurej, T., Pietrzak, K. Z., & Yeo, M. X. (2021). Trojan-resilience without cryptography (Vol. 13043, pp. 397–428). Presented at the TCC: Theory of Cryptography Conference, Raleigh, NC, United States: Springer Nature. https://doi.org/10.1007/978-3-030-90453-1_14' chicago: Chakraborty, Suvradip, Stefan Dziembowski, Małgorzata Gałązka, Tomasz Lizurej, Krzysztof Z Pietrzak, and Michelle X Yeo. “Trojan-Resilience without Cryptography,” 13043:397–428. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-90453-1_14. ieee: 'S. Chakraborty, S. Dziembowski, M. Gałązka, T. Lizurej, K. Z. Pietrzak, and M. X. Yeo, “Trojan-resilience without cryptography,” presented at the TCC: Theory of Cryptography Conference, Raleigh, NC, United States, 2021, vol. 13043, pp. 397–428.' ista: 'Chakraborty S, Dziembowski S, Gałązka M, Lizurej T, Pietrzak KZ, Yeo MX. 2021. Trojan-resilience without cryptography. TCC: Theory of Cryptography Conference, LNCS, vol. 13043, 397–428.' mla: Chakraborty, Suvradip, et al. Trojan-Resilience without Cryptography. Vol. 13043, Springer Nature, 2021, pp. 397–428, doi:10.1007/978-3-030-90453-1_14. short: S. Chakraborty, S. Dziembowski, M. Gałązka, T. Lizurej, K.Z. Pietrzak, M.X. Yeo, in:, Springer Nature, 2021, pp. 397–428. conference: end_date: 2021-11-11 location: Raleigh, NC, United States name: 'TCC: Theory of Cryptography Conference' start_date: 2021-11-08 date_created: 2021-12-05T23:01:42Z date_published: 2021-11-04T00:00:00Z date_updated: 2023-08-14T13:07:46Z day: '04' department: - _id: KrPi doi: 10.1007/978-3-030-90453-1_14 ec_funded: 1 external_id: isi: - '000728364000014' intvolume: ' 13043' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2021/1224 month: '11' oa: 1 oa_version: Preprint page: 397-428 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication_identifier: eissn: - 1611-3349 isbn: - 9-783-0309-0452-4 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Trojan-resilience without cryptography type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13043 year: '2021' ... --- _id: '10408' abstract: - lang: eng text: 'Key trees are often the best solution in terms of transmission cost and storage requirements for managing keys in a setting where a group needs to share a secret key, while being able to efficiently rotate the key material of users (in order to recover from a potential compromise, or to add or remove users). Applications include multicast encryption protocols like LKH (Logical Key Hierarchies) or group messaging like the current IETF proposal TreeKEM. A key tree is a (typically balanced) binary tree, where each node is identified with a key: leaf nodes hold users’ secret keys while the root is the shared group key. For a group of size N, each user just holds log(N) keys (the keys on the path from its leaf to the root) and its entire key material can be rotated by broadcasting 2log(N) ciphertexts (encrypting each fresh key on the path under the keys of its parents). In this work we consider the natural setting where we have many groups with partially overlapping sets of users, and ask if we can find solutions where the cost of rotating a key is better than in the trivial one where we have a separate key tree for each group. We show that in an asymptotic setting (where the number m of groups is fixed while the number N of users grows) there exist more general key graphs whose cost converges to the cost of a single group, thus saving a factor linear in the number of groups over the trivial solution. As our asymptotic “solution” converges very slowly and performs poorly on concrete examples, we propose an algorithm that uses a natural heuristic to compute a key graph for any given group structure. Our algorithm combines two greedy algorithms, and is thus very efficient: it first converts the group structure into a “lattice graph”, which is then turned into a key graph by repeatedly applying the algorithm for constructing a Huffman code. To better understand how far our proposal is from an optimal solution, we prove lower bounds on the update cost of continuous group-key agreement and multicast encryption in a symbolic model admitting (asymmetric) encryption, pseudorandom generators, and secret sharing as building blocks.' acknowledgement: B. Auerbach, M.A. Baig and K. Pietrzak—received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT); Karen Klein was supported in part by ERC CoG grant 724307 and conducted part of this work at IST Austria, funded by the ERC under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT); Guillermo Pascual-Perez was funded by the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 665385; Michael Walter conducted part of this work at IST Austria, funded by the ERC under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT). alternative_title: - LNCS article_processing_charge: No author: - first_name: Joel F full_name: Alwen, Joel F id: 2A8DFA8C-F248-11E8-B48F-1D18A9856A87 last_name: Alwen - first_name: Benedikt full_name: Auerbach, Benedikt id: D33D2B18-E445-11E9-ABB7-15F4E5697425 last_name: Auerbach orcid: 0000-0002-7553-6606 - first_name: Mirza Ahad full_name: Baig, Mirza Ahad id: 3EDE6DE4-AA5A-11E9-986D-341CE6697425 last_name: Baig - first_name: Miguel full_name: Cueto Noval, Miguel id: ffc563a3-f6e0-11ea-865d-e3cce03d17cc last_name: Cueto Noval - first_name: Karen full_name: Klein, Karen id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87 last_name: Klein - first_name: Guillermo full_name: Pascual Perez, Guillermo id: 2D7ABD02-F248-11E8-B48F-1D18A9856A87 last_name: Pascual Perez orcid: 0000-0001-8630-415X - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Michael full_name: Walter, Michael id: 488F98B0-F248-11E8-B48F-1D18A9856A87 last_name: Walter orcid: 0000-0003-3186-2482 citation: ama: 'Alwen JF, Auerbach B, Baig MA, et al. Grafting key trees: Efficient key management for overlapping groups. In: 19th International Conference. Vol 13044. Springer Nature; 2021:222-253. doi:10.1007/978-3-030-90456-2_8' apa: 'Alwen, J. F., Auerbach, B., Baig, M. A., Cueto Noval, M., Klein, K., Pascual Perez, G., … Walter, M. (2021). Grafting key trees: Efficient key management for overlapping groups. In 19th International Conference (Vol. 13044, pp. 222–253). Raleigh, NC, United States: Springer Nature. https://doi.org/10.1007/978-3-030-90456-2_8' chicago: 'Alwen, Joel F, Benedikt Auerbach, Mirza Ahad Baig, Miguel Cueto Noval, Karen Klein, Guillermo Pascual Perez, Krzysztof Z Pietrzak, and Michael Walter. “Grafting Key Trees: Efficient Key Management for Overlapping Groups.” In 19th International Conference, 13044:222–53. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-90456-2_8.' ieee: 'J. F. Alwen et al., “Grafting key trees: Efficient key management for overlapping groups,” in 19th International Conference, Raleigh, NC, United States, 2021, vol. 13044, pp. 222–253.' ista: 'Alwen JF, Auerbach B, Baig MA, Cueto Noval M, Klein K, Pascual Perez G, Pietrzak KZ, Walter M. 2021. Grafting key trees: Efficient key management for overlapping groups. 19th International Conference. TCC: Theory of Cryptography, LNCS, vol. 13044, 222–253.' mla: 'Alwen, Joel F., et al. “Grafting Key Trees: Efficient Key Management for Overlapping Groups.” 19th International Conference, vol. 13044, Springer Nature, 2021, pp. 222–53, doi:10.1007/978-3-030-90456-2_8.' short: J.F. Alwen, B. Auerbach, M.A. Baig, M. Cueto Noval, K. Klein, G. Pascual Perez, K.Z. Pietrzak, M. Walter, in:, 19th International Conference, Springer Nature, 2021, pp. 222–253. conference: end_date: 2021-11-11 location: Raleigh, NC, United States name: 'TCC: Theory of Cryptography' start_date: 2021-11-08 date_created: 2021-12-05T23:01:42Z date_published: 2021-11-04T00:00:00Z date_updated: 2023-08-14T13:19:39Z day: '04' department: - _id: KrPi doi: 10.1007/978-3-030-90456-2_8 ec_funded: 1 external_id: isi: - '000728363700008' intvolume: ' 13044' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2021/1158 month: '11' oa: 1 oa_version: Preprint page: 222-253 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program publication: 19th International Conference publication_identifier: eisbn: - 978-3-030-90456-2 eissn: - 1611-3349 isbn: - 9-783-0309-0455-5 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'Grafting key trees: Efficient key management for overlapping groups' type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13044 year: '2021' ... --- _id: '10409' abstract: - lang: eng text: We show that Yao’s garbling scheme is adaptively indistinguishable for the class of Boolean circuits of size S and treewidth w with only a SO(w) loss in security. For instance, circuits with constant treewidth are as a result adaptively indistinguishable with only a polynomial loss. This (partially) complements a negative result of Applebaum et al. (Crypto 2013), which showed (assuming one-way functions) that Yao’s garbling scheme cannot be adaptively simulatable. As main technical contributions, we introduce a new pebble game that abstracts out our security reduction and then present a pebbling strategy for this game where the number of pebbles used is roughly O(δwlog(S)) , δ being the fan-out of the circuit. The design of the strategy relies on separators, a graph-theoretic notion with connections to circuit complexity. with only a SO(w) loss in security. For instance, circuits with constant treewidth are as a result adaptively indistinguishable with only a polynomial loss. This (partially) complements a negative result of Applebaum et al. (Crypto 2013), which showed (assuming one-way functions) that Yao’s garbling scheme cannot be adaptively simulatable. As main technical contributions, we introduce a new pebble game that abstracts out our security reduction and then present a pebbling strategy for this game where the number of pebbles used is roughly O(δwlog(S)) , δ being the fan-out of the circuit. The design of the strategy relies on separators, a graph-theoretic notion with connections to circuit complexity. acknowledgement: We are grateful to Daniel Wichs for helpful discussions on the landscape of adaptive security of Yao’s garbling. We would also like to thank Crypto 2021 and TCC 2021 reviewers for their detailed review and suggestions, which helped improve presentation considerably. alternative_title: - LNCS article_processing_charge: No author: - first_name: Chethan full_name: Kamath Hosdurg, Chethan id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87 last_name: Kamath Hosdurg - first_name: Karen full_name: Klein, Karen id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87 last_name: Klein - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 citation: ama: 'Kamath Hosdurg C, Klein K, Pietrzak KZ. On treewidth, separators and Yao’s garbling. In: 19th International Conference. Vol 13043. Springer Nature; 2021:486-517. doi:10.1007/978-3-030-90453-1_17' apa: 'Kamath Hosdurg, C., Klein, K., & Pietrzak, K. Z. (2021). On treewidth, separators and Yao’s garbling. In 19th International Conference (Vol. 13043, pp. 486–517). Raleigh, NC, United States: Springer Nature. https://doi.org/10.1007/978-3-030-90453-1_17' chicago: Kamath Hosdurg, Chethan, Karen Klein, and Krzysztof Z Pietrzak. “On Treewidth, Separators and Yao’s Garbling.” In 19th International Conference, 13043:486–517. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-90453-1_17. ieee: C. Kamath Hosdurg, K. Klein, and K. Z. Pietrzak, “On treewidth, separators and Yao’s garbling,” in 19th International Conference, Raleigh, NC, United States, 2021, vol. 13043, pp. 486–517. ista: 'Kamath Hosdurg C, Klein K, Pietrzak KZ. 2021. On treewidth, separators and Yao’s garbling. 19th International Conference. TCC: Theory of Cryptography, LNCS, vol. 13043, 486–517.' mla: Kamath Hosdurg, Chethan, et al. “On Treewidth, Separators and Yao’s Garbling.” 19th International Conference, vol. 13043, Springer Nature, 2021, pp. 486–517, doi:10.1007/978-3-030-90453-1_17. short: C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, in:, 19th International Conference, Springer Nature, 2021, pp. 486–517. conference: end_date: 2021-11-11 location: Raleigh, NC, United States name: 'TCC: Theory of Cryptography' start_date: 2021-11-08 date_created: 2021-12-05T23:01:43Z date_published: 2021-11-04T00:00:00Z date_updated: 2023-08-17T06:21:38Z day: '04' department: - _id: KrPi doi: 10.1007/978-3-030-90453-1_17 ec_funded: 1 external_id: isi: - '000728364000017' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2021/926 month: '11' oa: 1 oa_version: Preprint page: 486-517 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: 19th International Conference publication_identifier: eissn: - 1611-3349 isbn: - 9-783-0309-0452-4 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '10044' relation: earlier_version status: public scopus_import: '1' status: public title: On treewidth, separators and Yao’s garbling type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: '13043 ' year: '2021' ... --- _id: '10609' abstract: - lang: eng text: "We study Multi-party computation (MPC) in the setting of subversion, where the adversary tampers with the machines of honest parties. Our goal is to construct actively secure MPC protocols where parties are corrupted adaptively by an adversary (as in the standard adaptive security setting), and in addition, honest parties’ machines are compromised.\r\nThe idea of reverse firewalls (RF) was introduced at EUROCRYPT’15 by Mironov and Stephens-Davidowitz as an approach to protecting protocols against corruption of honest parties’ devices. Intuitively, an RF for a party P is an external entity that sits between P and the outside world and whose scope is to sanitize P ’s incoming and outgoing messages in the face of subversion of their computer. Mironov and Stephens-Davidowitz constructed a protocol for passively-secure two-party computation. At CRYPTO’20, Chakraborty, Dziembowski and Nielsen constructed a protocol for secure computation with firewalls that improved on this result, both by extending it to multi-party computation protocol, and considering active security in the presence of static corruptions. In this paper, we initiate the study of RF for MPC in the adaptive setting. We put forward a definition for adaptively secure MPC in the reverse firewall setting, explore relationships among the security notions, and then construct reverse firewalls for MPC in this stronger setting of adaptive security. We also resolve the open question of Chakraborty, Dziembowski and Nielsen by removing the need for a trusted setup in constructing RF for MPC. Towards this end, we construct reverse firewalls for adaptively secure augmented coin tossing and adaptively secure zero-knowledge protocols and obtain a constant round adaptively secure MPC protocol in the reverse firewall setting without setup. Along the way, we propose a new multi-party adaptively secure coin tossing protocol in the plain model, that is of independent interest." alternative_title: - LNCS article_processing_charge: No author: - first_name: Suvradip full_name: Chakraborty, Suvradip id: B9CD0494-D033-11E9-B219-A439E6697425 last_name: Chakraborty - first_name: Chaya full_name: Ganesh, Chaya last_name: Ganesh - first_name: Mahak full_name: Pancholi, Mahak last_name: Pancholi - first_name: Pratik full_name: Sarkar, Pratik last_name: Sarkar citation: ama: 'Chakraborty S, Ganesh C, Pancholi M, Sarkar P. Reverse firewalls for adaptively secure MPC without setup. In: 27th International Conference on the Theory and Application of Cryptology and Information Security. Vol 13091. Springer Nature; 2021:335-364. doi:10.1007/978-3-030-92075-3_12' apa: 'Chakraborty, S., Ganesh, C., Pancholi, M., & Sarkar, P. (2021). Reverse firewalls for adaptively secure MPC without setup. In 27th International Conference on the Theory and Application of Cryptology and Information Security (Vol. 13091, pp. 335–364). Virtual, Singapore: Springer Nature. https://doi.org/10.1007/978-3-030-92075-3_12' chicago: Chakraborty, Suvradip, Chaya Ganesh, Mahak Pancholi, and Pratik Sarkar. “Reverse Firewalls for Adaptively Secure MPC without Setup.” In 27th International Conference on the Theory and Application of Cryptology and Information Security, 13091:335–64. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-92075-3_12. ieee: S. Chakraborty, C. Ganesh, M. Pancholi, and P. Sarkar, “Reverse firewalls for adaptively secure MPC without setup,” in 27th International Conference on the Theory and Application of Cryptology and Information Security, Virtual, Singapore, 2021, vol. 13091, pp. 335–364. ista: 'Chakraborty S, Ganesh C, Pancholi M, Sarkar P. 2021. Reverse firewalls for adaptively secure MPC without setup. 27th International Conference on the Theory and Application of Cryptology and Information Security. ASIACRYPT: International Conference on Cryptology in Asia, LNCS, vol. 13091, 335–364.' mla: Chakraborty, Suvradip, et al. “Reverse Firewalls for Adaptively Secure MPC without Setup.” 27th International Conference on the Theory and Application of Cryptology and Information Security, vol. 13091, Springer Nature, 2021, pp. 335–64, doi:10.1007/978-3-030-92075-3_12. short: S. Chakraborty, C. Ganesh, M. Pancholi, P. Sarkar, in:, 27th International Conference on the Theory and Application of Cryptology and Information Security, Springer Nature, 2021, pp. 335–364. conference: end_date: 2021-12-10 location: Virtual, Singapore name: 'ASIACRYPT: International Conference on Cryptology in Asia' start_date: 2021-12-06 date_created: 2022-01-09T23:01:27Z date_published: 2021-12-01T00:00:00Z date_updated: 2023-08-17T06:34:41Z day: '01' department: - _id: KrPi doi: 10.1007/978-3-030-92075-3_12 ec_funded: 1 external_id: isi: - '000927876200012' intvolume: ' 13091' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2021/1262 month: '12' oa: 1 oa_version: Preprint page: 335-364 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: 27th International Conference on the Theory and Application of Cryptology and Information Security publication_identifier: eisbn: - 978-3-030-92075-3 eissn: - 1611-3349 isbn: - 978-3-030-92074-6 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Reverse firewalls for adaptively secure MPC without setup type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13091 year: '2021' ... --- _id: '9987' abstract: - lang: eng text: 'Stateless model checking (SMC) is one of the standard approaches to the verification of concurrent programs. As scheduling non-determinism creates exponentially large spaces of thread interleavings, SMC attempts to partition this space into equivalence classes and explore only a few representatives from each class. The efficiency of this approach depends on two factors: (a) the coarseness of the partitioning, and (b) the time to generate representatives in each class. For this reason, the search for coarse partitionings that are efficiently explorable is an active research challenge. In this work we present RVF-SMC , a new SMC algorithm that uses a novel reads-value-from (RVF) partitioning. Intuitively, two interleavings are deemed equivalent if they agree on the value obtained in each read event, and read events induce consistent causal orderings between them. The RVF partitioning is provably coarser than recent approaches based on Mazurkiewicz and “reads-from” partitionings. Our experimental evaluation reveals that RVF is quite often a very effective equivalence, as the underlying partitioning is exponentially coarser than other approaches. Moreover, RVF-SMC generates representatives very efficiently, as the reduction in the partitioning is often met with significant speed-ups in the model checking task.' acknowledgement: The research was partially funded by the ERC CoG 863818 (ForM-SMArt) and the Vienna Science and Technology Fund (WWTF) through project ICT15-003. alternative_title: - LNCS article_processing_charge: Yes author: - first_name: Pratyush full_name: Agarwal, Pratyush last_name: Agarwal - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Shreya full_name: Pathak, Shreya last_name: Pathak - first_name: Andreas full_name: Pavlogiannis, Andreas id: 49704004-F248-11E8-B48F-1D18A9856A87 last_name: Pavlogiannis orcid: 0000-0002-8943-0722 - first_name: Viktor full_name: Toman, Viktor id: 3AF3DA7C-F248-11E8-B48F-1D18A9856A87 last_name: Toman orcid: 0000-0001-9036-063X citation: ama: 'Agarwal P, Chatterjee K, Pathak S, Pavlogiannis A, Toman V. Stateless model checking under a reads-value-from equivalence. In: 33rd International Conference on Computer-Aided Verification . Vol 12759. Springer Nature; 2021:341-366. doi:10.1007/978-3-030-81685-8_16' apa: 'Agarwal, P., Chatterjee, K., Pathak, S., Pavlogiannis, A., & Toman, V. (2021). Stateless model checking under a reads-value-from equivalence. In 33rd International Conference on Computer-Aided Verification (Vol. 12759, pp. 341–366). Virtual: Springer Nature. https://doi.org/10.1007/978-3-030-81685-8_16' chicago: Agarwal, Pratyush, Krishnendu Chatterjee, Shreya Pathak, Andreas Pavlogiannis, and Viktor Toman. “Stateless Model Checking under a Reads-Value-from Equivalence.” In 33rd International Conference on Computer-Aided Verification , 12759:341–66. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-81685-8_16. ieee: P. Agarwal, K. Chatterjee, S. Pathak, A. Pavlogiannis, and V. Toman, “Stateless model checking under a reads-value-from equivalence,” in 33rd International Conference on Computer-Aided Verification , Virtual, 2021, vol. 12759, pp. 341–366. ista: 'Agarwal P, Chatterjee K, Pathak S, Pavlogiannis A, Toman V. 2021. Stateless model checking under a reads-value-from equivalence. 33rd International Conference on Computer-Aided Verification . CAV: Computer Aided Verification , LNCS, vol. 12759, 341–366.' mla: Agarwal, Pratyush, et al. “Stateless Model Checking under a Reads-Value-from Equivalence.” 33rd International Conference on Computer-Aided Verification , vol. 12759, Springer Nature, 2021, pp. 341–66, doi:10.1007/978-3-030-81685-8_16. short: P. Agarwal, K. Chatterjee, S. Pathak, A. Pavlogiannis, V. Toman, in:, 33rd International Conference on Computer-Aided Verification , Springer Nature, 2021, pp. 341–366. conference: end_date: 2021-07-23 location: Virtual name: 'CAV: Computer Aided Verification ' start_date: 2021-07-20 date_created: 2021-09-05T22:01:24Z date_published: 2021-07-15T00:00:00Z date_updated: 2023-09-07T13:30:27Z day: '15' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-030-81685-8_16 ec_funded: 1 external_id: arxiv: - '2105.06424' isi: - '000698732400016' file: - access_level: open_access checksum: 4b346e5fbaa8b9bdf107819c7b2aadee content_type: application/pdf creator: dernst date_created: 2022-05-13T07:00:20Z date_updated: 2022-05-13T07:00:20Z file_id: '11368' file_name: 2021_LNCS_Agarwal.pdf file_size: 1516756 relation: main_file success: 1 file_date_updated: 2022-05-13T07:00:20Z has_accepted_license: '1' isi: 1 language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 341-366 project: - _id: 25892FC0-B435-11E9-9278-68D0E5697425 grant_number: ICT15-003 name: Efficient Algorithms for Computer Aided Verification - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' publication: '33rd International Conference on Computer-Aided Verification ' publication_identifier: eisbn: - 978-3-030-81685-8 eissn: - 1611-3349 isbn: - 978-3-030-81684-1 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '10199' relation: dissertation_contains status: public scopus_import: '1' status: public title: Stateless model checking under a reads-value-from equivalence tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: '12759 ' year: '2021' ... --- _id: '10041' abstract: - lang: eng text: Yao’s garbling scheme is one of the most fundamental cryptographic constructions. Lindell and Pinkas (Journal of Cryptograhy 2009) gave a formal proof of security in the selective setting where the adversary chooses the challenge inputs before seeing the garbled circuit assuming secure symmetric-key encryption (and hence one-way functions). This was followed by results, both positive and negative, concerning its security in the, stronger, adaptive setting. Applebaum et al. (Crypto 2013) showed that it cannot satisfy adaptive security as is, due to a simple incompressibility argument. Jafargholi and Wichs (TCC 2017) considered a natural adaptation of Yao’s scheme (where the output mapping is sent in the online phase, together with the garbled input) that circumvents this negative result, and proved that it is adaptively secure, at least for shallow circuits. In particular, they showed that for the class of circuits of depth δ , the loss in security is at most exponential in δ . The above results all concern the simulation-based notion of security. In this work, we show that the upper bound of Jafargholi and Wichs is basically optimal in a strong sense. As our main result, we show that there exists a family of Boolean circuits, one for each depth δ∈N , such that any black-box reduction proving the adaptive indistinguishability of the natural adaptation of Yao’s scheme from any symmetric-key encryption has to lose a factor that is exponential in δ√ . Since indistinguishability is a weaker notion than simulation, our bound also applies to adaptive simulation. To establish our results, we build on the recent approach of Kamath et al. (Eprint 2021), which uses pebbling lower bounds in conjunction with oracle separations to prove fine-grained lower bounds on loss in cryptographic security. acknowledgement: We would like to thank the anonymous reviewers of Crypto’21 whose detailed comments helped us considerably improve the presentation of the paper. alternative_title: - LCNS article_processing_charge: No author: - first_name: Chethan full_name: Kamath Hosdurg, Chethan id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87 last_name: Kamath Hosdurg - first_name: Karen full_name: Klein, Karen id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87 last_name: Klein - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Daniel full_name: Wichs, Daniel last_name: Wichs citation: ama: 'Kamath Hosdurg C, Klein K, Pietrzak KZ, Wichs D. Limits on the Adaptive Security of Yao’s Garbling. In: 41st Annual International Cryptology Conference, Part II . Vol 12826. Cham: Springer Nature; 2021:486-515. doi:10.1007/978-3-030-84245-1_17' apa: 'Kamath Hosdurg, C., Klein, K., Pietrzak, K. Z., & Wichs, D. (2021). Limits on the Adaptive Security of Yao’s Garbling. In 41st Annual International Cryptology Conference, Part II (Vol. 12826, pp. 486–515). Cham: Springer Nature. https://doi.org/10.1007/978-3-030-84245-1_17' chicago: 'Kamath Hosdurg, Chethan, Karen Klein, Krzysztof Z Pietrzak, and Daniel Wichs. “Limits on the Adaptive Security of Yao’s Garbling.” In 41st Annual International Cryptology Conference, Part II , 12826:486–515. Cham: Springer Nature, 2021. https://doi.org/10.1007/978-3-030-84245-1_17.' ieee: C. Kamath Hosdurg, K. Klein, K. Z. Pietrzak, and D. Wichs, “Limits on the Adaptive Security of Yao’s Garbling,” in 41st Annual International Cryptology Conference, Part II , Virtual, 2021, vol. 12826, pp. 486–515. ista: 'Kamath Hosdurg C, Klein K, Pietrzak KZ, Wichs D. 2021. Limits on the Adaptive Security of Yao’s Garbling. 41st Annual International Cryptology Conference, Part II . CRYPTO: Annual International Cryptology Conference, LCNS, vol. 12826, 486–515.' mla: Kamath Hosdurg, Chethan, et al. “Limits on the Adaptive Security of Yao’s Garbling.” 41st Annual International Cryptology Conference, Part II , vol. 12826, Springer Nature, 2021, pp. 486–515, doi:10.1007/978-3-030-84245-1_17. short: C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, D. Wichs, in:, 41st Annual International Cryptology Conference, Part II , Springer Nature, Cham, 2021, pp. 486–515. conference: end_date: 2021-08-20 location: Virtual name: 'CRYPTO: Annual International Cryptology Conference' start_date: 2021-08-16 date_created: 2021-09-23T14:06:15Z date_published: 2021-08-11T00:00:00Z date_updated: 2023-09-07T13:32:11Z day: '11' department: - _id: KrPi doi: 10.1007/978-3-030-84245-1_17 ec_funded: 1 intvolume: ' 12826' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2021/945 month: '08' oa: 1 oa_version: Preprint page: 486-515 place: Cham project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: '41st Annual International Cryptology Conference, Part II ' publication_identifier: eisbn: - 978-3-030-84245-1 eissn: - 1611-3349 isbn: - 978-3-030-84244-4 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '10035' relation: dissertation_contains status: public status: public title: Limits on the Adaptive Security of Yao’s Garbling type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12826 year: '2021' ... --- _id: '9227' abstract: - lang: eng text: In the multiway cut problem we are given a weighted undirected graph G=(V,E) and a set T⊆V of k terminals. The goal is to find a minimum weight set of edges E′⊆E with the property that by removing E′ from G all the terminals become disconnected. In this paper we present a simple local search approximation algorithm for the multiway cut problem with approximation ratio 2−2k . We present an experimental evaluation of the performance of our local search algorithm and show that it greatly outperforms the isolation heuristic of Dalhaus et al. and it has similar performance as the much more complex algorithms of Calinescu et al., Sharma and Vondrak, and Buchbinder et al. which have the currently best known approximation ratios for this problem. alternative_title: - LNCS article_processing_charge: No author: - first_name: Andrew full_name: Bloch-Hansen, Andrew last_name: Bloch-Hansen - first_name: Nasim full_name: Samei, Nasim id: C1531CAE-36E9-11EA-845F-33AA3DDC885E last_name: Samei - first_name: Roberto full_name: Solis-Oba, Roberto last_name: Solis-Oba citation: ama: 'Bloch-Hansen A, Samei N, Solis-Oba R. Experimental evaluation of a local search approximation algorithm for the multiway cut problem. In: Conference on Algorithms and Discrete Applied Mathematics. Vol 12601. Springer Nature; 2021:346-358. doi:10.1007/978-3-030-67899-9_28' apa: 'Bloch-Hansen, A., Samei, N., & Solis-Oba, R. (2021). Experimental evaluation of a local search approximation algorithm for the multiway cut problem. In Conference on Algorithms and Discrete Applied Mathematics (Vol. 12601, pp. 346–358). Rupnagar, India: Springer Nature. https://doi.org/10.1007/978-3-030-67899-9_28' chicago: Bloch-Hansen, Andrew, Nasim Samei, and Roberto Solis-Oba. “Experimental Evaluation of a Local Search Approximation Algorithm for the Multiway Cut Problem.” In Conference on Algorithms and Discrete Applied Mathematics, 12601:346–58. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-67899-9_28. ieee: A. Bloch-Hansen, N. Samei, and R. Solis-Oba, “Experimental evaluation of a local search approximation algorithm for the multiway cut problem,” in Conference on Algorithms and Discrete Applied Mathematics, Rupnagar, India, 2021, vol. 12601, pp. 346–358. ista: 'Bloch-Hansen A, Samei N, Solis-Oba R. 2021. Experimental evaluation of a local search approximation algorithm for the multiway cut problem. Conference on Algorithms and Discrete Applied Mathematics. CALDAM: Conference on Algorithms and Discrete Applied Mathematics, LNCS, vol. 12601, 346–358.' mla: Bloch-Hansen, Andrew, et al. “Experimental Evaluation of a Local Search Approximation Algorithm for the Multiway Cut Problem.” Conference on Algorithms and Discrete Applied Mathematics, vol. 12601, Springer Nature, 2021, pp. 346–58, doi:10.1007/978-3-030-67899-9_28. short: A. Bloch-Hansen, N. Samei, R. Solis-Oba, in:, Conference on Algorithms and Discrete Applied Mathematics, Springer Nature, 2021, pp. 346–358. conference: end_date: 2021-02-13 location: Rupnagar, India name: 'CALDAM: Conference on Algorithms and Discrete Applied Mathematics' start_date: 2021-02-11 date_created: 2021-03-07T23:01:25Z date_published: 2021-01-28T00:00:00Z date_updated: 2023-10-10T09:29:08Z day: '28' department: - _id: VlKo doi: 10.1007/978-3-030-67899-9_28 intvolume: ' 12601' language: - iso: eng month: '01' oa_version: None page: 346-358 publication: Conference on Algorithms and Discrete Applied Mathematics publication_identifier: eissn: - 1611-3349 isbn: - '9783030678982' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Experimental evaluation of a local search approximation algorithm for the multiway cut problem type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 12601 year: '2021' ... --- _id: '10410' abstract: - lang: eng text: The security of cryptographic primitives and protocols against adversaries that are allowed to make adaptive choices (e.g., which parties to corrupt or which queries to make) is notoriously difficult to establish. A broad theoretical framework was introduced by Jafargholi et al. [Crypto’17] for this purpose. In this paper we initiate the study of lower bounds on loss in adaptive security for certain cryptographic protocols considered in the framework. We prove lower bounds that almost match the upper bounds (proven using the framework) for proxy re-encryption, prefix-constrained PRFs and generalized selective decryption, a security game that captures the security of certain group messaging and broadcast encryption schemes. Those primitives have in common that their security game involves an underlying graph that can be adaptively built by the adversary. Some of our lower bounds only apply to a restricted class of black-box reductions which we term “oblivious” (the existing upper bounds are of this restricted type), some apply to the broader but still restricted class of non-rewinding reductions, while our lower bound for proxy re-encryption applies to all black-box reductions. The fact that some of our lower bounds seem to crucially rely on obliviousness or at least a non-rewinding reduction hints to the exciting possibility that the existing upper bounds can be improved by using more sophisticated reductions. Our main conceptual contribution is a two-player multi-stage game called the Builder-Pebbler Game. We can translate bounds on the winning probabilities for various instantiations of this game into cryptographic lower bounds for the above-mentioned primitives using oracle separation techniques. acknowledgement: C. Kamath—Supported by Azrieli International Postdoctoral Fellowship. Most of the work was done while the author was at Northeastern University and Charles University, funded by the IARPA grant IARPA/2019-19-020700009 and project PRIMUS/17/SCI/9, respectively. K. Klein—Supported in part by ERC CoG grant 724307. Most of the work was done while the author was at IST Austria funded by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT). K. Pietrzak—Funded by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (682815 - TOCNeT). alternative_title: - LNCS article_processing_charge: No author: - first_name: Chethan full_name: Kamath Hosdurg, Chethan id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87 last_name: Kamath Hosdurg - first_name: Karen full_name: Klein, Karen id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87 last_name: Klein - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Michael full_name: Walter, Michael id: 488F98B0-F248-11E8-B48F-1D18A9856A87 last_name: Walter orcid: 0000-0003-3186-2482 citation: ama: 'Kamath Hosdurg C, Klein K, Pietrzak KZ, Walter M. The cost of adaptivity in security games on graphs. In: 19th International Conference. Vol 13043. Springer Nature; 2021:550-581. doi:10.1007/978-3-030-90453-1_19' apa: 'Kamath Hosdurg, C., Klein, K., Pietrzak, K. Z., & Walter, M. (2021). The cost of adaptivity in security games on graphs. In 19th International Conference (Vol. 13043, pp. 550–581). Raleigh, NC, United States: Springer Nature. https://doi.org/10.1007/978-3-030-90453-1_19' chicago: Kamath Hosdurg, Chethan, Karen Klein, Krzysztof Z Pietrzak, and Michael Walter. “The Cost of Adaptivity in Security Games on Graphs.” In 19th International Conference, 13043:550–81. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-90453-1_19. ieee: C. Kamath Hosdurg, K. Klein, K. Z. Pietrzak, and M. Walter, “The cost of adaptivity in security games on graphs,” in 19th International Conference, Raleigh, NC, United States, 2021, vol. 13043, pp. 550–581. ista: 'Kamath Hosdurg C, Klein K, Pietrzak KZ, Walter M. 2021. The cost of adaptivity in security games on graphs. 19th International Conference. TCC: Theory of Cryptography, LNCS, vol. 13043, 550–581.' mla: Kamath Hosdurg, Chethan, et al. “The Cost of Adaptivity in Security Games on Graphs.” 19th International Conference, vol. 13043, Springer Nature, 2021, pp. 550–81, doi:10.1007/978-3-030-90453-1_19. short: C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, M. Walter, in:, 19th International Conference, Springer Nature, 2021, pp. 550–581. conference: end_date: 2021-11-11 location: Raleigh, NC, United States name: 'TCC: Theory of Cryptography' start_date: 2021-11-08 date_created: 2021-12-05T23:01:43Z date_published: 2021-11-04T00:00:00Z date_updated: 2023-10-17T09:24:07Z day: '04' department: - _id: KrPi doi: 10.1007/978-3-030-90453-1_19 ec_funded: 1 external_id: isi: - '000728364000019' intvolume: ' 13043' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://ia.cr/2021/059 month: '11' oa: 1 oa_version: Preprint page: 550-581 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: 19th International Conference publication_identifier: eissn: - 1611-3349 isbn: - 9-783-0309-0452-4 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '10048' relation: earlier_version status: public scopus_import: '1' status: public title: The cost of adaptivity in security games on graphs type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: 13043 year: '2021' ... --- _id: '10414' abstract: - lang: eng text: 'We consider the almost-sure (a.s.) termination problem for probabilistic programs, which are a stochastic extension of classical imperative programs. Lexicographic ranking functions provide a sound and practical approach for termination of non-probabilistic programs, and their extension to probabilistic programs is achieved via lexicographic ranking supermartingales (LexRSMs). However, LexRSMs introduced in the previous work have a limitation that impedes their automation: all of their components have to be non-negative in all reachable states. This might result in LexRSM not existing even for simple terminating programs. Our contributions are twofold: First, we introduce a generalization of LexRSMs which allows for some components to be negative. This standard feature of non-probabilistic termination proofs was hitherto not known to be sound in the probabilistic setting, as the soundness proof requires a careful analysis of the underlying stochastic process. Second, we present polynomial-time algorithms using our generalized LexRSMs for proving a.s. termination in broad classes of linear-arithmetic programs.' acknowledgement: This research was partially supported by the ERC CoG 863818 (ForM-SMArt), the Czech Science Foundation grant No. GJ19-15134Y, and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie Grant Agreement No. 665385. alternative_title: - LNCS article_processing_charge: No author: - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Ehsan Kafshdar full_name: Goharshady, Ehsan Kafshdar last_name: Goharshady - first_name: Petr full_name: Novotný, Petr id: 3CC3B868-F248-11E8-B48F-1D18A9856A87 last_name: Novotný - first_name: Jiří full_name: Zárevúcky, Jiří last_name: Zárevúcky - first_name: Dorde full_name: Zikelic, Dorde id: 294AA7A6-F248-11E8-B48F-1D18A9856A87 last_name: Zikelic orcid: 0000-0002-4681-1699 citation: ama: 'Chatterjee K, Goharshady EK, Novotný P, Zárevúcky J, Zikelic D. On lexicographic proof rules for probabilistic termination. In: 24th International Symposium on Formal Methods. Vol 13047. Springer Nature; 2021:619-639. doi:10.1007/978-3-030-90870-6_33' apa: 'Chatterjee, K., Goharshady, E. K., Novotný, P., Zárevúcky, J., & Zikelic, D. (2021). On lexicographic proof rules for probabilistic termination. In 24th International Symposium on Formal Methods (Vol. 13047, pp. 619–639). Virtual: Springer Nature. https://doi.org/10.1007/978-3-030-90870-6_33' chicago: Chatterjee, Krishnendu, Ehsan Kafshdar Goharshady, Petr Novotný, Jiří Zárevúcky, and Dorde Zikelic. “On Lexicographic Proof Rules for Probabilistic Termination.” In 24th International Symposium on Formal Methods, 13047:619–39. Springer Nature, 2021. https://doi.org/10.1007/978-3-030-90870-6_33. ieee: K. Chatterjee, E. K. Goharshady, P. Novotný, J. Zárevúcky, and D. Zikelic, “On lexicographic proof rules for probabilistic termination,” in 24th International Symposium on Formal Methods, Virtual, 2021, vol. 13047, pp. 619–639. ista: 'Chatterjee K, Goharshady EK, Novotný P, Zárevúcky J, Zikelic D. 2021. On lexicographic proof rules for probabilistic termination. 24th International Symposium on Formal Methods. FM: Formal Methods, LNCS, vol. 13047, 619–639.' mla: Chatterjee, Krishnendu, et al. “On Lexicographic Proof Rules for Probabilistic Termination.” 24th International Symposium on Formal Methods, vol. 13047, Springer Nature, 2021, pp. 619–39, doi:10.1007/978-3-030-90870-6_33. short: K. Chatterjee, E.K. Goharshady, P. Novotný, J. Zárevúcky, D. Zikelic, in:, 24th International Symposium on Formal Methods, Springer Nature, 2021, pp. 619–639. conference: end_date: 2021-11-26 location: Virtual name: 'FM: Formal Methods' start_date: 2021-11-20 date_created: 2021-12-05T23:01:45Z date_published: 2021-11-10T00:00:00Z date_updated: 2024-01-17T08:19:41Z day: '10' department: - _id: KrCh doi: 10.1007/978-3-030-90870-6_33 ec_funded: 1 external_id: arxiv: - '2108.02188' isi: - '000758218600033' intvolume: ' 13047' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/2108.02188 month: '11' oa: 1 oa_version: Preprint page: 619-639 project: - _id: 0599E47C-7A3F-11EA-A408-12923DDC885E call_identifier: H2020 grant_number: '863818' name: 'Formal Methods for Stochastic Models: Algorithms and Applications' - _id: 2564DBCA-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '665385' name: International IST Doctoral Program publication: 24th International Symposium on Formal Methods publication_identifier: eisbn: - 978-3-030-90870-6 eissn: - 1611-3349 isbn: - 9-783-0309-0869-0 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '14539' relation: dissertation_contains status: public - id: '14778' relation: later_version status: public scopus_import: '1' status: public title: On lexicographic proof rules for probabilistic termination type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 13047 year: '2021' ... --- _id: '10206' abstract: - lang: eng text: Neural-network classifiers achieve high accuracy when predicting the class of an input that they were trained to identify. Maintaining this accuracy in dynamic environments, where inputs frequently fall outside the fixed set of initially known classes, remains a challenge. The typical approach is to detect inputs from novel classes and retrain the classifier on an augmented dataset. However, not only the classifier but also the detection mechanism needs to adapt in order to distinguish between newly learned and yet unknown input classes. To address this challenge, we introduce an algorithmic framework for active monitoring of a neural network. A monitor wrapped in our framework operates in parallel with the neural network and interacts with a human user via a series of interpretable labeling queries for incremental adaptation. In addition, we propose an adaptive quantitative monitor to improve precision. An experimental evaluation on a diverse set of benchmarks with varying numbers of classes confirms the benefits of our active monitoring framework in dynamic scenarios. acknowledgement: We thank Christoph Lampert and Alex Greengold for fruitful discussions. This research was supported in part by the Simons Institute for the Theory of Computing, the Austrian Science Fund (FWF) under grant Z211-N23 (Wittgenstein Award), and the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No. 754411. alternative_title: - LNCS article_processing_charge: No author: - first_name: Anna full_name: Lukina, Anna id: CBA4D1A8-0FE8-11E9-BDE6-07BFE5697425 last_name: Lukina - first_name: Christian full_name: Schilling, Christian id: 3A2F4DCE-F248-11E8-B48F-1D18A9856A87 last_name: Schilling orcid: 0000-0003-3658-1065 - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 citation: ama: 'Lukina A, Schilling C, Henzinger TA. Into the unknown: active monitoring of neural networks. In: 21st International Conference on Runtime Verification. Vol 12974. Cham: Springer Nature; 2021:42-61. doi:10.1007/978-3-030-88494-9_3' apa: 'Lukina, A., Schilling, C., & Henzinger, T. A. (2021). Into the unknown: active monitoring of neural networks. In 21st International Conference on Runtime Verification (Vol. 12974, pp. 42–61). Cham: Springer Nature. https://doi.org/10.1007/978-3-030-88494-9_3' chicago: 'Lukina, Anna, Christian Schilling, and Thomas A Henzinger. “Into the Unknown: Active Monitoring of Neural Networks.” In 21st International Conference on Runtime Verification, 12974:42–61. Cham: Springer Nature, 2021. https://doi.org/10.1007/978-3-030-88494-9_3.' ieee: 'A. Lukina, C. Schilling, and T. A. Henzinger, “Into the unknown: active monitoring of neural networks,” in 21st International Conference on Runtime Verification, Virtual, 2021, vol. 12974, pp. 42–61.' ista: 'Lukina A, Schilling C, Henzinger TA. 2021. Into the unknown: active monitoring of neural networks. 21st International Conference on Runtime Verification. RV: Runtime Verification, LNCS, vol. 12974, 42–61.' mla: 'Lukina, Anna, et al. “Into the Unknown: Active Monitoring of Neural Networks.” 21st International Conference on Runtime Verification, vol. 12974, Springer Nature, 2021, pp. 42–61, doi:10.1007/978-3-030-88494-9_3.' short: A. Lukina, C. Schilling, T.A. Henzinger, in:, 21st International Conference on Runtime Verification, Springer Nature, Cham, 2021, pp. 42–61. conference: end_date: 2021-10-14 location: Virtual name: 'RV: Runtime Verification' start_date: 2021-10-11 date_created: 2021-10-31T23:01:31Z date_published: 2021-10-06T00:00:00Z date_updated: 2024-01-30T12:06:56Z day: '06' department: - _id: ToHe doi: 10.1007/978-3-030-88494-9_3 ec_funded: 1 external_id: arxiv: - '2009.06429' isi: - '000719383800003' isi: 1 keyword: - monitoring - neural networks - novelty detection language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/2009.06429 month: '10' oa: 1 oa_version: Preprint page: 42-61 place: Cham project: - _id: 260C2330-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '754411' name: ISTplus - Postdoctoral Fellowships - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: 21st International Conference on Runtime Verification publication_identifier: eisbn: - 978-3-030-88494-9 eissn: - 1611-3349 isbn: - 9-783-0308-8493-2 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '13234' relation: extended_version status: public scopus_import: '1' status: public title: 'Into the unknown: active monitoring of neural networks' type: conference user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8 volume: '12974 ' year: '2021' ... --- _id: '9299' abstract: - lang: eng text: We call a multigraph non-homotopic if it can be drawn in the plane in such a way that no two edges connecting the same pair of vertices can be continuously transformed into each other without passing through a vertex, and no loop can be shrunk to its end-vertex in the same way. It is easy to see that a non-homotopic multigraph on n>1 vertices can have arbitrarily many edges. We prove that the number of crossings between the edges of a non-homotopic multigraph with n vertices and m>4n edges is larger than cm2n for some constant c>0 , and that this bound is tight up to a polylogarithmic factor. We also show that the lower bound is not asymptotically sharp as n is fixed and m⟶∞ . acknowledgement: Supported by the National Research, Development and Innovation Office, NKFIH, KKP-133864, K-131529, K-116769, K-132696, by the Higher Educational Institutional Excellence Program 2019 NKFIH-1158-6/2019, the Austrian Science Fund (FWF), grant Z 342-N31, by the Ministry of Education and Science of the Russian Federation MegaGrant No. 075-15-2019-1926, and by the ERC Synergy Grant “Dynasnet” No. 810115. A full version can be found at https://arxiv.org/abs/2006.14908. article_processing_charge: No author: - first_name: János full_name: Pach, János id: E62E3130-B088-11EA-B919-BF823C25FEA4 last_name: Pach - first_name: Gábor full_name: Tardos, Gábor last_name: Tardos - first_name: Géza full_name: Tóth, Géza last_name: Tóth citation: ama: 'Pach J, Tardos G, Tóth G. Crossings between non-homotopic edges. In: 28th International Symposium on Graph Drawing and Network Visualization. Vol 12590. LNCS. Springer Nature; 2020:359-371. doi:10.1007/978-3-030-68766-3_28' apa: 'Pach, J., Tardos, G., & Tóth, G. (2020). Crossings between non-homotopic edges. In 28th International Symposium on Graph Drawing and Network Visualization (Vol. 12590, pp. 359–371). Virtual, Online: Springer Nature. https://doi.org/10.1007/978-3-030-68766-3_28' chicago: Pach, János, Gábor Tardos, and Géza Tóth. “Crossings between Non-Homotopic Edges.” In 28th International Symposium on Graph Drawing and Network Visualization, 12590:359–71. LNCS. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-68766-3_28. ieee: J. Pach, G. Tardos, and G. Tóth, “Crossings between non-homotopic edges,” in 28th International Symposium on Graph Drawing and Network Visualization, Virtual, Online, 2020, vol. 12590, pp. 359–371. ista: 'Pach J, Tardos G, Tóth G. 2020. Crossings between non-homotopic edges. 28th International Symposium on Graph Drawing and Network Visualization. GD: Graph Drawing and Network VisualizationLNCS vol. 12590, 359–371.' mla: Pach, János, et al. “Crossings between Non-Homotopic Edges.” 28th International Symposium on Graph Drawing and Network Visualization, vol. 12590, Springer Nature, 2020, pp. 359–71, doi:10.1007/978-3-030-68766-3_28. short: J. Pach, G. Tardos, G. Tóth, in:, 28th International Symposium on Graph Drawing and Network Visualization, Springer Nature, 2020, pp. 359–371. conference: end_date: 2020-09-18 location: Virtual, Online name: 'GD: Graph Drawing and Network Visualization' start_date: 2020-09-16 date_created: 2021-03-28T22:01:44Z date_published: 2020-09-20T00:00:00Z date_updated: 2021-04-06T11:32:32Z day: '20' department: - _id: HeEd doi: 10.1007/978-3-030-68766-3_28 external_id: arxiv: - '2006.14908' intvolume: ' 12590' language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/2006.14908 month: '09' oa: 1 oa_version: Preprint page: 359-371 project: - _id: 268116B8-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z00342 name: The Wittgenstein Prize publication: 28th International Symposium on Graph Drawing and Network Visualization publication_identifier: eissn: - 1611-3349 isbn: - '9783030687656' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Crossings between non-homotopic edges type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 12590 year: '2020' ... --- _id: '7966' abstract: - lang: eng text: "For 1≤m≤n, we consider a natural m-out-of-n multi-instance scenario for a public-key encryption (PKE) scheme. An adversary, given n independent instances of PKE, wins if he breaks at least m out of the n instances. In this work, we are interested in the scaling factor of PKE schemes, SF, which measures how well the difficulty of breaking m out of the n instances scales in m. That is, a scaling factor SF=ℓ indicates that breaking m out of n instances is at least ℓ times more difficult than breaking one single instance. A PKE scheme with small scaling factor hence provides an ideal target for mass surveillance. In fact, the Logjam attack (CCS 2015) implicitly exploited, among other things, an almost constant scaling factor of ElGamal over finite fields (with shared group parameters).\r\n\r\nFor Hashed ElGamal over elliptic curves, we use the generic group model to argue that the scaling factor depends on the scheme's granularity. In low granularity, meaning each public key contains its independent group parameter, the scheme has optimal scaling factor SF=m; In medium and high granularity, meaning all public keys share the same group parameter, the scheme still has a reasonable scaling factor SF=√m. Our findings underline that instantiating ElGamal over elliptic curves should be preferred to finite fields in a multi-instance scenario.\r\n\r\nAs our main technical contribution, we derive new generic-group lower bounds of Ω(√(mp)) on the difficulty of solving both the m-out-of-n Gap Discrete Logarithm and the m-out-of-n Gap Computational Diffie-Hellman problem over groups of prime order p, extending a recent result by Yun (EUROCRYPT 2015). We establish the lower bound by studying the hardness of a related computational problem which we call the search-by-hypersurface problem." alternative_title: - LNCS article_processing_charge: No author: - first_name: Benedikt full_name: Auerbach, Benedikt id: D33D2B18-E445-11E9-ABB7-15F4E5697425 last_name: Auerbach orcid: 0000-0002-7553-6606 - first_name: Federico full_name: Giacon, Federico last_name: Giacon - first_name: Eike full_name: Kiltz, Eike last_name: Kiltz citation: ama: 'Auerbach B, Giacon F, Kiltz E. Everybody’s a target: Scalability in public-key encryption. In: Advances in Cryptology – EUROCRYPT 2020. Vol 12107. Springer Nature; 2020:475-506. doi:10.1007/978-3-030-45727-3_16' apa: 'Auerbach, B., Giacon, F., & Kiltz, E. (2020). Everybody’s a target: Scalability in public-key encryption. In Advances in Cryptology – EUROCRYPT 2020 (Vol. 12107, pp. 475–506). Springer Nature. https://doi.org/10.1007/978-3-030-45727-3_16' chicago: 'Auerbach, Benedikt, Federico Giacon, and Eike Kiltz. “Everybody’s a Target: Scalability in Public-Key Encryption.” In Advances in Cryptology – EUROCRYPT 2020, 12107:475–506. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-45727-3_16.' ieee: 'B. Auerbach, F. Giacon, and E. Kiltz, “Everybody’s a target: Scalability in public-key encryption,” in Advances in Cryptology – EUROCRYPT 2020, 2020, vol. 12107, pp. 475–506.' ista: 'Auerbach B, Giacon F, Kiltz E. 2020. Everybody’s a target: Scalability in public-key encryption. Advances in Cryptology – EUROCRYPT 2020. EUROCRYPT: Theory and Applications of Cryptographic Techniques, LNCS, vol. 12107, 475–506.' mla: 'Auerbach, Benedikt, et al. “Everybody’s a Target: Scalability in Public-Key Encryption.” Advances in Cryptology – EUROCRYPT 2020, vol. 12107, Springer Nature, 2020, pp. 475–506, doi:10.1007/978-3-030-45727-3_16.' short: B. Auerbach, F. Giacon, E. Kiltz, in:, Advances in Cryptology – EUROCRYPT 2020, Springer Nature, 2020, pp. 475–506. conference: end_date: 2020-05-15 name: 'EUROCRYPT: Theory and Applications of Cryptographic Techniques' start_date: 2020-05-11 date_created: 2020-06-15T07:13:37Z date_published: 2020-05-01T00:00:00Z date_updated: 2023-09-05T15:06:40Z day: '01' department: - _id: KrPi doi: 10.1007/978-3-030-45727-3_16 ec_funded: 1 external_id: isi: - '000828688000016' intvolume: ' 12107' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2019/364 month: '05' oa: 1 oa_version: Submitted Version page: 475-506 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: Advances in Cryptology – EUROCRYPT 2020 publication_identifier: eissn: - 1611-3349 isbn: - '9783030457266' - '9783030457273' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: 'Everybody’s a target: Scalability in public-key encryption' type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12107 year: '2020' ... --- _id: '8623' abstract: - lang: eng text: We introduce the monitoring of trace properties under assumptions. An assumption limits the space of possible traces that the monitor may encounter. An assumption may result from knowledge about the system that is being monitored, about the environment, or about another, connected monitor. We define monitorability under assumptions and study its theoretical properties. In particular, we show that for every assumption A, the boolean combinations of properties that are safe or co-safe relative to A are monitorable under A. We give several examples and constructions on how an assumption can make a non-monitorable property monitorable, and how an assumption can make a monitorable property monitorable with fewer resources, such as integer registers. acknowledgement: This research was supported in part by the Austrian Science Fund (FWF) under grant Z211-N23 (Wittgenstein Award). alternative_title: - LNCS article_processing_charge: No author: - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Naci E full_name: Sarac, Naci E id: 8C6B42F8-C8E6-11E9-A03A-F2DCE5697425 last_name: Sarac citation: ama: 'Henzinger TA, Sarac NE. Monitorability under assumptions. In: Runtime Verification. Vol 12399. Springer Nature; 2020:3-18. doi:10.1007/978-3-030-60508-7_1' apa: 'Henzinger, T. A., & Sarac, N. E. (2020). Monitorability under assumptions. In Runtime Verification (Vol. 12399, pp. 3–18). Los Angeles, CA, United States: Springer Nature. https://doi.org/10.1007/978-3-030-60508-7_1' chicago: Henzinger, Thomas A, and Naci E Sarac. “Monitorability under Assumptions.” In Runtime Verification, 12399:3–18. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-60508-7_1. ieee: T. A. Henzinger and N. E. Sarac, “Monitorability under assumptions,” in Runtime Verification, Los Angeles, CA, United States, 2020, vol. 12399, pp. 3–18. ista: 'Henzinger TA, Sarac NE. 2020. Monitorability under assumptions. Runtime Verification. RV: Runtime Verification, LNCS, vol. 12399, 3–18.' mla: Henzinger, Thomas A., and Naci E. Sarac. “Monitorability under Assumptions.” Runtime Verification, vol. 12399, Springer Nature, 2020, pp. 3–18, doi:10.1007/978-3-030-60508-7_1. short: T.A. Henzinger, N.E. Sarac, in:, Runtime Verification, Springer Nature, 2020, pp. 3–18. conference: end_date: 2020-10-09 location: Los Angeles, CA, United States name: 'RV: Runtime Verification' start_date: 2020-10-06 date_created: 2020-10-07T15:05:37Z date_published: 2020-10-02T00:00:00Z date_updated: 2023-09-05T15:08:26Z day: '02' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-030-60508-7_1 external_id: isi: - '000728160600001' file: - access_level: open_access checksum: 00661f9b7034f52e18bf24fa552b8194 content_type: application/pdf creator: esarac date_created: 2020-10-15T14:28:06Z date_updated: 2020-10-15T14:28:06Z file_id: '8665' file_name: monitorability.pdf file_size: 478148 relation: main_file success: 1 file_date_updated: 2020-10-15T14:28:06Z has_accepted_license: '1' intvolume: ' 12399' isi: 1 language: - iso: eng month: '10' oa: 1 oa_version: Submitted Version page: 3-18 project: - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: Runtime Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783030605070' - '9783030605087' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Monitorability under assumptions type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12399 year: '2020' ... --- _id: '8732' abstract: - lang: eng text: 'A simple drawing D(G) of a graph G is one where each pair of edges share at most one point: either a common endpoint or a proper crossing. An edge e in the complement of G can be inserted into D(G) if there exists a simple drawing of G+e extending D(G). As a result of Levi’s Enlargement Lemma, if a drawing is rectilinear (pseudolinear), that is, the edges can be extended into an arrangement of lines (pseudolines), then any edge in the complement of G can be inserted. In contrast, we show that it is NP -complete to decide whether one edge can be inserted into a simple drawing. This remains true even if we assume that the drawing is pseudocircular, that is, the edges can be extended to an arrangement of pseudocircles. On the positive side, we show that, given an arrangement of pseudocircles A and a pseudosegment σ , it can be decided in polynomial time whether there exists a pseudocircle Φσ extending σ for which A∪{Φσ} is again an arrangement of pseudocircles.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Alan M full_name: Arroyo Guevara, Alan M id: 3207FDC6-F248-11E8-B48F-1D18A9856A87 last_name: Arroyo Guevara orcid: 0000-0003-2401-8670 - first_name: Fabian full_name: Klute, Fabian last_name: Klute - first_name: Irene full_name: Parada, Irene last_name: Parada - first_name: Raimund full_name: Seidel, Raimund last_name: Seidel - first_name: Birgit full_name: Vogtenhuber, Birgit last_name: Vogtenhuber - first_name: Tilo full_name: Wiedera, Tilo last_name: Wiedera citation: ama: 'Arroyo Guevara AM, Klute F, Parada I, Seidel R, Vogtenhuber B, Wiedera T. Inserting one edge into a simple drawing is hard. In: Graph-Theoretic Concepts in Computer Science. Vol 12301. Springer Nature; 2020:325-338. doi:10.1007/978-3-030-60440-0_26' apa: 'Arroyo Guevara, A. M., Klute, F., Parada, I., Seidel, R., Vogtenhuber, B., & Wiedera, T. (2020). Inserting one edge into a simple drawing is hard. In Graph-Theoretic Concepts in Computer Science (Vol. 12301, pp. 325–338). Leeds, United Kingdom: Springer Nature. https://doi.org/10.1007/978-3-030-60440-0_26' chicago: Arroyo Guevara, Alan M, Fabian Klute, Irene Parada, Raimund Seidel, Birgit Vogtenhuber, and Tilo Wiedera. “Inserting One Edge into a Simple Drawing Is Hard.” In Graph-Theoretic Concepts in Computer Science, 12301:325–38. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-60440-0_26. ieee: A. M. Arroyo Guevara, F. Klute, I. Parada, R. Seidel, B. Vogtenhuber, and T. Wiedera, “Inserting one edge into a simple drawing is hard,” in Graph-Theoretic Concepts in Computer Science, Leeds, United Kingdom, 2020, vol. 12301, pp. 325–338. ista: 'Arroyo Guevara AM, Klute F, Parada I, Seidel R, Vogtenhuber B, Wiedera T. 2020. Inserting one edge into a simple drawing is hard. Graph-Theoretic Concepts in Computer Science. WG: Workshop on Graph-Theoretic Concepts in Computer Science, LNCS, vol. 12301, 325–338.' mla: Arroyo Guevara, Alan M., et al. “Inserting One Edge into a Simple Drawing Is Hard.” Graph-Theoretic Concepts in Computer Science, vol. 12301, Springer Nature, 2020, pp. 325–38, doi:10.1007/978-3-030-60440-0_26. short: A.M. Arroyo Guevara, F. Klute, I. Parada, R. Seidel, B. Vogtenhuber, T. Wiedera, in:, Graph-Theoretic Concepts in Computer Science, Springer Nature, 2020, pp. 325–338. conference: end_date: 2020-06-26 location: Leeds, United Kingdom name: 'WG: Workshop on Graph-Theoretic Concepts in Computer Science' start_date: 2020-06-24 date_created: 2020-11-06T08:45:03Z date_published: 2020-10-09T00:00:00Z date_updated: 2023-09-05T15:09:16Z day: '09' department: - _id: UlWa doi: 10.1007/978-3-030-60440-0_26 ec_funded: 1 intvolume: ' 12301' language: - iso: eng month: '10' oa_version: None page: 325-338 project: - _id: 260C2330-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '754411' name: ISTplus - Postdoctoral Fellowships publication: Graph-Theoretic Concepts in Computer Science publication_identifier: eissn: - 1611-3349 isbn: - '9783030604394' - '9783030604400' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Inserting one edge into a simple drawing is hard type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12301 year: '2020' ... --- _id: '10865' abstract: - lang: eng text: "We introduce the notion of Witness Maps as a cryptographic notion of a proof system. A Unique Witness Map (UWM) deterministically maps all witnesses for an \ NP statement to a single representative witness, resulting in a computationally sound, deterministic-prover, non-interactive witness independent proof system. A relaxation of UWM, called Compact Witness Map (CWM), maps all the witnesses to a small number of witnesses, resulting in a “lossy” deterministic-prover, non-interactive proof-system. We also define a Dual Mode Witness Map (DMWM) which adds an “extractable” mode to a CWM.\r\nOur main construction is a DMWM for all NP relations, assuming sub-exponentially secure indistinguishability obfuscation ( iO ), along with standard cryptographic assumptions. The DMWM construction relies on a CWM and a new primitive called Cumulative All-Lossy-But-One Trapdoor Functions (C-ALBO-TDF), both of which are in turn instantiated based on iO and other primitives. Our instantiation of a CWM is in fact a UWM; in turn, we show that a UWM implies Witness Encryption. Along the way to constructing UWM and C-ALBO-TDF, we also construct, from standard assumptions, Puncturable Digital Signatures and a new primitive called Cumulative Lossy Trapdoor Functions (C-LTDF). The former improves up on a construction of Bellare et al. (Eurocrypt 2016), who relied on sub-exponentially secure iO and sub-exponentially secure OWF.\r\nAs an application of our constructions, we show how to use a DMWM to construct the first leakage and tamper-resilient signatures with a deterministic signer, thereby solving a decade old open problem posed by Katz and Vaikunthanathan (Asiacrypt 2009), by Boyle, Segev and Wichs (Eurocrypt 2011), as well as by Faonio and Venturi (Asiacrypt 2016). Our construction achieves the optimal leakage rate of 1−o(1) ." acknowledgement: We would like to thank the anonymous reviewers of PKC 2019 for their useful comments and suggestions. We thank Omer Paneth for pointing out to us the connection between Unique Witness Maps (UWM) and Witness encryption (WE). The first author would like to acknowledge Pandu Rangan for his involvement during the initial discussion phase of the project. article_processing_charge: No author: - first_name: Suvradip full_name: Chakraborty, Suvradip id: B9CD0494-D033-11E9-B219-A439E6697425 last_name: Chakraborty - first_name: Manoj full_name: Prabhakaran, Manoj last_name: Prabhakaran - first_name: Daniel full_name: Wichs, Daniel last_name: Wichs citation: ama: 'Chakraborty S, Prabhakaran M, Wichs D. Witness maps and applications. In: Kiayias A, ed. Public-Key Cryptography. Vol 12110. LNCS. Cham: Springer Nature; 2020:220-246. doi:10.1007/978-3-030-45374-9_8' apa: 'Chakraborty, S., Prabhakaran, M., & Wichs, D. (2020). Witness maps and applications. In A. Kiayias (Ed.), Public-Key Cryptography (Vol. 12110, pp. 220–246). Cham: Springer Nature. https://doi.org/10.1007/978-3-030-45374-9_8' chicago: 'Chakraborty, Suvradip, Manoj Prabhakaran, and Daniel Wichs. “Witness Maps and Applications.” In Public-Key Cryptography, edited by A Kiayias, 12110:220–46. LNCS. Cham: Springer Nature, 2020. https://doi.org/10.1007/978-3-030-45374-9_8.' ieee: 'S. Chakraborty, M. Prabhakaran, and D. Wichs, “Witness maps and applications,” in Public-Key Cryptography, vol. 12110, A. Kiayias, Ed. Cham: Springer Nature, 2020, pp. 220–246.' ista: 'Chakraborty S, Prabhakaran M, Wichs D. 2020.Witness maps and applications. In: Public-Key Cryptography. vol. 12110, 220–246.' mla: Chakraborty, Suvradip, et al. “Witness Maps and Applications.” Public-Key Cryptography, edited by A Kiayias, vol. 12110, Springer Nature, 2020, pp. 220–46, doi:10.1007/978-3-030-45374-9_8. short: S. Chakraborty, M. Prabhakaran, D. Wichs, in:, A. Kiayias (Ed.), Public-Key Cryptography, Springer Nature, Cham, 2020, pp. 220–246. date_created: 2022-03-18T11:35:51Z date_published: 2020-04-29T00:00:00Z date_updated: 2023-09-05T15:10:02Z day: '29' doi: 10.1007/978-3-030-45374-9_8 editor: - first_name: A full_name: Kiayias, A last_name: Kiayias intvolume: ' 12110' language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2020/090 month: '04' oa: 1 oa_version: Preprint page: 220-246 place: Cham publication: Public-Key Cryptography publication_identifier: eissn: - 1611-3349 isbn: - '9783030453732' - '9783030453749' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Witness maps and applications type: book_chapter user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12110 year: '2020' ... --- _id: '8195' abstract: - lang: eng text: This paper presents a foundation for refining concurrent programs with structured control flow. The verification problem is decomposed into subproblems that aid interactive program development, proof reuse, and automation. The formalization in this paper is the basis of a new design and implementation of the Civl verifier. acknowledgement: "Bernhard Kragl and Thomas A. Henzinger were supported by\r\nthe Austrian Science Fund (FWF) under grant Z211-N23 (Wittgenstein Award)." alternative_title: - LNCS article_processing_charge: No author: - first_name: Bernhard full_name: Kragl, Bernhard id: 320FC952-F248-11E8-B48F-1D18A9856A87 last_name: Kragl orcid: 0000-0001-7745-9117 - first_name: Shaz full_name: Qadeer, Shaz last_name: Qadeer - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 citation: ama: 'Kragl B, Qadeer S, Henzinger TA. Refinement for structured concurrent programs. In: Computer Aided Verification. Vol 12224. Springer Nature; 2020:275-298. doi:10.1007/978-3-030-53288-8_14' apa: Kragl, B., Qadeer, S., & Henzinger, T. A. (2020). Refinement for structured concurrent programs. In Computer Aided Verification (Vol. 12224, pp. 275–298). Springer Nature. https://doi.org/10.1007/978-3-030-53288-8_14 chicago: Kragl, Bernhard, Shaz Qadeer, and Thomas A Henzinger. “Refinement for Structured Concurrent Programs.” In Computer Aided Verification, 12224:275–98. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-53288-8_14. ieee: B. Kragl, S. Qadeer, and T. A. Henzinger, “Refinement for structured concurrent programs,” in Computer Aided Verification, 2020, vol. 12224, pp. 275–298. ista: Kragl B, Qadeer S, Henzinger TA. 2020. Refinement for structured concurrent programs. Computer Aided Verification. , LNCS, vol. 12224, 275–298. mla: Kragl, Bernhard, et al. “Refinement for Structured Concurrent Programs.” Computer Aided Verification, vol. 12224, Springer Nature, 2020, pp. 275–98, doi:10.1007/978-3-030-53288-8_14. short: B. Kragl, S. Qadeer, T.A. Henzinger, in:, Computer Aided Verification, Springer Nature, 2020, pp. 275–298. date_created: 2020-08-03T11:45:35Z date_published: 2020-07-14T00:00:00Z date_updated: 2023-09-07T13:18:00Z day: '14' ddc: - '000' department: - _id: ToHe doi: 10.1007/978-3-030-53288-8_14 external_id: isi: - '000695276000014' file: - access_level: open_access content_type: application/pdf creator: dernst date_created: 2020-08-06T08:14:54Z date_updated: 2020-08-06T08:14:54Z file_id: '8201' file_name: 2020_LNCS_Kragl.pdf file_size: 804237 relation: main_file success: 1 file_date_updated: 2020-08-06T08:14:54Z has_accepted_license: '1' intvolume: ' 12224' isi: 1 language: - iso: eng month: '07' oa: 1 oa_version: Published Version page: 275-298 project: - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: Computer Aided Verification publication_identifier: eisbn: - '9783030532888' eissn: - 1611-3349 isbn: - '9783030532871' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '8332' relation: dissertation_contains status: public scopus_import: '1' status: public title: Refinement for structured concurrent programs tmp: image: /images/cc_by.png legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0) short: CC BY (4.0) type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12224 year: '2020' ... --- _id: '8728' abstract: - lang: eng text: Discrete-time Markov Chains (MCs) and Markov Decision Processes (MDPs) are two standard formalisms in system analysis. Their main associated quantitative objectives are hitting probabilities, discounted sum, and mean payoff. Although there are many techniques for computing these objectives in general MCs/MDPs, they have not been thoroughly studied in terms of parameterized algorithms, particularly when treewidth is used as the parameter. This is in sharp contrast to qualitative objectives for MCs, MDPs and graph games, for which treewidth-based algorithms yield significant complexity improvements. In this work, we show that treewidth can also be used to obtain faster algorithms for the quantitative problems. For an MC with n states and m transitions, we show that each of the classical quantitative objectives can be computed in O((n+m)⋅t2) time, given a tree decomposition of the MC with width t. Our results also imply a bound of O(κ⋅(n+m)⋅t2) for each objective on MDPs, where κ is the number of strategy-iteration refinements required for the given input and objective. Finally, we make an experimental evaluation of our new algorithms on low-treewidth MCs and MDPs obtained from the DaCapo benchmark suite. Our experiments show that on low-treewidth MCs and MDPs, our algorithms outperform existing well-established methods by one or more orders of magnitude. alternative_title: - LNCS article_processing_charge: No author: - first_name: Ali full_name: Asadi, Ali last_name: Asadi - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Amir Kafshdar full_name: Goharshady, Amir Kafshdar id: 391365CE-F248-11E8-B48F-1D18A9856A87 last_name: Goharshady orcid: 0000-0003-1702-6584 - first_name: Kiarash full_name: Mohammadi, Kiarash last_name: Mohammadi - first_name: Andreas full_name: Pavlogiannis, Andreas id: 49704004-F248-11E8-B48F-1D18A9856A87 last_name: Pavlogiannis orcid: 0000-0002-8943-0722 citation: ama: 'Asadi A, Chatterjee K, Goharshady AK, Mohammadi K, Pavlogiannis A. Faster algorithms for quantitative analysis of MCs and MDPs with small treewidth. In: Automated Technology for Verification and Analysis. Vol 12302. Springer Nature; 2020:253-270. doi:10.1007/978-3-030-59152-6_14' apa: 'Asadi, A., Chatterjee, K., Goharshady, A. K., Mohammadi, K., & Pavlogiannis, A. (2020). Faster algorithms for quantitative analysis of MCs and MDPs with small treewidth. In Automated Technology for Verification and Analysis (Vol. 12302, pp. 253–270). Hanoi, Vietnam: Springer Nature. https://doi.org/10.1007/978-3-030-59152-6_14' chicago: Asadi, Ali, Krishnendu Chatterjee, Amir Kafshdar Goharshady, Kiarash Mohammadi, and Andreas Pavlogiannis. “Faster Algorithms for Quantitative Analysis of MCs and MDPs with Small Treewidth.” In Automated Technology for Verification and Analysis, 12302:253–70. Springer Nature, 2020. https://doi.org/10.1007/978-3-030-59152-6_14. ieee: A. Asadi, K. Chatterjee, A. K. Goharshady, K. Mohammadi, and A. Pavlogiannis, “Faster algorithms for quantitative analysis of MCs and MDPs with small treewidth,” in Automated Technology for Verification and Analysis, Hanoi, Vietnam, 2020, vol. 12302, pp. 253–270. ista: 'Asadi A, Chatterjee K, Goharshady AK, Mohammadi K, Pavlogiannis A. 2020. Faster algorithms for quantitative analysis of MCs and MDPs with small treewidth. Automated Technology for Verification and Analysis. ATVA: Automated Technology for Verification and Analysis, LNCS, vol. 12302, 253–270.' mla: Asadi, Ali, et al. “Faster Algorithms for Quantitative Analysis of MCs and MDPs with Small Treewidth.” Automated Technology for Verification and Analysis, vol. 12302, Springer Nature, 2020, pp. 253–70, doi:10.1007/978-3-030-59152-6_14. short: A. Asadi, K. Chatterjee, A.K. Goharshady, K. Mohammadi, A. Pavlogiannis, in:, Automated Technology for Verification and Analysis, Springer Nature, 2020, pp. 253–270. conference: end_date: 2020-10-23 location: Hanoi, Vietnam name: 'ATVA: Automated Technology for Verification and Analysis' start_date: 2020-10-19 date_created: 2020-11-06T07:30:05Z date_published: 2020-10-12T00:00:00Z date_updated: 2024-03-28T23:30:34Z day: '12' ddc: - '000' department: - _id: KrCh doi: 10.1007/978-3-030-59152-6_14 external_id: isi: - '000723555700014' file: - access_level: open_access checksum: ae83f27e5b189d5abc2e7514f1b7e1b5 content_type: application/pdf creator: dernst date_created: 2020-11-06T07:41:03Z date_updated: 2020-11-06T07:41:03Z file_id: '8729' file_name: 2020_LNCS_ATVA_Asadi_accepted.pdf file_size: 726648 relation: main_file success: 1 file_date_updated: 2020-11-06T07:41:03Z has_accepted_license: '1' intvolume: ' 12302' isi: 1 language: - iso: eng month: '10' oa: 1 oa_version: Submitted Version page: 253-270 project: - _id: 25832EC2-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S 11407_N23 name: Rigorous Systems Engineering - _id: 25892FC0-B435-11E9-9278-68D0E5697425 grant_number: ICT15-003 name: Efficient Algorithms for Computer Aided Verification - _id: 267066CE-B435-11E9-9278-68D0E5697425 name: Quantitative Analysis of Probablistic Systems with a focus on Crypto-currencies publication: Automated Technology for Verification and Analysis publication_identifier: eisbn: - '9783030591526' eissn: - 1611-3349 isbn: - '9783030591519' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '8934' relation: dissertation_contains status: public scopus_import: '1' status: public title: Faster algorithms for quantitative analysis of MCs and MDPs with small treewidth type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 12302 year: '2020' ... --- _id: '7147' abstract: - lang: eng text: "The expression of a gene is characterised by its transcription factors and the function processing them. If the transcription factors are not affected by gene products, the regulating function is often represented as a combinational logic circuit, where the outputs (product) are determined by current input values (transcription factors) only, and are hence independent on their relative arrival times. However, the simultaneous arrival of transcription factors (TFs) in genetic circuits is a strong assumption, given that the processes of transcription and translation of a gene into a protein introduce intrinsic time delays and that there is no global synchronisation among the arrival times of different molecular species at molecular targets.\r\n\r\nIn this paper, we construct an experimentally implementable genetic circuit with two inputs and a single output, such that, in presence of small delays in input arrival, the circuit exhibits qualitatively distinct observable phenotypes. In particular, these phenotypes are long lived transients: they all converge to a single value, but so slowly, that they seem stable for an extended time period, longer than typical experiment duration. We used rule-based language to prototype our circuit, and we implemented a search for finding the parameter combinations raising the phenotypes of interest.\r\n\r\nThe behaviour of our prototype circuit has wide implications. First, it suggests that GRNs can exploit event timing to create phenotypes. Second, it opens the possibility that GRNs are using event timing to react to stimuli and memorise events, without explicit feedback in regulation. From the modelling perspective, our prototype circuit demonstrates the critical importance of analysing the transient dynamics at the promoter binding sites of the DNA, before applying rapid equilibrium assumptions." alternative_title: - LNCS article_processing_charge: No author: - first_name: Calin C full_name: Guet, Calin C id: 47F8433E-F248-11E8-B48F-1D18A9856A87 last_name: Guet orcid: 0000-0001-6220-2052 - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000−0002−2985−7724 - first_name: Claudia full_name: Igler, Claudia id: 46613666-F248-11E8-B48F-1D18A9856A87 last_name: Igler - first_name: Tatjana full_name: Petrov, Tatjana id: 3D5811FC-F248-11E8-B48F-1D18A9856A87 last_name: Petrov orcid: 0000-0002-9041-0905 - first_name: Ali full_name: Sezgin, Ali id: 4C7638DA-F248-11E8-B48F-1D18A9856A87 last_name: Sezgin citation: ama: 'Guet CC, Henzinger TA, Igler C, Petrov T, Sezgin A. Transient memory in gene regulation. In: 17th International Conference on Computational Methods in Systems Biology. Vol 11773. Springer Nature; 2019:155-187. doi:10.1007/978-3-030-31304-3_9' apa: 'Guet, C. C., Henzinger, T. A., Igler, C., Petrov, T., & Sezgin, A. (2019). Transient memory in gene regulation. In 17th International Conference on Computational Methods in Systems Biology (Vol. 11773, pp. 155–187). Trieste, Italy: Springer Nature. https://doi.org/10.1007/978-3-030-31304-3_9' chicago: Guet, Calin C, Thomas A Henzinger, Claudia Igler, Tatjana Petrov, and Ali Sezgin. “Transient Memory in Gene Regulation.” In 17th International Conference on Computational Methods in Systems Biology, 11773:155–87. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-31304-3_9. ieee: C. C. Guet, T. A. Henzinger, C. Igler, T. Petrov, and A. Sezgin, “Transient memory in gene regulation,” in 17th International Conference on Computational Methods in Systems Biology, Trieste, Italy, 2019, vol. 11773, pp. 155–187. ista: 'Guet CC, Henzinger TA, Igler C, Petrov T, Sezgin A. 2019. Transient memory in gene regulation. 17th International Conference on Computational Methods in Systems Biology. CMSB: Computational Methods in Systems Biology, LNCS, vol. 11773, 155–187.' mla: Guet, Calin C., et al. “Transient Memory in Gene Regulation.” 17th International Conference on Computational Methods in Systems Biology, vol. 11773, Springer Nature, 2019, pp. 155–87, doi:10.1007/978-3-030-31304-3_9. short: C.C. Guet, T.A. Henzinger, C. Igler, T. Petrov, A. Sezgin, in:, 17th International Conference on Computational Methods in Systems Biology, Springer Nature, 2019, pp. 155–187. conference: end_date: 2019-09-20 location: Trieste, Italy name: 'CMSB: Computational Methods in Systems Biology' start_date: 2019-09-18 date_created: 2019-12-04T16:07:50Z date_published: 2019-09-17T00:00:00Z date_updated: 2023-09-06T11:18:08Z day: '17' department: - _id: CaGu - _id: ToHe doi: 10.1007/978-3-030-31304-3_9 external_id: isi: - '000557875100009' intvolume: ' 11773' isi: 1 language: - iso: eng month: '09' oa_version: None page: 155-187 project: - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize - _id: 251EE76E-B435-11E9-9278-68D0E5697425 grant_number: '24573' name: Design principles underlying genetic switch architecture publication: 17th International Conference on Computational Methods in Systems Biology publication_identifier: eissn: - 1611-3349 isbn: - '9783030313036' - '9783030313043' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Transient memory in gene regulation type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11773 year: '2019' ... --- _id: '7228' abstract: - lang: eng text: "Traditional concurrent programming involves manipulating shared mutable state. Alternatives to this programming style are communicating sequential processes (CSP) and actor models, which share data via explicit communication. These models have been known for almost half a century, and have recently had started to gain significant traction among modern programming languages. The common abstraction for communication between several processes is the channel. Although channels are similar to producer-consumer data structures, they have different semantics and support additional operations, such as the select expression. Despite their growing popularity, most known implementations of channels use lock-based data structures and can be rather inefficient.\r\n\r\nIn this paper, we present the first efficient lock-free algorithm for implementing a communication channel for CSP programming. We provide implementations and experimental results in the Kotlin and Go programming languages. Our new algorithm outperforms existing implementations on many workloads, while providing non-blocking progress guarantee. Our design can serve as an example of how to construct general communication data structures for CSP and actor models. " alternative_title: - LNCS article_processing_charge: No author: - first_name: Nikita full_name: Koval, Nikita id: 2F4DB10C-F248-11E8-B48F-1D18A9856A87 last_name: Koval - first_name: Dan-Adrian full_name: Alistarh, Dan-Adrian id: 4A899BFC-F248-11E8-B48F-1D18A9856A87 last_name: Alistarh orcid: 0000-0003-3650-940X - first_name: Roman full_name: Elizarov, Roman last_name: Elizarov citation: ama: 'Koval N, Alistarh D-A, Elizarov R. Scalable FIFO channels for programming via communicating sequential processes. In: 25th Anniversary of Euro-Par. Vol 11725. Springer Nature; 2019:317-333. doi:10.1007/978-3-030-29400-7_23' apa: 'Koval, N., Alistarh, D.-A., & Elizarov, R. (2019). Scalable FIFO channels for programming via communicating sequential processes. In 25th Anniversary of Euro-Par (Vol. 11725, pp. 317–333). Göttingen, Germany: Springer Nature. https://doi.org/10.1007/978-3-030-29400-7_23' chicago: Koval, Nikita, Dan-Adrian Alistarh, and Roman Elizarov. “Scalable FIFO Channels for Programming via Communicating Sequential Processes.” In 25th Anniversary of Euro-Par, 11725:317–33. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-29400-7_23. ieee: N. Koval, D.-A. Alistarh, and R. Elizarov, “Scalable FIFO channels for programming via communicating sequential processes,” in 25th Anniversary of Euro-Par, Göttingen, Germany, 2019, vol. 11725, pp. 317–333. ista: 'Koval N, Alistarh D-A, Elizarov R. 2019. Scalable FIFO channels for programming via communicating sequential processes. 25th Anniversary of Euro-Par. Euro-Par: European Conference on Parallel Processing, LNCS, vol. 11725, 317–333.' mla: Koval, Nikita, et al. “Scalable FIFO Channels for Programming via Communicating Sequential Processes.” 25th Anniversary of Euro-Par, vol. 11725, Springer Nature, 2019, pp. 317–33, doi:10.1007/978-3-030-29400-7_23. short: N. Koval, D.-A. Alistarh, R. Elizarov, in:, 25th Anniversary of Euro-Par, Springer Nature, 2019, pp. 317–333. conference: end_date: 2019-08-30 location: Göttingen, Germany name: 'Euro-Par: European Conference on Parallel Processing' start_date: 2019-08-26 date_created: 2020-01-05T23:00:46Z date_published: 2019-08-13T00:00:00Z date_updated: 2023-09-06T14:53:59Z day: '13' department: - _id: DaAl doi: 10.1007/978-3-030-29400-7_23 external_id: isi: - '000851061400023' intvolume: ' 11725' isi: 1 language: - iso: eng month: '08' oa_version: None page: 317-333 publication: 25th Anniversary of Euro-Par publication_identifier: eissn: - 1611-3349 isbn: - 978-3-0302-9399-4 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Scalable FIFO channels for programming via communicating sequential processes type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11725 year: '2019' ... --- _id: '7231' abstract: - lang: eng text: Piecewise Barrier Tubes (PBT) is a new technique for flowpipe overapproximation for nonlinear systems with polynomial dynamics, which leverages a combination of barrier certificates. PBT has advantages over traditional time-step based methods in dealing with those nonlinear dynamical systems in which there is a large difference in speed between trajectories, producing an overapproximation that is time independent. However, the existing approach for PBT is not efficient due to the application of interval methods for enclosure-box computation, and it can only deal with continuous dynamical systems without uncertainty. In this paper, we extend the approach with the ability to handle both continuous and hybrid dynamical systems with uncertainty that can reside in parameters and/or noise. We also improve the efficiency of the method significantly, by avoiding the use of interval-based methods for the enclosure-box computation without loosing soundness. We have developed a C++ prototype implementing the proposed approach and we evaluate it on several benchmarks. The experiments show that our approach is more efficient and precise than other methods in the literature. alternative_title: - LNCS article_processing_charge: No author: - first_name: Hui full_name: Kong, Hui id: 3BDE25AA-F248-11E8-B48F-1D18A9856A87 last_name: Kong orcid: 0000-0002-3066-6941 - first_name: Ezio full_name: Bartocci, Ezio last_name: Bartocci - first_name: Yu full_name: Jiang, Yu last_name: Jiang - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000−0002−2985−7724 citation: ama: 'Kong H, Bartocci E, Jiang Y, Henzinger TA. Piecewise robust barrier tubes for nonlinear hybrid systems with uncertainty. In: 17th International Conference on Formal Modeling and Analysis of Timed Systems. Vol 11750. Springer Nature; 2019:123-141. doi:10.1007/978-3-030-29662-9_8' apa: 'Kong, H., Bartocci, E., Jiang, Y., & Henzinger, T. A. (2019). Piecewise robust barrier tubes for nonlinear hybrid systems with uncertainty. In 17th International Conference on Formal Modeling and Analysis of Timed Systems (Vol. 11750, pp. 123–141). Amsterdam, The Netherlands: Springer Nature. https://doi.org/10.1007/978-3-030-29662-9_8' chicago: Kong, Hui, Ezio Bartocci, Yu Jiang, and Thomas A Henzinger. “Piecewise Robust Barrier Tubes for Nonlinear Hybrid Systems with Uncertainty.” In 17th International Conference on Formal Modeling and Analysis of Timed Systems, 11750:123–41. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-29662-9_8. ieee: H. Kong, E. Bartocci, Y. Jiang, and T. A. Henzinger, “Piecewise robust barrier tubes for nonlinear hybrid systems with uncertainty,” in 17th International Conference on Formal Modeling and Analysis of Timed Systems, Amsterdam, The Netherlands, 2019, vol. 11750, pp. 123–141. ista: 'Kong H, Bartocci E, Jiang Y, Henzinger TA. 2019. Piecewise robust barrier tubes for nonlinear hybrid systems with uncertainty. 17th International Conference on Formal Modeling and Analysis of Timed Systems. FORMATS: Formal Modeling and Analysis of Timed Systems, LNCS, vol. 11750, 123–141.' mla: Kong, Hui, et al. “Piecewise Robust Barrier Tubes for Nonlinear Hybrid Systems with Uncertainty.” 17th International Conference on Formal Modeling and Analysis of Timed Systems, vol. 11750, Springer Nature, 2019, pp. 123–41, doi:10.1007/978-3-030-29662-9_8. short: H. Kong, E. Bartocci, Y. Jiang, T.A. Henzinger, in:, 17th International Conference on Formal Modeling and Analysis of Timed Systems, Springer Nature, 2019, pp. 123–141. conference: end_date: 2019-08-29 location: Amsterdam, The Netherlands name: 'FORMATS: Formal Modeling and Analysis of Timed Systems' start_date: 2019-08-27 date_created: 2020-01-05T23:00:47Z date_published: 2019-08-13T00:00:00Z date_updated: 2023-09-06T14:55:15Z day: '13' department: - _id: ToHe doi: 10.1007/978-3-030-29662-9_8 external_id: arxiv: - '1907.11514' isi: - '000611677700008' intvolume: ' 11750' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/1907.11514 month: '08' oa: 1 oa_version: Preprint page: 123-141 project: - _id: 25832EC2-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S 11407_N23 name: Rigorous Systems Engineering - _id: 25863FF4-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S11407 name: Game Theory - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: 17th International Conference on Formal Modeling and Analysis of Timed Systems publication_identifier: eissn: - 1611-3349 isbn: - 978-3-0302-9661-2 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Piecewise robust barrier tubes for nonlinear hybrid systems with uncertainty type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11750 year: '2019' ... --- _id: '7230' abstract: - lang: eng text: Simple drawings of graphs are those in which each pair of edges share at most one point, either a common endpoint or a proper crossing. In this paper we study the problem of extending a simple drawing D(G) of a graph G by inserting a set of edges from the complement of G into D(G) such that the result is a simple drawing. In the context of rectilinear drawings, the problem is trivial. For pseudolinear drawings, the existence of such an extension follows from Levi’s enlargement lemma. In contrast, we prove that deciding if a given set of edges can be inserted into a simple drawing is NP-complete. Moreover, we show that the maximization version of the problem is APX-hard. We also present a polynomial-time algorithm for deciding whether one edge uv can be inserted into D(G) when {u,v} is a dominating set for the graph G. alternative_title: - LNCS article_processing_charge: No author: - first_name: Alan M full_name: Arroyo Guevara, Alan M id: 3207FDC6-F248-11E8-B48F-1D18A9856A87 last_name: Arroyo Guevara orcid: 0000-0003-2401-8670 - first_name: Martin full_name: Derka, Martin last_name: Derka - first_name: Irene full_name: Parada, Irene last_name: Parada citation: ama: 'Arroyo Guevara AM, Derka M, Parada I. Extending simple drawings. In: 27th International Symposium on Graph Drawing and Network Visualization. Vol 11904. Springer Nature; 2019:230-243. doi:10.1007/978-3-030-35802-0_18' apa: 'Arroyo Guevara, A. M., Derka, M., & Parada, I. (2019). Extending simple drawings. In 27th International Symposium on Graph Drawing and Network Visualization (Vol. 11904, pp. 230–243). Prague, Czech Republic: Springer Nature. https://doi.org/10.1007/978-3-030-35802-0_18' chicago: Arroyo Guevara, Alan M, Martin Derka, and Irene Parada. “Extending Simple Drawings.” In 27th International Symposium on Graph Drawing and Network Visualization, 11904:230–43. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-35802-0_18. ieee: A. M. Arroyo Guevara, M. Derka, and I. Parada, “Extending simple drawings,” in 27th International Symposium on Graph Drawing and Network Visualization, Prague, Czech Republic, 2019, vol. 11904, pp. 230–243. ista: 'Arroyo Guevara AM, Derka M, Parada I. 2019. Extending simple drawings. 27th International Symposium on Graph Drawing and Network Visualization. GD: Graph Drawing and Network Visualization, LNCS, vol. 11904, 230–243.' mla: Arroyo Guevara, Alan M., et al. “Extending Simple Drawings.” 27th International Symposium on Graph Drawing and Network Visualization, vol. 11904, Springer Nature, 2019, pp. 230–43, doi:10.1007/978-3-030-35802-0_18. short: A.M. Arroyo Guevara, M. Derka, I. Parada, in:, 27th International Symposium on Graph Drawing and Network Visualization, Springer Nature, 2019, pp. 230–243. conference: end_date: 2019-09-20 location: Prague, Czech Republic name: 'GD: Graph Drawing and Network Visualization' start_date: 2019-09-17 date_created: 2020-01-05T23:00:47Z date_published: 2019-11-28T00:00:00Z date_updated: 2023-09-06T14:56:00Z day: '28' department: - _id: UlWa doi: 10.1007/978-3-030-35802-0_18 ec_funded: 1 external_id: arxiv: - '1908.08129' isi: - '000612918800018' intvolume: ' 11904' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/1908.08129 month: '11' oa: 1 oa_version: Preprint page: 230-243 project: - _id: 260C2330-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '754411' name: ISTplus - Postdoctoral Fellowships publication: 27th International Symposium on Graph Drawing and Network Visualization publication_identifier: eissn: - 1611-3349 isbn: - 978-3-0303-5801-3 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Extending simple drawings type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11904 year: '2019' ... --- _id: '7232' abstract: - lang: eng text: 'We present Mixed-time Signal Temporal Logic (STL−MX), a specification formalism which extends STL by capturing the discrete/ continuous time duality found in many cyber-physical systems (CPS), as well as mixed-signal electronic designs. In STL−MX, properties of components with continuous dynamics are expressed in STL, while specifications of components with discrete dynamics are written in LTL. To combine the two layers, we evaluate formulas on two traces, discrete- and continuous-time, and introduce two interface operators that map signals, properties and their satisfaction signals across the two time domains. We show that STL-mx has the expressive power of STL supplemented with an implicit T-periodic clock signal. We develop and implement an algorithm for monitoring STL-mx formulas and illustrate the approach using a mixed-signal example. ' alternative_title: - LNCS article_processing_charge: No author: - first_name: Thomas full_name: Ferrere, Thomas id: 40960E6E-F248-11E8-B48F-1D18A9856A87 last_name: Ferrere orcid: 0000-0001-5199-3143 - first_name: Oded full_name: Maler, Oded last_name: Maler - first_name: Dejan full_name: Nickovic, Dejan id: 41BCEE5C-F248-11E8-B48F-1D18A9856A87 last_name: Nickovic citation: ama: 'Ferrere T, Maler O, Nickovic D. Mixed-time signal temporal logic. In: 17th International Conference on Formal Modeling and Analysis of Timed Systems. Vol 11750. Springer Nature; 2019:59-75. doi:10.1007/978-3-030-29662-9_4' apa: 'Ferrere, T., Maler, O., & Nickovic, D. (2019). Mixed-time signal temporal logic. In 17th International Conference on Formal Modeling and Analysis of Timed Systems (Vol. 11750, pp. 59–75). Amsterdam, The Netherlands: Springer Nature. https://doi.org/10.1007/978-3-030-29662-9_4' chicago: Ferrere, Thomas, Oded Maler, and Dejan Nickovic. “Mixed-Time Signal Temporal Logic.” In 17th International Conference on Formal Modeling and Analysis of Timed Systems, 11750:59–75. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-29662-9_4. ieee: T. Ferrere, O. Maler, and D. Nickovic, “Mixed-time signal temporal logic,” in 17th International Conference on Formal Modeling and Analysis of Timed Systems, Amsterdam, The Netherlands, 2019, vol. 11750, pp. 59–75. ista: 'Ferrere T, Maler O, Nickovic D. 2019. Mixed-time signal temporal logic. 17th International Conference on Formal Modeling and Analysis of Timed Systems. FORMATS: Formal Modeling and Anaysis of Timed Systems, LNCS, vol. 11750, 59–75.' mla: Ferrere, Thomas, et al. “Mixed-Time Signal Temporal Logic.” 17th International Conference on Formal Modeling and Analysis of Timed Systems, vol. 11750, Springer Nature, 2019, pp. 59–75, doi:10.1007/978-3-030-29662-9_4. short: T. Ferrere, O. Maler, D. Nickovic, in:, 17th International Conference on Formal Modeling and Analysis of Timed Systems, Springer Nature, 2019, pp. 59–75. conference: end_date: 2019-08-29 location: Amsterdam, The Netherlands name: 'FORMATS: Formal Modeling and Anaysis of Timed Systems' start_date: 2019-08-27 date_created: 2020-01-05T23:00:48Z date_published: 2019-08-13T00:00:00Z date_updated: 2023-09-06T14:57:17Z day: '13' department: - _id: ToHe doi: 10.1007/978-3-030-29662-9_4 external_id: isi: - '000611677700004' intvolume: ' 11750' isi: 1 language: - iso: eng month: '08' oa_version: None page: 59-75 project: - _id: 25832EC2-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S 11407_N23 name: Rigorous Systems Engineering - _id: 25F42A32-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: Z211 name: The Wittgenstein Prize publication: 17th International Conference on Formal Modeling and Analysis of Timed Systems publication_identifier: eissn: - 1611-3349 isbn: - 978-3-0302-9661-2 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Mixed-time signal temporal logic type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11750 year: '2019' ... --- _id: '7411' abstract: - lang: eng text: "Proofs of sequential work (PoSW) are proof systems where a prover, upon receiving a statement χ and a time parameter T computes a proof ϕ(χ,T) which is efficiently and publicly verifiable. The proof can be computed in T sequential steps, but not much less, even by a malicious party having large parallelism. A PoSW thus serves as a proof that T units of time have passed since χ\r\n\r\nwas received.\r\n\r\nPoSW were introduced by Mahmoody, Moran and Vadhan [MMV11], a simple and practical construction was only recently proposed by Cohen and Pietrzak [CP18].\r\n\r\nIn this work we construct a new simple PoSW in the random permutation model which is almost as simple and efficient as [CP18] but conceptually very different. Whereas the structure underlying [CP18] is a hash tree, our construction is based on skip lists and has the interesting property that computing the PoSW is a reversible computation.\r\nThe fact that the construction is reversible can potentially be used for new applications like constructing proofs of replication. We also show how to “embed” the sloth function of Lenstra and Weselowski [LW17] into our PoSW to get a PoSW where one additionally can verify correctness of the output much more efficiently than recomputing it (though recent constructions of “verifiable delay functions” subsume most of the applications this construction was aiming at)." alternative_title: - LNCS article_processing_charge: No author: - first_name: Hamza M full_name: Abusalah, Hamza M id: 40297222-F248-11E8-B48F-1D18A9856A87 last_name: Abusalah - first_name: Chethan full_name: Kamath Hosdurg, Chethan id: 4BD3F30E-F248-11E8-B48F-1D18A9856A87 last_name: Kamath Hosdurg - first_name: Karen full_name: Klein, Karen id: 3E83A2F8-F248-11E8-B48F-1D18A9856A87 last_name: Klein - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 - first_name: Michael full_name: Walter, Michael id: 488F98B0-F248-11E8-B48F-1D18A9856A87 last_name: Walter orcid: 0000-0003-3186-2482 citation: ama: 'Abusalah HM, Kamath Hosdurg C, Klein K, Pietrzak KZ, Walter M. Reversible proofs of sequential work. In: Advances in Cryptology – EUROCRYPT 2019. Vol 11477. Springer International Publishing; 2019:277-291. doi:10.1007/978-3-030-17656-3_10' apa: 'Abusalah, H. M., Kamath Hosdurg, C., Klein, K., Pietrzak, K. Z., & Walter, M. (2019). Reversible proofs of sequential work. In Advances in Cryptology – EUROCRYPT 2019 (Vol. 11477, pp. 277–291). Darmstadt, Germany: Springer International Publishing. https://doi.org/10.1007/978-3-030-17656-3_10' chicago: Abusalah, Hamza M, Chethan Kamath Hosdurg, Karen Klein, Krzysztof Z Pietrzak, and Michael Walter. “Reversible Proofs of Sequential Work.” In Advances in Cryptology – EUROCRYPT 2019, 11477:277–91. Springer International Publishing, 2019. https://doi.org/10.1007/978-3-030-17656-3_10. ieee: H. M. Abusalah, C. Kamath Hosdurg, K. Klein, K. Z. Pietrzak, and M. Walter, “Reversible proofs of sequential work,” in Advances in Cryptology – EUROCRYPT 2019, Darmstadt, Germany, 2019, vol. 11477, pp. 277–291. ista: Abusalah HM, Kamath Hosdurg C, Klein K, Pietrzak KZ, Walter M. 2019. Reversible proofs of sequential work. Advances in Cryptology – EUROCRYPT 2019. International Conference on the Theory and Applications of Cryptographic Techniques, LNCS, vol. 11477, 277–291. mla: Abusalah, Hamza M., et al. “Reversible Proofs of Sequential Work.” Advances in Cryptology – EUROCRYPT 2019, vol. 11477, Springer International Publishing, 2019, pp. 277–91, doi:10.1007/978-3-030-17656-3_10. short: H.M. Abusalah, C. Kamath Hosdurg, K. Klein, K.Z. Pietrzak, M. Walter, in:, Advances in Cryptology – EUROCRYPT 2019, Springer International Publishing, 2019, pp. 277–291. conference: end_date: 2019-05-23 location: Darmstadt, Germany name: International Conference on the Theory and Applications of Cryptographic Techniques start_date: 2019-05-19 date_created: 2020-01-30T09:26:14Z date_published: 2019-04-24T00:00:00Z date_updated: 2023-09-06T15:26:06Z day: '24' department: - _id: KrPi doi: 10.1007/978-3-030-17656-3_10 ec_funded: 1 external_id: isi: - '000483516200010' intvolume: ' 11477' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2019/252 month: '04' oa: 1 oa_version: Submitted Version page: 277-291 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: Advances in Cryptology – EUROCRYPT 2019 publication_identifier: eissn: - 1611-3349 isbn: - '9783030176556' - '9783030176563' issn: - 0302-9743 publication_status: published publisher: Springer International Publishing quality_controlled: '1' scopus_import: '1' status: public title: Reversible proofs of sequential work type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11477 year: '2019' ... --- _id: '6482' abstract: - lang: eng text: 'Computer vision systems for automatic image categorization have become accurate and reliable enough that they can run continuously for days or even years as components of real-world commercial applications. A major open problem in this context, however, is quality control. Good classification performance can only be expected if systems run under the specific conditions, in particular data distributions, that they were trained for. Surprisingly, none of the currently used deep network architectures have a built-in functionality that could detect if a network operates on data from a distribution it was not trained for, such that potentially a warning to the human users could be triggered. In this work, we describe KS(conf), a procedure for detecting such outside of specifications (out-of-specs) operation, based on statistical testing of the network outputs. We show by extensive experiments using the ImageNet, AwA2 and DAVIS datasets on a variety of ConvNets architectures that KS(conf) reliably detects out-of-specs situations. It furthermore has a number of properties that make it a promising candidate for practical deployment: it is easy to implement, adds almost no overhead to the system, works with all networks, including pretrained ones, and requires no a priori knowledge of how the data distribution could change. ' alternative_title: - LNCS article_processing_charge: No author: - first_name: Rémy full_name: Sun, Rémy last_name: Sun - first_name: Christoph full_name: Lampert, Christoph id: 40C20FD2-F248-11E8-B48F-1D18A9856A87 last_name: Lampert orcid: 0000-0001-8622-7887 citation: ama: 'Sun R, Lampert C. KS(conf): A light-weight test if a ConvNet operates outside of Its specifications. In: Vol 11269. Springer Nature; 2019:244-259. doi:10.1007/978-3-030-12939-2_18' apa: 'Sun, R., & Lampert, C. (2019). KS(conf): A light-weight test if a ConvNet operates outside of Its specifications (Vol. 11269, pp. 244–259). Presented at the GCPR: Conference on Pattern Recognition, Stuttgart, Germany: Springer Nature. https://doi.org/10.1007/978-3-030-12939-2_18' chicago: 'Sun, Rémy, and Christoph Lampert. “KS(Conf): A Light-Weight Test If a ConvNet Operates Outside of Its Specifications,” 11269:244–59. Springer Nature, 2019. https://doi.org/10.1007/978-3-030-12939-2_18.' ieee: 'R. Sun and C. Lampert, “KS(conf): A light-weight test if a ConvNet operates outside of Its specifications,” presented at the GCPR: Conference on Pattern Recognition, Stuttgart, Germany, 2019, vol. 11269, pp. 244–259.' ista: 'Sun R, Lampert C. 2019. KS(conf): A light-weight test if a ConvNet operates outside of Its specifications. GCPR: Conference on Pattern Recognition, LNCS, vol. 11269, 244–259.' mla: 'Sun, Rémy, and Christoph Lampert. KS(Conf): A Light-Weight Test If a ConvNet Operates Outside of Its Specifications. Vol. 11269, Springer Nature, 2019, pp. 244–59, doi:10.1007/978-3-030-12939-2_18.' short: R. Sun, C. Lampert, in:, Springer Nature, 2019, pp. 244–259. conference: end_date: 2018-10-12 location: Stuttgart, Germany name: 'GCPR: Conference on Pattern Recognition' start_date: 2018-10-09 date_created: 2019-05-24T09:48:36Z date_published: 2019-02-14T00:00:00Z date_updated: 2024-02-22T14:57:29Z day: '14' department: - _id: ChLa doi: 10.1007/978-3-030-12939-2_18 ec_funded: 1 external_id: arxiv: - '1804.04171' intvolume: ' 11269' language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/1804.04171 month: '02' oa: 1 oa_version: Preprint page: 244-259 project: - _id: 2532554C-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '308036' name: Lifelong Learning of Visual Scene Understanding publication_identifier: eissn: - 1611-3349 isbn: - '9783030129385' - '9783030129392' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '6944' relation: later_version status: public scopus_import: '1' status: public title: 'KS(conf): A light-weight test if a ConvNet operates outside of Its specifications' type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 11269 year: '2019' ... --- _id: '6164' abstract: - lang: eng text: In this paper, we propose an algorithm to build discrete spherical shell having integer center and real-valued inner and outer radii on the face-centered cubic (FCC) grid. We address the problem by mapping it to a 2D scenario and building the shell layer by layer on hexagonal grids with additive manufacturing in mind. The layered hexagonal grids get shifted according to need as we move from one layer to another and forms the FCC grid in 3D. However, we restrict our computation strictly to 2D in order to utilize symmetry and simplicity. alternative_title: - LNCS article_processing_charge: No author: - first_name: Girish full_name: Koshti, Girish last_name: Koshti - first_name: Ranita full_name: Biswas, Ranita id: 3C2B033E-F248-11E8-B48F-1D18A9856A87 last_name: Biswas orcid: 0000-0002-5372-7890 - first_name: Gaëlle full_name: Largeteau-Skapin, Gaëlle last_name: Largeteau-Skapin - first_name: Rita full_name: Zrour, Rita last_name: Zrour - first_name: Eric full_name: Andres, Eric last_name: Andres - first_name: Partha full_name: Bhowmick, Partha last_name: Bhowmick citation: ama: 'Koshti G, Biswas R, Largeteau-Skapin G, Zrour R, Andres E, Bhowmick P. Sphere construction on the FCC grid interpreted as layered hexagonal grids in 3D. In: 19th International Workshop. Vol 11255. Cham: Springer; 2018:82-96. doi:10.1007/978-3-030-05288-1_7' apa: 'Koshti, G., Biswas, R., Largeteau-Skapin, G., Zrour, R., Andres, E., & Bhowmick, P. (2018). Sphere construction on the FCC grid interpreted as layered hexagonal grids in 3D. In 19th International Workshop (Vol. 11255, pp. 82–96). Cham: Springer. https://doi.org/10.1007/978-3-030-05288-1_7' chicago: 'Koshti, Girish, Ranita Biswas, Gaëlle Largeteau-Skapin, Rita Zrour, Eric Andres, and Partha Bhowmick. “Sphere Construction on the FCC Grid Interpreted as Layered Hexagonal Grids in 3D.” In 19th International Workshop, 11255:82–96. Cham: Springer, 2018. https://doi.org/10.1007/978-3-030-05288-1_7.' ieee: G. Koshti, R. Biswas, G. Largeteau-Skapin, R. Zrour, E. Andres, and P. Bhowmick, “Sphere construction on the FCC grid interpreted as layered hexagonal grids in 3D,” in 19th International Workshop, Porto, Portugal, 2018, vol. 11255, pp. 82–96. ista: 'Koshti G, Biswas R, Largeteau-Skapin G, Zrour R, Andres E, Bhowmick P. 2018. Sphere construction on the FCC grid interpreted as layered hexagonal grids in 3D. 19th International Workshop. IWCIA: International Workshop on Combinatorial Image Analysis, LNCS, vol. 11255, 82–96.' mla: Koshti, Girish, et al. “Sphere Construction on the FCC Grid Interpreted as Layered Hexagonal Grids in 3D.” 19th International Workshop, vol. 11255, Springer, 2018, pp. 82–96, doi:10.1007/978-3-030-05288-1_7. short: G. Koshti, R. Biswas, G. Largeteau-Skapin, R. Zrour, E. Andres, P. Bhowmick, in:, 19th International Workshop, Springer, Cham, 2018, pp. 82–96. conference: end_date: 2018-11-24 location: Porto, Portugal name: 'IWCIA: International Workshop on Combinatorial Image Analysis' start_date: 2018-11-22 date_created: 2019-03-21T12:16:58Z date_published: 2018-11-22T00:00:00Z date_updated: 2022-01-27T15:26:39Z day: '22' doi: 10.1007/978-3-030-05288-1_7 extern: '1' intvolume: ' 11255' language: - iso: eng month: '11' oa_version: None page: 82-96 place: Cham publication: 19th International Workshop publication_identifier: eisbn: - 978-3-030-05288-1 eissn: - 1611-3349 isbn: - 978-3-030-05287-4 issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' status: public title: Sphere construction on the FCC grid interpreted as layered hexagonal grids in 3D type: conference user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9 volume: 11255 year: '2018' ... --- _id: '6941' abstract: - lang: eng text: "Bitcoin has become the most successful cryptocurrency ever deployed, and its most distinctive feature is that it is decentralized. Its underlying protocol (Nakamoto consensus) achieves this by using proof of work, which has the drawback that it causes the consumption of vast amounts of energy to maintain the ledger. Moreover, Bitcoin mining dynamics have become less distributed over time.\r\n\r\nTowards addressing these issues, we propose SpaceMint, a cryptocurrency based on proofs of space instead of proofs of work. Miners in SpaceMint dedicate disk space rather than computation. We argue that SpaceMint’s design solves or alleviates several of Bitcoin’s issues: most notably, its large energy consumption. SpaceMint also rewards smaller miners fairly according to their contribution to the network, thus incentivizing more distributed participation.\r\n\r\nThis paper adapts proof of space to enable its use in cryptocurrency, studies the attacks that can arise against a Bitcoin-like blockchain that uses proof of space, and proposes a new blockchain format and transaction types to address these attacks. Our prototype shows that initializing 1 TB for mining takes about a day (a one-off setup cost), and miners spend on average just a fraction of a second per block mined. Finally, we provide a game-theoretic analysis modeling SpaceMint as an extensive game (the canonical game-theoretic notion for games that take place over time) and show that this stylized game satisfies a strong equilibrium notion, thereby arguing for SpaceMint ’s stability and consensus." alternative_title: - LNCS article_processing_charge: No author: - first_name: Sunoo full_name: Park, Sunoo last_name: Park - first_name: Albert full_name: Kwon, Albert last_name: Kwon - first_name: Georg full_name: Fuchsbauer, Georg id: 46B4C3EE-F248-11E8-B48F-1D18A9856A87 last_name: Fuchsbauer - first_name: Peter full_name: Gazi, Peter id: 3E0BFE38-F248-11E8-B48F-1D18A9856A87 last_name: Gazi - first_name: Joel F full_name: Alwen, Joel F id: 2A8DFA8C-F248-11E8-B48F-1D18A9856A87 last_name: Alwen - first_name: Krzysztof Z full_name: Pietrzak, Krzysztof Z id: 3E04A7AA-F248-11E8-B48F-1D18A9856A87 last_name: Pietrzak orcid: 0000-0002-9139-1654 citation: ama: 'Park S, Kwon A, Fuchsbauer G, Gazi P, Alwen JF, Pietrzak KZ. SpaceMint: A cryptocurrency based on proofs of space. In: 22nd International Conference on Financial Cryptography and Data Security. Vol 10957. Springer Nature; 2018:480-499. doi:10.1007/978-3-662-58387-6_26' apa: 'Park, S., Kwon, A., Fuchsbauer, G., Gazi, P., Alwen, J. F., & Pietrzak, K. Z. (2018). SpaceMint: A cryptocurrency based on proofs of space. In 22nd International Conference on Financial Cryptography and Data Security (Vol. 10957, pp. 480–499). Nieuwpoort, Curacao: Springer Nature. https://doi.org/10.1007/978-3-662-58387-6_26' chicago: 'Park, Sunoo, Albert Kwon, Georg Fuchsbauer, Peter Gazi, Joel F Alwen, and Krzysztof Z Pietrzak. “SpaceMint: A Cryptocurrency Based on Proofs of Space.” In 22nd International Conference on Financial Cryptography and Data Security, 10957:480–99. Springer Nature, 2018. https://doi.org/10.1007/978-3-662-58387-6_26.' ieee: 'S. Park, A. Kwon, G. Fuchsbauer, P. Gazi, J. F. Alwen, and K. Z. Pietrzak, “SpaceMint: A cryptocurrency based on proofs of space,” in 22nd International Conference on Financial Cryptography and Data Security, Nieuwpoort, Curacao, 2018, vol. 10957, pp. 480–499.' ista: 'Park S, Kwon A, Fuchsbauer G, Gazi P, Alwen JF, Pietrzak KZ. 2018. SpaceMint: A cryptocurrency based on proofs of space. 22nd International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 10957, 480–499.' mla: 'Park, Sunoo, et al. “SpaceMint: A Cryptocurrency Based on Proofs of Space.” 22nd International Conference on Financial Cryptography and Data Security, vol. 10957, Springer Nature, 2018, pp. 480–99, doi:10.1007/978-3-662-58387-6_26.' short: S. Park, A. Kwon, G. Fuchsbauer, P. Gazi, J.F. Alwen, K.Z. Pietrzak, in:, 22nd International Conference on Financial Cryptography and Data Security, Springer Nature, 2018, pp. 480–499. conference: end_date: 2018-03-02 location: Nieuwpoort, Curacao name: 'FC: Financial Cryptography and Data Security' start_date: 2018-02-26 date_created: 2019-10-14T06:35:38Z date_published: 2018-12-07T00:00:00Z date_updated: 2023-09-19T15:02:13Z day: '07' department: - _id: KrPi doi: 10.1007/978-3-662-58387-6_26 ec_funded: 1 external_id: isi: - '000540656400026' intvolume: ' 10957' isi: 1 language: - iso: eng main_file_link: - open_access: '1' url: https://eprint.iacr.org/2015/528 month: '12' oa: 1 oa_version: Submitted Version page: 480-499 project: - _id: 258AA5B2-B435-11E9-9278-68D0E5697425 call_identifier: H2020 grant_number: '682815' name: Teaching Old Crypto New Tricks publication: 22nd International Conference on Financial Cryptography and Data Security publication_identifier: eissn: - 1611-3349 isbn: - '9783662583869' - '9783662583876' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: 'SpaceMint: A cryptocurrency based on proofs of space' type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 10957 year: '2018' ... --- _id: '5801' abstract: - lang: eng text: Space filling circles and spheres have various applications in mathematical imaging and physical modeling. In this paper, we first show how the thinnest (i.e., 2-minimal) model of digital sphere can be augmented to a space filling model by fixing certain “simple voxels” and “filler voxels” associated with it. Based on elementary number-theoretic properties of such voxels, we design an efficient incremental algorithm for generation of these space filling spheres with successively increasing radius. The novelty of the proposed technique is established further through circular space filling on 3D digital plane. As evident from a preliminary set of experimental result, this can particularly be useful for parallel computing of 3D Voronoi diagrams in the digital space. alternative_title: - LNCS article_processing_charge: No author: - first_name: Shivam full_name: Dwivedi, Shivam last_name: Dwivedi - first_name: Aniket full_name: Gupta, Aniket last_name: Gupta - first_name: Siddhant full_name: Roy, Siddhant last_name: Roy - first_name: Ranita full_name: Biswas, Ranita id: 3C2B033E-F248-11E8-B48F-1D18A9856A87 last_name: Biswas orcid: 0000-0002-5372-7890 - first_name: Partha full_name: Bhowmick, Partha last_name: Bhowmick citation: ama: 'Dwivedi S, Gupta A, Roy S, Biswas R, Bhowmick P. Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space. In: 20th IAPR International Conference. Vol 10502. Cham: Springer Nature; 2017:347-359. doi:10.1007/978-3-319-66272-5_28' apa: 'Dwivedi, S., Gupta, A., Roy, S., Biswas, R., & Bhowmick, P. (2017). Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space. In 20th IAPR International Conference (Vol. 10502, pp. 347–359). Cham: Springer Nature. https://doi.org/10.1007/978-3-319-66272-5_28' chicago: 'Dwivedi, Shivam, Aniket Gupta, Siddhant Roy, Ranita Biswas, and Partha Bhowmick. “Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space.” In 20th IAPR International Conference, 10502:347–59. Cham: Springer Nature, 2017. https://doi.org/10.1007/978-3-319-66272-5_28.' ieee: S. Dwivedi, A. Gupta, S. Roy, R. Biswas, and P. Bhowmick, “Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space,” in 20th IAPR International Conference, Vienna, Austria, 2017, vol. 10502, pp. 347–359. ista: 'Dwivedi S, Gupta A, Roy S, Biswas R, Bhowmick P. 2017. Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space. 20th IAPR International Conference. DGCI: International Conference on Discrete Geometry for Computer Imagery, LNCS, vol. 10502, 347–359.' mla: Dwivedi, Shivam, et al. “Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space.” 20th IAPR International Conference, vol. 10502, Springer Nature, 2017, pp. 347–59, doi:10.1007/978-3-319-66272-5_28. short: S. Dwivedi, A. Gupta, S. Roy, R. Biswas, P. Bhowmick, in:, 20th IAPR International Conference, Springer Nature, Cham, 2017, pp. 347–359. conference: end_date: 2017-09-21 location: Vienna, Austria name: 'DGCI: International Conference on Discrete Geometry for Computer Imagery' start_date: 2017-09-19 date_created: 2019-01-08T20:42:22Z date_published: 2017-08-22T00:00:00Z date_updated: 2022-01-27T15:34:25Z day: '22' doi: 10.1007/978-3-319-66272-5_28 extern: '1' intvolume: ' 10502' language: - iso: eng month: '08' oa_version: None page: 347-359 place: Cham publication: 20th IAPR International Conference publication_identifier: eisbn: - 978-3-319-66272-5 eissn: - 1611-3349 isbn: - 978-3-319-66271-8 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: Fast and Efficient Incremental Algorithms for Circular and Spherical Propagation in Integer Space type: conference user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9 volume: 10502 year: '2017' ... --- _id: '5802' abstract: - lang: eng text: This papers introduces a definition of digital primitives based on focal points and weighted distances (with positive weights). The proposed definition is applicable to general dimensions and covers in its gamut various regular curves and surfaces like circles, ellipses, digital spheres and hyperspheres, ellipsoids and k-ellipsoids, Cartesian k-ovals, etc. Several interesting properties are presented for this class of digital primitives such as space partitioning, topological separation, and connectivity properties. To demonstrate further the potential of this new way of defining digital primitives, we propose, as extension, another class of digital conics defined by focus-directrix combination. alternative_title: - LNCS article_processing_charge: No author: - first_name: Eric full_name: Andres, Eric last_name: Andres - first_name: Ranita full_name: Biswas, Ranita id: 3C2B033E-F248-11E8-B48F-1D18A9856A87 last_name: Biswas orcid: 0000-0002-5372-7890 - first_name: Partha full_name: Bhowmick, Partha last_name: Bhowmick citation: ama: 'Andres E, Biswas R, Bhowmick P. Digital primitives defined by weighted focal set. In: 20th IAPR International Conference. Vol 10502. Cham: Springer Nature; 2017:388-398. doi:10.1007/978-3-319-66272-5_31' apa: 'Andres, E., Biswas, R., & Bhowmick, P. (2017). Digital primitives defined by weighted focal set. In 20th IAPR International Conference (Vol. 10502, pp. 388–398). Cham: Springer Nature. https://doi.org/10.1007/978-3-319-66272-5_31' chicago: 'Andres, Eric, Ranita Biswas, and Partha Bhowmick. “Digital Primitives Defined by Weighted Focal Set.” In 20th IAPR International Conference, 10502:388–98. Cham: Springer Nature, 2017. https://doi.org/10.1007/978-3-319-66272-5_31.' ieee: E. Andres, R. Biswas, and P. Bhowmick, “Digital primitives defined by weighted focal set,” in 20th IAPR International Conference, Vienna, Austria, 2017, vol. 10502, pp. 388–398. ista: 'Andres E, Biswas R, Bhowmick P. 2017. Digital primitives defined by weighted focal set. 20th IAPR International Conference. DGCI: International Conference on Discrete Geometry for Computer Imagery, LNCS, vol. 10502, 388–398.' mla: Andres, Eric, et al. “Digital Primitives Defined by Weighted Focal Set.” 20th IAPR International Conference, vol. 10502, Springer Nature, 2017, pp. 388–98, doi:10.1007/978-3-319-66272-5_31. short: E. Andres, R. Biswas, P. Bhowmick, in:, 20th IAPR International Conference, Springer Nature, Cham, 2017, pp. 388–398. conference: end_date: 2017-09-21 location: Vienna, Austria name: 'DGCI: International Conference on Discrete Geometry for Computer Imagery' start_date: 2017-09-19 date_created: 2019-01-08T20:42:39Z date_published: 2017-08-22T00:00:00Z date_updated: 2022-01-27T15:38:35Z day: '22' doi: 10.1007/978-3-319-66272-5_31 extern: '1' intvolume: ' 10502' language: - iso: eng month: '08' oa_version: None page: 388-398 place: Cham publication: 20th IAPR International Conference publication_identifier: eisbn: - 978-3-319-66272-5 eissn: - 1611-3349 isbn: - 978-3-319-66271-8 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: Digital primitives defined by weighted focal set type: conference user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9 volume: 10502 year: '2017' ... --- _id: '13160' abstract: - lang: eng text: "Transforming deterministic ω\r\n-automata into deterministic parity automata is traditionally done using variants of appearance records. We present a more efficient variant of this approach, tailored to Rabin automata, and several optimizations applicable to all appearance records. We compare the methods experimentally and find out that our method produces smaller automata than previous approaches. Moreover, the experiments demonstrate the potential of our method for LTL synthesis, using LTL-to-Rabin translators. It leads to significantly smaller parity automata when compared to state-of-the-art approaches on complex formulae." acknowledgement: This work is partially funded by the DFG project “Verified Model Checkers” and by the Czech Science Foundation, grant No. P202/12/G061. alternative_title: - LNCS article_processing_charge: No author: - first_name: Jan full_name: Kretinsky, Jan id: 44CEF464-F248-11E8-B48F-1D18A9856A87 last_name: Kretinsky orcid: 0000-0002-8122-2881 - first_name: Tobias full_name: Meggendorfer, Tobias id: b21b0c15-30a2-11eb-80dc-f13ca25802e1 last_name: Meggendorfer orcid: 0000-0002-1712-2165 - first_name: Clara full_name: Waldmann, Clara last_name: Waldmann - first_name: Maximilian full_name: Weininger, Maximilian last_name: Weininger citation: ama: 'Kretinsky J, Meggendorfer T, Waldmann C, Weininger M. Index appearance record for transforming Rabin automata into parity automata. In: Tools and Algorithms for the Construction and Analysis of Systems. Vol 10205. Springer; 2017:443-460. doi:10.1007/978-3-662-54577-5_26' apa: 'Kretinsky, J., Meggendorfer, T., Waldmann, C., & Weininger, M. (2017). Index appearance record for transforming Rabin automata into parity automata. In Tools and Algorithms for the Construction and Analysis of Systems (Vol. 10205, pp. 443–460). Uppsala, Sweden: Springer. https://doi.org/10.1007/978-3-662-54577-5_26' chicago: Kretinsky, Jan, Tobias Meggendorfer, Clara Waldmann, and Maximilian Weininger. “Index Appearance Record for Transforming Rabin Automata into Parity Automata.” In Tools and Algorithms for the Construction and Analysis of Systems, 10205:443–60. Springer, 2017. https://doi.org/10.1007/978-3-662-54577-5_26. ieee: J. Kretinsky, T. Meggendorfer, C. Waldmann, and M. Weininger, “Index appearance record for transforming Rabin automata into parity automata,” in Tools and Algorithms for the Construction and Analysis of Systems, Uppsala, Sweden, 2017, vol. 10205, pp. 443–460. ista: 'Kretinsky J, Meggendorfer T, Waldmann C, Weininger M. 2017. Index appearance record for transforming Rabin automata into parity automata. Tools and Algorithms for the Construction and Analysis of Systems. TACAS: Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 10205, 443–460.' mla: Kretinsky, Jan, et al. “Index Appearance Record for Transforming Rabin Automata into Parity Automata.” Tools and Algorithms for the Construction and Analysis of Systems, vol. 10205, Springer, 2017, pp. 443–60, doi:10.1007/978-3-662-54577-5_26. short: J. Kretinsky, T. Meggendorfer, C. Waldmann, M. Weininger, in:, Tools and Algorithms for the Construction and Analysis of Systems, Springer, 2017, pp. 443–460. conference: end_date: 2017-04-29 location: Uppsala, Sweden name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2017-04-22 date_created: 2023-06-21T13:21:14Z date_published: 2017-03-31T00:00:00Z date_updated: 2023-06-21T13:29:46Z day: '31' department: - _id: KrCh doi: 10.1007/978-3-662-54577-5_26 external_id: arxiv: - '1701.05738' intvolume: ' 10205' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.48550/arXiv.1701.05738 month: '03' oa: 1 oa_version: Preprint page: 443-460 publication: Tools and Algorithms for the Construction and Analysis of Systems publication_identifier: eisbn: - '9783662545775' eissn: - 1611-3349 isbn: - '9783662545768' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' status: public title: Index appearance record for transforming Rabin automata into parity automata type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 10205 year: '2017' ... --- _id: '5805' abstract: - lang: eng text: Discretization of sphere in the integer space follows a particular discretization scheme, which, in principle, conforms to some topological model. This eventually gives rise to interesting topological properties of a discrete spherical surface, which need to be investigated for its analytical characterization. This paper presents some novel results on the local topological properties of the naive model of discrete sphere. They follow from the bijection of each quadraginta octant of naive sphere with its projection map called f -map on the corresponding functional plane and from the characterization of certain jumps in the f-map. As an application, we have shown how these properties can be used in designing an efficient reconstruction algorithm for a naive spherical surface from an input voxel set when it is sparse or noisy. alternative_title: - LNCS article_processing_charge: No author: - first_name: Nabhasmita full_name: Sen, Nabhasmita last_name: Sen - first_name: Ranita full_name: Biswas, Ranita id: 3C2B033E-F248-11E8-B48F-1D18A9856A87 last_name: Biswas orcid: 0000-0002-5372-7890 - first_name: Partha full_name: Bhowmick, Partha last_name: Bhowmick citation: ama: 'Sen N, Biswas R, Bhowmick P. On some local topological properties of naive discrete sphere. In: Computational Topology in Image Context. Vol 9667. Cham: Springer Nature; 2016:253-264. doi:10.1007/978-3-319-39441-1_23' apa: 'Sen, N., Biswas, R., & Bhowmick, P. (2016). On some local topological properties of naive discrete sphere. In Computational Topology in Image Context (Vol. 9667, pp. 253–264). Cham: Springer Nature. https://doi.org/10.1007/978-3-319-39441-1_23' chicago: 'Sen, Nabhasmita, Ranita Biswas, and Partha Bhowmick. “On Some Local Topological Properties of Naive Discrete Sphere.” In Computational Topology in Image Context, 9667:253–64. Cham: Springer Nature, 2016. https://doi.org/10.1007/978-3-319-39441-1_23.' ieee: 'N. Sen, R. Biswas, and P. Bhowmick, “On some local topological properties of naive discrete sphere,” in Computational Topology in Image Context, vol. 9667, Cham: Springer Nature, 2016, pp. 253–264.' ista: 'Sen N, Biswas R, Bhowmick P. 2016.On some local topological properties of naive discrete sphere. In: Computational Topology in Image Context. LNCS, vol. 9667, 253–264.' mla: Sen, Nabhasmita, et al. “On Some Local Topological Properties of Naive Discrete Sphere.” Computational Topology in Image Context, vol. 9667, Springer Nature, 2016, pp. 253–64, doi:10.1007/978-3-319-39441-1_23. short: N. Sen, R. Biswas, P. Bhowmick, in:, Computational Topology in Image Context, Springer Nature, Cham, 2016, pp. 253–264. conference: end_date: 2016-06-17 location: Marseille, France name: 'CTIC: Computational Topology in Image Context' start_date: 2016-06-15 date_created: 2019-01-08T20:44:24Z date_published: 2016-06-02T00:00:00Z date_updated: 2022-01-28T08:01:22Z day: '02' department: - _id: HeEd doi: 10.1007/978-3-319-39441-1_23 extern: '1' intvolume: ' 9667' language: - iso: eng month: '06' oa_version: None page: 253-264 place: Cham publication: Computational Topology in Image Context publication_identifier: eisbn: - 978-3-319-39441-1 eissn: - 1611-3349 isbn: - 978-3-319-39440-4 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: On some local topological properties of naive discrete sphere type: book_chapter user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9 volume: 9667 year: '2016' ... --- _id: '5809' abstract: - lang: eng text: A discrete spherical circle is a topologically well-connected 3D circle in the integer space, which belongs to a discrete sphere as well as a discrete plane. It is one of the most important 3D geometric primitives, but has not possibly yet been studied up to its merit. This paper is a maiden exposition of some of its elementary properties, which indicates a sense of its profound theoretical prospects in the framework of digital geometry. We have shown how different types of discretization can lead to forbidden and admissible classes, when one attempts to define the discretization of a spherical circle in terms of intersection between a discrete sphere and a discrete plane. Several fundamental theoretical results have been presented, the algorithm for construction of discrete spherical circles has been discussed, and some test results have been furnished to demonstrate its practicality and usefulness. article_processing_charge: No author: - first_name: Ranita full_name: Biswas, Ranita id: 3C2B033E-F248-11E8-B48F-1D18A9856A87 last_name: Biswas orcid: 0000-0002-5372-7890 - first_name: Partha full_name: Bhowmick, Partha last_name: Bhowmick - first_name: Valentin E. full_name: Brimkov, Valentin E. last_name: Brimkov citation: ama: 'Biswas R, Bhowmick P, Brimkov VE. On the connectivity and smoothness of discrete spherical circles. In: Combinatorial Image Analysis. Vol 9448. Cham: Springer Nature; 2016:86-100. doi:10.1007/978-3-319-26145-4_7' apa: 'Biswas, R., Bhowmick, P., & Brimkov, V. E. (2016). On the connectivity and smoothness of discrete spherical circles. In Combinatorial image analysis (Vol. 9448, pp. 86–100). Cham: Springer Nature. https://doi.org/10.1007/978-3-319-26145-4_7' chicago: 'Biswas, Ranita, Partha Bhowmick, and Valentin E. Brimkov. “On the Connectivity and Smoothness of Discrete Spherical Circles.” In Combinatorial Image Analysis, 9448:86–100. Cham: Springer Nature, 2016. https://doi.org/10.1007/978-3-319-26145-4_7.' ieee: 'R. Biswas, P. Bhowmick, and V. E. Brimkov, “On the connectivity and smoothness of discrete spherical circles,” in Combinatorial image analysis, vol. 9448, Cham: Springer Nature, 2016, pp. 86–100.' ista: 'Biswas R, Bhowmick P, Brimkov VE. 2016.On the connectivity and smoothness of discrete spherical circles. In: Combinatorial image analysis. vol. 9448, 86–100.' mla: Biswas, Ranita, et al. “On the Connectivity and Smoothness of Discrete Spherical Circles.” Combinatorial Image Analysis, vol. 9448, Springer Nature, 2016, pp. 86–100, doi:10.1007/978-3-319-26145-4_7. short: R. Biswas, P. Bhowmick, V.E. Brimkov, in:, Combinatorial Image Analysis, Springer Nature, Cham, 2016, pp. 86–100. conference: end_date: 2015-11-27 location: Kolkata, India name: 'IWCIA: International Workshop on Combinatorial Image Analysis' start_date: 2015-11-24 date_created: 2019-01-08T20:45:19Z date_published: 2016-01-06T00:00:00Z date_updated: 2022-01-28T08:13:03Z day: '06' department: - _id: HeEd doi: 10.1007/978-3-319-26145-4_7 extern: '1' intvolume: ' 9448' language: - iso: eng month: '01' oa_version: None page: 86-100 place: Cham publication: Combinatorial image analysis publication_identifier: eisbn: - 978-3-319-26145-4 eissn: - 1611-3349 isbn: - 978-3-319-26144-7 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' status: public title: On the connectivity and smoothness of discrete spherical circles type: book_chapter user_id: 8b945eb4-e2f2-11eb-945a-df72226e66a9 volume: 9448 year: '2016' ... --- _id: '1094' abstract: - lang: eng text: Immunogold labeling of freeze-fracture replicas has recently been used for high-resolution visualization of protein localization in electron microscopy. This method has higher labeling efficiency than conventional immunogold methods for membrane molecules allowing precise quantitative measurements. However, one of the limitations of freeze-fracture replica immunolabeling is difficulty in keeping structural orientation and identifying labeled profiles in complex tissues like brain. The difficulty is partly due to fragmentation of freeze-fracture replica preparations during labeling procedures and limited morphological clues on the replica surface. To overcome these issues, we introduce here a grid-glued replica method combined with SEM observation. This method allows histological staining before dissolving the tissue and easy handling of replicas during immunogold labeling, and keeps the whole replica surface intact without fragmentation. The procedure described here is also useful for matched double-replica analysis allowing further identification of labeled profiles in corresponding P-face and E-face. acknowledged_ssus: - _id: EM-Fac acknowledgement: 'We thank Prof. Elek Molnár for providing us a pan-AMPAR anti-body used in Fig.2 and Dr. Ludek Lovicar for technical assistance in scanning electron microscope imaging. This work was supported by the European Union (HBP—Project Ref. 604102). ' alternative_title: - Methods in Molecular Biology article_processing_charge: No author: - first_name: Harumi full_name: Harada, Harumi id: 2E55CDF2-F248-11E8-B48F-1D18A9856A87 last_name: Harada orcid: 0000-0001-7429-7896 - first_name: Ryuichi full_name: Shigemoto, Ryuichi id: 499F3ABC-F248-11E8-B48F-1D18A9856A87 last_name: Shigemoto orcid: 0000-0001-8761-9444 citation: ama: 'Harada H, Shigemoto R. Immunogold protein localization on grid-glued freeze-fracture replicas. In: High-Resolution Imaging of Cellular Proteins. Vol 1474. Springer; 2016:203-216. doi:10.1007/978-1-4939-6352-2_12' apa: Harada, H., & Shigemoto, R. (2016). Immunogold protein localization on grid-glued freeze-fracture replicas. In High-Resolution Imaging of Cellular Proteins (Vol. 1474, pp. 203–216). Springer. https://doi.org/10.1007/978-1-4939-6352-2_12 chicago: Harada, Harumi, and Ryuichi Shigemoto. “Immunogold Protein Localization on Grid-Glued Freeze-Fracture Replicas.” In High-Resolution Imaging of Cellular Proteins, 1474:203–16. Springer, 2016. https://doi.org/10.1007/978-1-4939-6352-2_12. ieee: H. Harada and R. Shigemoto, “Immunogold protein localization on grid-glued freeze-fracture replicas,” in High-Resolution Imaging of Cellular Proteins, vol. 1474, Springer, 2016, pp. 203–216. ista: 'Harada H, Shigemoto R. 2016.Immunogold protein localization on grid-glued freeze-fracture replicas. In: High-Resolution Imaging of Cellular Proteins. Methods in Molecular Biology, vol. 1474, 203–216.' mla: Harada, Harumi, and Ryuichi Shigemoto. “Immunogold Protein Localization on Grid-Glued Freeze-Fracture Replicas.” High-Resolution Imaging of Cellular Proteins, vol. 1474, Springer, 2016, pp. 203–16, doi:10.1007/978-1-4939-6352-2_12. short: H. Harada, R. Shigemoto, in:, High-Resolution Imaging of Cellular Proteins, Springer, 2016, pp. 203–216. date_created: 2018-12-11T11:50:06Z date_published: 2016-08-12T00:00:00Z date_updated: 2023-09-05T14:09:01Z day: '12' department: - _id: RySh doi: 10.1007/978-1-4939-6352-2_12 ec_funded: 1 intvolume: ' 1474' language: - iso: eng month: '08' oa_version: None page: 203 - 216 project: - _id: 25CD3DD2-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '604102' name: Localization of ion channels and receptors by two and three-dimensional immunoelectron microscopic approaches publication: High-Resolution Imaging of Cellular Proteins publication_identifier: eissn: - 1611-3349 issn: - 0302-9743 publication_status: published publisher: Springer publist_id: '6281' quality_controlled: '1' status: public title: Immunogold protein localization on grid-glued freeze-fracture replicas type: book_chapter user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 1474 year: '2016' ... --- _id: '10884' abstract: - lang: eng text: "We revisit the parameterized model checking problem for token-passing systems and specifications in indexed CTL  ∗ \\X. Emerson and Namjoshi (1995, 2003) have shown that parameterized model checking of indexed CTL  ∗ \\X in uni-directional token rings can be reduced to checking rings up to some cutoff size. Clarke et al. (2004) have shown a similar result for general topologies and indexed LTL \\X, provided processes cannot choose the directions for sending or receiving the token.\r\nWe unify and substantially extend these results by systematically exploring fragments of indexed CTL  ∗ \\X with respect to general topologies. For each fragment we establish whether a cutoff exists, and for some concrete topologies, such as rings, cliques and stars, we infer small cutoffs. Finally, we show that the problem becomes undecidable, and thus no cutoffs exist, if processes are allowed to choose the directions in which they send or from which they receive the token." acknowledgement: "This work was supported by the Austrian Science Fund through grant P23499-N23\r\nand through the RiSE network (S11403, S11405, S11406, S11407-N23); ERC Starting Grant (279307: Graph Games); Vienna Science and Technology Fund (WWTF)\r\ngrants PROSEED, ICT12-059, and VRG11-005." alternative_title: - LNCS article_processing_charge: No author: - first_name: Benjamin full_name: Aminof, Benjamin id: 4A55BD00-F248-11E8-B48F-1D18A9856A87 last_name: Aminof - first_name: Swen full_name: Jacobs, Swen last_name: Jacobs - first_name: Ayrat full_name: Khalimov, Ayrat last_name: Khalimov - first_name: Sasha full_name: Rubin, Sasha id: 2EC51194-F248-11E8-B48F-1D18A9856A87 last_name: Rubin citation: ama: 'Aminof B, Jacobs S, Khalimov A, Rubin S. Parameterized model checking of token-passing systems. In: Verification, Model Checking, and Abstract Interpretation. Vol 8318. Springer Nature; 2014:262-281. doi:10.1007/978-3-642-54013-4_15' apa: 'Aminof, B., Jacobs, S., Khalimov, A., & Rubin, S. (2014). Parameterized model checking of token-passing systems. In Verification, Model Checking, and Abstract Interpretation (Vol. 8318, pp. 262–281). San Diego, CA, United States: Springer Nature. https://doi.org/10.1007/978-3-642-54013-4_15' chicago: Aminof, Benjamin, Swen Jacobs, Ayrat Khalimov, and Sasha Rubin. “Parameterized Model Checking of Token-Passing Systems.” In Verification, Model Checking, and Abstract Interpretation, 8318:262–81. Springer Nature, 2014. https://doi.org/10.1007/978-3-642-54013-4_15. ieee: B. Aminof, S. Jacobs, A. Khalimov, and S. Rubin, “Parameterized model checking of token-passing systems,” in Verification, Model Checking, and Abstract Interpretation, San Diego, CA, United States, 2014, vol. 8318, pp. 262–281. ista: 'Aminof B, Jacobs S, Khalimov A, Rubin S. 2014. Parameterized model checking of token-passing systems. Verification, Model Checking, and Abstract Interpretation. VMCAI: Verifcation, Model Checking, and Abstract Interpretation, LNCS, vol. 8318, 262–281.' mla: Aminof, Benjamin, et al. “Parameterized Model Checking of Token-Passing Systems.” Verification, Model Checking, and Abstract Interpretation, vol. 8318, Springer Nature, 2014, pp. 262–81, doi:10.1007/978-3-642-54013-4_15. short: B. Aminof, S. Jacobs, A. Khalimov, S. Rubin, in:, Verification, Model Checking, and Abstract Interpretation, Springer Nature, 2014, pp. 262–281. conference: end_date: 2014-01-21 location: San Diego, CA, United States name: 'VMCAI: Verifcation, Model Checking, and Abstract Interpretation' start_date: 2014-01-19 date_created: 2022-03-18T13:01:22Z date_published: 2014-01-30T00:00:00Z date_updated: 2022-05-17T08:36:01Z day: '30' department: - _id: KrCh doi: 10.1007/978-3-642-54013-4_15 ec_funded: 1 external_id: arxiv: - '1311.4425' intvolume: ' 8318' language: - iso: eng main_file_link: - open_access: '1' url: ' https://doi.org/10.48550/arXiv.1311.4425' month: '01' oa: 1 oa_version: Preprint page: 262-281 project: - _id: 2584A770-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: P 23499-N23 name: Modern Graph Algorithmic Techniques in Formal Verification - _id: 25863FF4-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S11407 name: Game Theory - _id: 2581B60A-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '279307' name: 'Quantitative Graph Games: Theory and Applications' publication: Verification, Model Checking, and Abstract Interpretation publication_identifier: eisbn: - '9783642540134' eissn: - 1611-3349 isbn: - '9783642540127' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Parameterized model checking of token-passing systems type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 8318 year: '2014' ... --- _id: '10892' abstract: - lang: eng text: "In this paper, we introduce planar matchings on directed pseudo-line arrangements, which yield a planar set of pseudo-line segments such that only matching-partners are adjacent. By translating the planar matching problem into a corresponding stable roommates problem we show that such matchings always exist.\r\nUsing our new framework, we establish, for the first time, a complete, rigorous definition of weighted straight skeletons, which are based on a so-called wavefront propagation process. We present a generalized and unified approach to treat structural changes in the wavefront that focuses on the restoration of weak planarity by finding planar matchings." acknowledgement: 'T. Biedl was supported by NSERC and the Ross and Muriel Cheriton Fellowship. P. Palfrader was supported by Austrian Science Fund (FWF): P25816-N15.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Therese full_name: Biedl, Therese last_name: Biedl - first_name: Stefan full_name: Huber, Stefan id: 4700A070-F248-11E8-B48F-1D18A9856A87 last_name: Huber orcid: 0000-0002-8871-5814 - first_name: Peter full_name: Palfrader, Peter last_name: Palfrader citation: ama: 'Biedl T, Huber S, Palfrader P. Planar matchings for weighted straight skeletons. In: 25th International Symposium, ISAAC 2014. Vol 8889. Springer Nature; 2014:117-127. doi:10.1007/978-3-319-13075-0_10' apa: 'Biedl, T., Huber, S., & Palfrader, P. (2014). Planar matchings for weighted straight skeletons. In 25th International Symposium, ISAAC 2014 (Vol. 8889, pp. 117–127). Jeonju, Korea: Springer Nature. https://doi.org/10.1007/978-3-319-13075-0_10' chicago: Biedl, Therese, Stefan Huber, and Peter Palfrader. “Planar Matchings for Weighted Straight Skeletons.” In 25th International Symposium, ISAAC 2014, 8889:117–27. Springer Nature, 2014. https://doi.org/10.1007/978-3-319-13075-0_10. ieee: T. Biedl, S. Huber, and P. Palfrader, “Planar matchings for weighted straight skeletons,” in 25th International Symposium, ISAAC 2014, Jeonju, Korea, 2014, vol. 8889, pp. 117–127. ista: 'Biedl T, Huber S, Palfrader P. 2014. Planar matchings for weighted straight skeletons. 25th International Symposium, ISAAC 2014. ISAAC: International Symposium on Algorithms and Computation, LNCS, vol. 8889, 117–127.' mla: Biedl, Therese, et al. “Planar Matchings for Weighted Straight Skeletons.” 25th International Symposium, ISAAC 2014, vol. 8889, Springer Nature, 2014, pp. 117–27, doi:10.1007/978-3-319-13075-0_10. short: T. Biedl, S. Huber, P. Palfrader, in:, 25th International Symposium, ISAAC 2014, Springer Nature, 2014, pp. 117–127. conference: end_date: 2014-12-17 location: Jeonju, Korea name: 'ISAAC: International Symposium on Algorithms and Computation' start_date: 2014-12-15 date_created: 2022-03-21T07:09:03Z date_published: 2014-11-08T00:00:00Z date_updated: 2023-02-23T12:20:55Z day: '08' department: - _id: HeEd doi: 10.1007/978-3-319-13075-0_10 intvolume: ' 8889' language: - iso: eng month: '11' oa_version: None page: 117-127 publication: 25th International Symposium, ISAAC 2014 publication_identifier: eisbn: - '9783319130750' eissn: - 1611-3349 isbn: - '9783319130743' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '481' relation: later_version status: public scopus_import: '1' status: public title: Planar matchings for weighted straight skeletons type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 8889 year: '2014' ... --- _id: '10885' abstract: - lang: eng text: "Two-player games on graphs provide the theoretical framework for many important problems such as reactive synthesis. While the traditional study of two-player zero-sum games has been extended to multi-player games with several notions of equilibria, they are decidable only for perfect-information games, whereas several applications require imperfect-information games.\r\nIn this paper we propose a new notion of equilibria, called doomsday equilibria, which is a strategy profile such that all players satisfy their own objective, and if any coalition of players deviates and violates even one of the players objective, then the objective of every player is violated.\r\nWe present algorithms and complexity results for deciding the existence of doomsday equilibria for various classes of ω-regular objectives, both for imperfect-information games, and for perfect-information games.We provide optimal complexity bounds for imperfect-information games, and in most cases for perfect-information games." acknowledgement: " Supported by Austrian Science Fund (FWF) Grant No P23499-N23, FWF NFN Grant No\r\nS11407-N23 (RiSE), ERC Start grant (279307: Graph Games), and Microsoft faculty fellows award." alternative_title: - LNCS article_processing_charge: No author: - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Laurent full_name: Doyen, Laurent last_name: Doyen - first_name: Emmanuel full_name: Filiot, Emmanuel last_name: Filiot - first_name: Jean-François full_name: Raskin, Jean-François last_name: Raskin citation: ama: 'Chatterjee K, Doyen L, Filiot E, Raskin J-F. Doomsday equilibria for omega-regular games. In: VMCAI 2014: Verification, Model Checking, and Abstract Interpretation. Vol 8318. Springer Nature; 2014:78-97. doi:10.1007/978-3-642-54013-4_5' apa: 'Chatterjee, K., Doyen, L., Filiot, E., & Raskin, J.-F. (2014). Doomsday equilibria for omega-regular games. In VMCAI 2014: Verification, Model Checking, and Abstract Interpretation (Vol. 8318, pp. 78–97). San Diego, CA, United States: Springer Nature. https://doi.org/10.1007/978-3-642-54013-4_5' chicago: 'Chatterjee, Krishnendu, Laurent Doyen, Emmanuel Filiot, and Jean-François Raskin. “Doomsday Equilibria for Omega-Regular Games.” In VMCAI 2014: Verification, Model Checking, and Abstract Interpretation, 8318:78–97. Springer Nature, 2014. https://doi.org/10.1007/978-3-642-54013-4_5.' ieee: 'K. Chatterjee, L. Doyen, E. Filiot, and J.-F. Raskin, “Doomsday equilibria for omega-regular games,” in VMCAI 2014: Verification, Model Checking, and Abstract Interpretation, San Diego, CA, United States, 2014, vol. 8318, pp. 78–97.' ista: 'Chatterjee K, Doyen L, Filiot E, Raskin J-F. 2014. Doomsday equilibria for omega-regular games. VMCAI 2014: Verification, Model Checking, and Abstract Interpretation. VMCAI: Verifcation, Model Checking, and Abstract Interpretation, LNCS, vol. 8318, 78–97.' mla: 'Chatterjee, Krishnendu, et al. “Doomsday Equilibria for Omega-Regular Games.” VMCAI 2014: Verification, Model Checking, and Abstract Interpretation, vol. 8318, Springer Nature, 2014, pp. 78–97, doi:10.1007/978-3-642-54013-4_5.' short: 'K. Chatterjee, L. Doyen, E. Filiot, J.-F. Raskin, in:, VMCAI 2014: Verification, Model Checking, and Abstract Interpretation, Springer Nature, 2014, pp. 78–97.' conference: end_date: 2014-01-21 location: San Diego, CA, United States name: 'VMCAI: Verifcation, Model Checking, and Abstract Interpretation' start_date: 2014-01-19 date_created: 2022-03-18T13:03:15Z date_published: 2014-01-30T00:00:00Z date_updated: 2023-02-23T12:52:24Z day: '30' department: - _id: KrCh doi: 10.1007/978-3-642-54013-4_5 ec_funded: 1 external_id: arxiv: - '1311.3238' intvolume: ' 8318' language: - iso: eng month: '01' oa_version: Preprint page: 78-97 project: - _id: 2584A770-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: P 23499-N23 name: Modern Graph Algorithmic Techniques in Formal Verification - _id: 25863FF4-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S11407 name: Game Theory - _id: 2581B60A-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '279307' name: 'Quantitative Graph Games: Theory and Applications' - _id: 2587B514-B435-11E9-9278-68D0E5697425 name: Microsoft Research Faculty Fellowship publication: 'VMCAI 2014: Verification, Model Checking, and Abstract Interpretation' publication_identifier: eisbn: - '9783642540134' eissn: - 1611-3349 isbn: - '9783642540127' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' related_material: record: - id: '681' relation: later_version status: public scopus_import: '1' status: public title: Doomsday equilibria for omega-regular games type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 8318 year: '2014' ... --- _id: '10894' abstract: - lang: eng text: PHAT is a C++ library for the computation of persistent homology by matrix reduction. We aim for a simple generic design that decouples algorithms from data structures without sacrificing efficiency or user-friendliness. This makes PHAT a versatile platform for experimenting with algorithmic ideas and comparing them to state of the art implementations. article_processing_charge: No author: - first_name: Ulrich full_name: Bauer, Ulrich id: 2ADD483A-F248-11E8-B48F-1D18A9856A87 last_name: Bauer orcid: 0000-0002-9683-0724 - first_name: Michael full_name: Kerber, Michael last_name: Kerber - first_name: Jan full_name: Reininghaus, Jan id: 4505473A-F248-11E8-B48F-1D18A9856A87 last_name: Reininghaus - first_name: Hubert full_name: Wagner, Hubert last_name: Wagner citation: ama: 'Bauer U, Kerber M, Reininghaus J, Wagner H. PHAT – Persistent Homology Algorithms Toolbox. In: ICMS 2014: International Congress on Mathematical Software. Vol 8592. LNCS. Berlin, Heidelberg: Springer Berlin Heidelberg; 2014:137-143. doi:10.1007/978-3-662-44199-2_24' apa: 'Bauer, U., Kerber, M., Reininghaus, J., & Wagner, H. (2014). PHAT – Persistent Homology Algorithms Toolbox. In ICMS 2014: International Congress on Mathematical Software (Vol. 8592, pp. 137–143). Berlin, Heidelberg: Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-662-44199-2_24' chicago: 'Bauer, Ulrich, Michael Kerber, Jan Reininghaus, and Hubert Wagner. “PHAT – Persistent Homology Algorithms Toolbox.” In ICMS 2014: International Congress on Mathematical Software, 8592:137–43. LNCS. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014. https://doi.org/10.1007/978-3-662-44199-2_24.' ieee: 'U. Bauer, M. Kerber, J. Reininghaus, and H. Wagner, “PHAT – Persistent Homology Algorithms Toolbox,” in ICMS 2014: International Congress on Mathematical Software, Seoul, South Korea, 2014, vol. 8592, pp. 137–143.' ista: 'Bauer U, Kerber M, Reininghaus J, Wagner H. 2014. PHAT – Persistent Homology Algorithms Toolbox. ICMS 2014: International Congress on Mathematical Software. ICMS: International Congress on Mathematical SoftwareLNCS vol. 8592, 137–143.' mla: 'Bauer, Ulrich, et al. “PHAT – Persistent Homology Algorithms Toolbox.” ICMS 2014: International Congress on Mathematical Software, vol. 8592, Springer Berlin Heidelberg, 2014, pp. 137–43, doi:10.1007/978-3-662-44199-2_24.' short: 'U. Bauer, M. Kerber, J. Reininghaus, H. Wagner, in:, ICMS 2014: International Congress on Mathematical Software, Springer Berlin Heidelberg, Berlin, Heidelberg, 2014, pp. 137–143.' conference: end_date: 2014-08-09 location: Seoul, South Korea name: 'ICMS: International Congress on Mathematical Software' start_date: 2014-08-05 date_created: 2022-03-21T07:12:16Z date_published: 2014-09-01T00:00:00Z date_updated: 2023-09-20T09:42:40Z day: '01' department: - _id: HeEd doi: 10.1007/978-3-662-44199-2_24 intvolume: ' 8592' language: - iso: eng month: '09' oa_version: None page: 137-143 place: Berlin, Heidelberg publication: 'ICMS 2014: International Congress on Mathematical Software' publication_identifier: eisbn: - '9783662441992' eissn: - 1611-3349 isbn: - '9783662441985' issn: - 0302-9743 publication_status: published publisher: Springer Berlin Heidelberg quality_controlled: '1' related_material: record: - id: '1433' relation: later_version status: public scopus_import: '1' series_title: LNCS status: public title: PHAT – Persistent Homology Algorithms Toolbox type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 8592 year: '2014' ... --- _id: '5747' article_processing_charge: No author: - first_name: Cezara full_name: Dragoi, Cezara id: 2B2B5ED0-F248-11E8-B48F-1D18A9856A87 last_name: Dragoi - first_name: Ashutosh full_name: Gupta, Ashutosh id: 335E5684-F248-11E8-B48F-1D18A9856A87 last_name: Gupta - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000−0002−2985−7724 citation: ama: 'Dragoi C, Gupta A, Henzinger TA. Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates. In: Computer Aided Verification. Vol 8044. CAV. Berlin, Heidelberg: Springer Berlin Heidelberg; 2013:174-190. doi:10.1007/978-3-642-39799-8_11' apa: 'Dragoi, C., Gupta, A., & Henzinger, T. A. (2013). Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates. In Computer Aided Verification (Vol. 8044, pp. 174–190). Berlin, Heidelberg: Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-39799-8_11' chicago: 'Dragoi, Cezara, Ashutosh Gupta, and Thomas A Henzinger. “Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates.” In Computer Aided Verification, 8044:174–90. CAV. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. https://doi.org/10.1007/978-3-642-39799-8_11.' ieee: 'C. Dragoi, A. Gupta, and T. A. Henzinger, “Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates,” in Computer Aided Verification, vol. 8044, Berlin, Heidelberg: Springer Berlin Heidelberg, 2013, pp. 174–190.' ista: 'Dragoi C, Gupta A, Henzinger TA. 2013.Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates. In: Computer Aided Verification. vol. 8044, 174–190.' mla: Dragoi, Cezara, et al. “Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates.” Computer Aided Verification, vol. 8044, Springer Berlin Heidelberg, 2013, pp. 174–90, doi:10.1007/978-3-642-39799-8_11. short: C. Dragoi, A. Gupta, T.A. Henzinger, in:, Computer Aided Verification, Springer Berlin Heidelberg, Berlin, Heidelberg, 2013, pp. 174–190. conference: end_date: 2013-07-19 location: Saint Petersburg, Russia name: CAV 2013 start_date: 2013-07-13 date_created: 2018-12-18T13:10:21Z date_published: 2013-01-01T00:00:00Z date_updated: 2023-09-05T14:16:07Z ddc: - '005' department: - _id: ToHe doi: 10.1007/978-3-642-39799-8_11 ec_funded: 1 file: - access_level: open_access checksum: a901cc6b71db08b61c0d4c0cbacc6287 content_type: application/pdf creator: dernst date_created: 2018-12-18T13:13:33Z date_updated: 2020-07-14T12:47:10Z file_id: '5748' file_name: 2013_CAV_Dragoi.pdf file_size: 236480 relation: main_file file_date_updated: 2020-07-14T12:47:10Z has_accepted_license: '1' intvolume: ' 8044' language: - iso: eng oa: 1 oa_version: None page: 174-190 place: Berlin, Heidelberg project: - _id: 25EE3708-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '267989' name: Quantitative Reactive Modeling - _id: 25832EC2-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S 11407_N23 name: Rigorous Systems Engineering publication: Computer Aided Verification publication_identifier: eissn: - 1611-3349 isbn: - '9783642397981' - '9783642397998' issn: - 0302-9743 publication_status: published publisher: Springer Berlin Heidelberg pubrep_id: '195' quality_controlled: '1' scopus_import: '1' series_title: CAV status: public title: Automatic Linearizability Proofs of Concurrent Objects with Cooperating Updates type: book_chapter user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 8044 year: '2013' ... --- _id: '10902' abstract: - lang: eng text: We consider how to edit strings from a source language so that the edited strings belong to a target language, where the languages are given as deterministic finite automata. Non-streaming (or offline) transducers perform edits given the whole source string. We show that the class of deterministic one-pass transducers with registers along with increment and min operation suffices for computing optimal edit distance, whereas the same class of transducers without the min operation is not sufficient. Streaming (or online) transducers perform edits as the letters of the source string are received. We present a polynomial time algorithm for the partial-repair problem that given a bound α asks for the construction of a deterministic streaming transducer (if one exists) that ensures that the ‘maximum fraction’ η of the strings of the source language are edited, within cost α, to the target language. acknowledgement: 'The research was supported by Austrian Science Fund (FWF) Grant No P 23499-N23, FWF NFN Grant No S11407-N23 (RiSE), ERC Start grant (279307: Graph Games), and Microsoft faculty fellows award. Thanks to Gabriele Puppis for suggesting the problem of identifying a deterministic transducer to compute the optimal cost, and to Martin Chmelik for his comments on the introduction.' alternative_title: - LNCS article_processing_charge: No author: - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Siddhesh full_name: Chaubal, Siddhesh last_name: Chaubal - first_name: Sasha full_name: Rubin, Sasha id: 2EC51194-F248-11E8-B48F-1D18A9856A87 last_name: Rubin citation: ama: 'Chatterjee K, Chaubal S, Rubin S. How to travel between languages. In: 7th International Conference on Language and Automata Theory and Applications. Vol 7810. LNCS. Berlin, Heidelberg: Springer Nature; 2013:214-225. doi:10.1007/978-3-642-37064-9_20' apa: 'Chatterjee, K., Chaubal, S., & Rubin, S. (2013). How to travel between languages. In 7th International Conference on Language and Automata Theory and Applications (Vol. 7810, pp. 214–225). Berlin, Heidelberg: Springer Nature. https://doi.org/10.1007/978-3-642-37064-9_20' chicago: 'Chatterjee, Krishnendu, Siddhesh Chaubal, and Sasha Rubin. “How to Travel between Languages.” In 7th International Conference on Language and Automata Theory and Applications, 7810:214–25. LNCS. Berlin, Heidelberg: Springer Nature, 2013. https://doi.org/10.1007/978-3-642-37064-9_20.' ieee: K. Chatterjee, S. Chaubal, and S. Rubin, “How to travel between languages,” in 7th International Conference on Language and Automata Theory and Applications, Bilbao, Spain, 2013, vol. 7810, pp. 214–225. ista: 'Chatterjee K, Chaubal S, Rubin S. 2013. How to travel between languages. 7th International Conference on Language and Automata Theory and Applications. LATA: Conference on Language and Automata Theory and ApplicationsLNCS, LNCS, vol. 7810, 214–225.' mla: Chatterjee, Krishnendu, et al. “How to Travel between Languages.” 7th International Conference on Language and Automata Theory and Applications, vol. 7810, Springer Nature, 2013, pp. 214–25, doi:10.1007/978-3-642-37064-9_20. short: K. Chatterjee, S. Chaubal, S. Rubin, in:, 7th International Conference on Language and Automata Theory and Applications, Springer Nature, Berlin, Heidelberg, 2013, pp. 214–225. conference: end_date: 2013-04-05 location: Bilbao, Spain name: 'LATA: Conference on Language and Automata Theory and Applications' start_date: 2013-04-02 date_created: 2022-03-21T07:56:21Z date_published: 2013-04-15T00:00:00Z date_updated: 2023-09-05T15:10:38Z day: '15' department: - _id: KrCh doi: 10.1007/978-3-642-37064-9_20 ec_funded: 1 intvolume: ' 7810' language: - iso: eng month: '04' oa_version: None page: 214-225 place: Berlin, Heidelberg project: - _id: 2584A770-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: P 23499-N23 name: Modern Graph Algorithmic Techniques in Formal Verification - _id: 25863FF4-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S11407 name: Game Theory - _id: 2581B60A-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '279307' name: 'Quantitative Graph Games: Theory and Applications' - _id: 2587B514-B435-11E9-9278-68D0E5697425 name: Microsoft Research Faculty Fellowship publication: 7th International Conference on Language and Automata Theory and Applications publication_identifier: eisbn: - '9783642370649' eissn: - 1611-3349 isbn: - '9783642370632' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: How to travel between languages type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 7810 year: '2013' ... --- _id: '10897' abstract: - lang: eng text: Taking images is an efficient way to collect data about the physical world. It can be done fast and in exquisite detail. By definition, image processing is the field that concerns itself with the computation aimed at harnessing the information contained in images [10]. This talk is concerned with topological information. Our main thesis is that persistent homology [5] is a useful method to quantify and summarize topological information, building a bridge that connects algebraic topology with applications. We provide supporting evidence for this thesis by touching upon four technical developments in the overlap between persistent homology and image processing. acknowledgement: This research is partially supported by the European Science Foundation (ESF) under the Research Network Programme, the European Union under the Toposys Project FP7-ICT-318493-STREP, the Russian Government under the Mega Project 11.G34.31.0053. article_processing_charge: No author: - first_name: Herbert full_name: Edelsbrunner, Herbert id: 3FB178DA-F248-11E8-B48F-1D18A9856A87 last_name: Edelsbrunner orcid: 0000-0002-9823-6833 citation: ama: 'Edelsbrunner H. Persistent homology in image processing. In: Graph-Based Representations in Pattern Recognition. Vol 7877. LNCS. Berlin, Heidelberg: Springer Nature; 2013:182-183. doi:10.1007/978-3-642-38221-5_19' apa: 'Edelsbrunner, H. (2013). Persistent homology in image processing. In Graph-Based Representations in Pattern Recognition (Vol. 7877, pp. 182–183). Berlin, Heidelberg: Springer Nature. https://doi.org/10.1007/978-3-642-38221-5_19' chicago: 'Edelsbrunner, Herbert. “Persistent Homology in Image Processing.” In Graph-Based Representations in Pattern Recognition, 7877:182–83. LNCS. Berlin, Heidelberg: Springer Nature, 2013. https://doi.org/10.1007/978-3-642-38221-5_19.' ieee: H. Edelsbrunner, “Persistent homology in image processing,” in Graph-Based Representations in Pattern Recognition, Vienna, Austria, 2013, vol. 7877, pp. 182–183. ista: 'Edelsbrunner H. 2013. Persistent homology in image processing. Graph-Based Representations in Pattern Recognition. GbRPR: Graph-based Representations in Pattern RecognitionLNCS vol. 7877, 182–183.' mla: Edelsbrunner, Herbert. “Persistent Homology in Image Processing.” Graph-Based Representations in Pattern Recognition, vol. 7877, Springer Nature, 2013, pp. 182–83, doi:10.1007/978-3-642-38221-5_19. short: H. Edelsbrunner, in:, Graph-Based Representations in Pattern Recognition, Springer Nature, Berlin, Heidelberg, 2013, pp. 182–183. conference: end_date: 2013-05-17 location: Vienna, Austria name: 'GbRPR: Graph-based Representations in Pattern Recognition' start_date: 2013-05-15 date_created: 2022-03-21T07:30:33Z date_published: 2013-06-01T00:00:00Z date_updated: 2023-09-05T15:10:20Z day: '01' department: - _id: HeEd doi: 10.1007/978-3-642-38221-5_19 ec_funded: 1 intvolume: ' 7877' language: - iso: eng month: '06' oa_version: None page: 182-183 place: Berlin, Heidelberg project: - _id: 255D761E-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '318493' name: Topological Complex Systems publication: Graph-Based Representations in Pattern Recognition publication_identifier: eisbn: - '9783642382215' eissn: - 1611-3349 isbn: - '9783642382208' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Persistent homology in image processing type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 7877 year: '2013' ... --- _id: '10903' abstract: - lang: eng text: We propose a logic-based framework for automated reasoning about sequential programs manipulating singly-linked lists and arrays with unbounded data. We introduce the logic SLAD, which allows combining shape constraints, written in a fragment of Separation Logic, with data and size constraints. We address the problem of checking the entailment between SLAD formulas, which is crucial in performing pre-post condition reasoning. Although this problem is undecidable in general for SLAD, we propose a sound and powerful procedure that is able to solve this problem for a large class of formulas, beyond the capabilities of existing techniques and tools. We prove that this procedure is complete, i.e., it is actually a decision procedure for this problem, for an important fragment of SLAD including known decidable logics. We implemented this procedure and shown its preciseness and its efficiency on a significant benchmark of formulas. acknowledgement: This work has been partially supported by the French ANR project Veridyc alternative_title: - LNCS article_processing_charge: No author: - first_name: Ahmed full_name: Bouajjani, Ahmed last_name: Bouajjani - first_name: Cezara full_name: Dragoi, Cezara id: 2B2B5ED0-F248-11E8-B48F-1D18A9856A87 last_name: Dragoi - first_name: Constantin full_name: Enea, Constantin last_name: Enea - first_name: Mihaela full_name: Sighireanu, Mihaela last_name: Sighireanu citation: ama: 'Bouajjani A, Dragoi C, Enea C, Sighireanu M. Accurate invariant checking for programs manipulating lists and arrays with infinite data. In: Automated Technology for Verification and Analysis. Vol 7561. LNCS. Berlin, Heidelberg: Springer; 2012:167-182. doi:10.1007/978-3-642-33386-6_14' apa: 'Bouajjani, A., Dragoi, C., Enea, C., & Sighireanu, M. (2012). Accurate invariant checking for programs manipulating lists and arrays with infinite data. In Automated Technology for Verification and Analysis (Vol. 7561, pp. 167–182). Berlin, Heidelberg: Springer. https://doi.org/10.1007/978-3-642-33386-6_14' chicago: 'Bouajjani, Ahmed, Cezara Dragoi, Constantin Enea, and Mihaela Sighireanu. “Accurate Invariant Checking for Programs Manipulating Lists and Arrays with Infinite Data.” In Automated Technology for Verification and Analysis, 7561:167–82. LNCS. Berlin, Heidelberg: Springer, 2012. https://doi.org/10.1007/978-3-642-33386-6_14.' ieee: A. Bouajjani, C. Dragoi, C. Enea, and M. Sighireanu, “Accurate invariant checking for programs manipulating lists and arrays with infinite data,” in Automated Technology for Verification and Analysis, Thiruvananthapuram, India, 2012, vol. 7561, pp. 167–182. ista: 'Bouajjani A, Dragoi C, Enea C, Sighireanu M. 2012. Accurate invariant checking for programs manipulating lists and arrays with infinite data. Automated Technology for Verification and Analysis. ATVA: Automated Technology for Verification and AnalysisLNCS, LNCS, vol. 7561, 167–182.' mla: Bouajjani, Ahmed, et al. “Accurate Invariant Checking for Programs Manipulating Lists and Arrays with Infinite Data.” Automated Technology for Verification and Analysis, vol. 7561, Springer, 2012, pp. 167–82, doi:10.1007/978-3-642-33386-6_14. short: A. Bouajjani, C. Dragoi, C. Enea, M. Sighireanu, in:, Automated Technology for Verification and Analysis, Springer, Berlin, Heidelberg, 2012, pp. 167–182. conference: end_date: 2012-10-06 location: Thiruvananthapuram, India name: 'ATVA: Automated Technology for Verification and Analysis' start_date: 2012-10-03 date_created: 2022-03-21T07:58:39Z date_published: 2012-10-15T00:00:00Z date_updated: 2023-09-05T14:07:24Z day: '15' department: - _id: ToHe doi: 10.1007/978-3-642-33386-6_14 intvolume: ' 7561' language: - iso: eng month: '10' oa_version: None page: 167-182 place: Berlin, Heidelberg publication: Automated Technology for Verification and Analysis publication_identifier: eisbn: - '9783642333866' eissn: - 1611-3349 isbn: - '9783642333859' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: Accurate invariant checking for programs manipulating lists and arrays with infinite data type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 7561 year: '2012' ... --- _id: '10905' abstract: - lang: eng text: "Energy games belong to a class of turn-based two-player infinite-duration games played on a weighted directed graph. It is one of the rare and intriguing combinatorial problems that lie in NP ∩ co−NP, but are not known to be in P. While the existence of polynomial-time algorithms has been a major open problem for decades, there is no algorithm that solves any non-trivial subclass in polynomial time.\r\nIn this paper, we give several results based on the weight structures of the graph. First, we identify a notion of penalty and present a polynomial-time algorithm when the penalty is large. Our algorithm is the first polynomial-time algorithm on a large class of weighted graphs. It includes several counter examples that show that many previous algorithms, such as value iteration and random facet algorithms, require at least sub-exponential time. Our main technique is developing the first non-trivial approximation algorithm and showing how to convert it to an exact algorithm. Moreover, we show that in a practical case in verification where weights are clustered around a constant number of values, the energy game problem can be solved in polynomial time. We also show that the problem is still as hard as in general when the clique-width is bounded or the graph is strongly ergodic, suggesting that restricting graph structures need not help." acknowledgement: 'Supported by the Austrian Science Fund (FWF): P23499-N23, the Austrian Science Fund (FWF): S11407-N23 (RiSE), an ERC Start Grant (279307: Graph Games), and a Microsoft Faculty Fellows Award' alternative_title: - LNCS article_processing_charge: No author: - first_name: Krishnendu full_name: Chatterjee, Krishnendu id: 2E5DCA20-F248-11E8-B48F-1D18A9856A87 last_name: Chatterjee orcid: 0000-0002-4561-241X - first_name: Monika H full_name: Henzinger, Monika H id: 540c9bbd-f2de-11ec-812d-d04a5be85630 last_name: Henzinger orcid: 0000-0002-5008-6530 - first_name: Sebastian full_name: Krinninger, Sebastian last_name: Krinninger - first_name: Danupon full_name: Nanongkai, Danupon last_name: Nanongkai citation: ama: 'Chatterjee K, Henzinger MH, Krinninger S, Nanongkai D. Polynomial-time algorithms for energy games with special weight structures. In: Algorithms – ESA 2012. Vol 7501. Springer; 2012:301-312. doi:10.1007/978-3-642-33090-2_27' apa: 'Chatterjee, K., Henzinger, M. H., Krinninger, S., & Nanongkai, D. (2012). Polynomial-time algorithms for energy games with special weight structures. In Algorithms – ESA 2012 (Vol. 7501, pp. 301–312). Ljubljana, Slovenia: Springer. https://doi.org/10.1007/978-3-642-33090-2_27' chicago: Chatterjee, Krishnendu, Monika H Henzinger, Sebastian Krinninger, and Danupon Nanongkai. “Polynomial-Time Algorithms for Energy Games with Special Weight Structures.” In Algorithms – ESA 2012, 7501:301–12. Springer, 2012. https://doi.org/10.1007/978-3-642-33090-2_27. ieee: K. Chatterjee, M. H. Henzinger, S. Krinninger, and D. Nanongkai, “Polynomial-time algorithms for energy games with special weight structures,” in Algorithms – ESA 2012, Ljubljana, Slovenia, 2012, vol. 7501, pp. 301–312. ista: 'Chatterjee K, Henzinger MH, Krinninger S, Nanongkai D. 2012. Polynomial-time algorithms for energy games with special weight structures. Algorithms – ESA 2012. ESA: European Symposium on Algorithms, LNCS, vol. 7501, 301–312.' mla: Chatterjee, Krishnendu, et al. “Polynomial-Time Algorithms for Energy Games with Special Weight Structures.” Algorithms – ESA 2012, vol. 7501, Springer, 2012, pp. 301–12, doi:10.1007/978-3-642-33090-2_27. short: K. Chatterjee, M.H. Henzinger, S. Krinninger, D. Nanongkai, in:, Algorithms – ESA 2012, Springer, 2012, pp. 301–312. conference: end_date: 2012-09-12 location: Ljubljana, Slovenia name: 'ESA: European Symposium on Algorithms' start_date: 2012-09-10 date_created: 2022-03-21T08:01:45Z date_published: 2012-10-01T00:00:00Z date_updated: 2023-09-05T14:09:30Z day: '01' department: - _id: KrCh doi: 10.1007/978-3-642-33090-2_27 ec_funded: 1 external_id: arxiv: - '1604.08234' intvolume: ' 7501' language: - iso: eng main_file_link: - open_access: '1' url: https://arxiv.org/abs/1604.08234 month: '10' oa: 1 oa_version: Preprint page: 301-312 project: - _id: 25863FF4-B435-11E9-9278-68D0E5697425 call_identifier: FWF grant_number: S11407 name: Game Theory - _id: 2581B60A-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '279307' name: 'Quantitative Graph Games: Theory and Applications' - _id: 2587B514-B435-11E9-9278-68D0E5697425 name: Microsoft Research Faculty Fellowship publication: Algorithms – ESA 2012 publication_identifier: eisbn: - '9783642330902' eissn: - 1611-3349 isbn: - '9783642330896' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' related_material: record: - id: '535' relation: later_version status: public scopus_import: '1' status: public title: Polynomial-time algorithms for energy games with special weight structures type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 7501 year: '2012' ... --- _id: '10906' abstract: - lang: eng text: HSF(C) is a tool that automates verification of safety and liveness properties for C programs. This paper describes the verification approach taken by HSF(C) and provides instructions on how to install and use the tool. alternative_title: - LNCS article_processing_charge: No author: - first_name: Sergey full_name: Grebenshchikov, Sergey last_name: Grebenshchikov - first_name: Ashutosh full_name: Gupta, Ashutosh id: 335E5684-F248-11E8-B48F-1D18A9856A87 last_name: Gupta - first_name: Nuno P. full_name: Lopes, Nuno P. last_name: Lopes - first_name: Corneliu full_name: Popeea, Corneliu last_name: Popeea - first_name: Andrey full_name: Rybalchenko, Andrey last_name: Rybalchenko citation: ama: 'Grebenshchikov S, Gupta A, Lopes NP, Popeea C, Rybalchenko A. HSF(C): A software verifier based on Horn clauses. In: Flanagan C, König B, eds. Tools and Algorithms for the Construction and Analysis of Systems. Vol 7214. LNCS. Berlin, Heidelberg: Springer; 2012:549-551. doi:10.1007/978-3-642-28756-5_46' apa: 'Grebenshchikov, S., Gupta, A., Lopes, N. P., Popeea, C., & Rybalchenko, A. (2012). HSF(C): A software verifier based on Horn clauses. In C. Flanagan & B. König (Eds.), Tools and Algorithms for the Construction and Analysis of Systems (Vol. 7214, pp. 549–551). Berlin, Heidelberg: Springer. https://doi.org/10.1007/978-3-642-28756-5_46' chicago: 'Grebenshchikov, Sergey, Ashutosh Gupta, Nuno P. Lopes, Corneliu Popeea, and Andrey Rybalchenko. “HSF(C): A Software Verifier Based on Horn Clauses.” In Tools and Algorithms for the Construction and Analysis of Systems, edited by Cormac Flanagan and Barbara König, 7214:549–51. LNCS. Berlin, Heidelberg: Springer, 2012. https://doi.org/10.1007/978-3-642-28756-5_46.' ieee: 'S. Grebenshchikov, A. Gupta, N. P. Lopes, C. Popeea, and A. Rybalchenko, “HSF(C): A software verifier based on Horn clauses,” in Tools and Algorithms for the Construction and Analysis of Systems, Tallinn, Estonia, 2012, vol. 7214, pp. 549–551.' ista: 'Grebenshchikov S, Gupta A, Lopes NP, Popeea C, Rybalchenko A. 2012. HSF(C): A software verifier based on Horn clauses. Tools and Algorithms for the Construction and Analysis of Systems. TACAS: Tools and Algorithms for the Construction and Analysis of SystemsLNCS, LNCS, vol. 7214, 549–551.' mla: 'Grebenshchikov, Sergey, et al. “HSF(C): A Software Verifier Based on Horn Clauses.” Tools and Algorithms for the Construction and Analysis of Systems, edited by Cormac Flanagan and Barbara König, vol. 7214, Springer, 2012, pp. 549–51, doi:10.1007/978-3-642-28756-5_46.' short: S. Grebenshchikov, A. Gupta, N.P. Lopes, C. Popeea, A. Rybalchenko, in:, C. Flanagan, B. König (Eds.), Tools and Algorithms for the Construction and Analysis of Systems, Springer, Berlin, Heidelberg, 2012, pp. 549–551. conference: end_date: 2012-04-01 location: Tallinn, Estonia name: 'TACAS: Tools and Algorithms for the Construction and Analysis of Systems' start_date: 2012-03-24 date_created: 2022-03-21T08:03:30Z date_published: 2012-04-01T00:00:00Z date_updated: 2023-09-05T14:09:54Z day: '01' department: - _id: ToHe doi: 10.1007/978-3-642-28756-5_46 editor: - first_name: Cormac full_name: Flanagan, Cormac last_name: Flanagan - first_name: Barbara full_name: König, Barbara last_name: König intvolume: ' 7214' language: - iso: eng main_file_link: - open_access: '1' url: https://doi.org/10.1007/978-3-642-28756-5_46 month: '04' oa: 1 oa_version: Published Version page: 549-551 place: Berlin, Heidelberg publication: Tools and Algorithms for the Construction and Analysis of Systems publication_identifier: eisbn: - '9783642287565' eissn: - 1611-3349 isbn: - '9783642287558' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: 'HSF(C): A software verifier based on Horn clauses' type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 7214 year: '2012' ... --- _id: '5745' article_processing_charge: No author: - first_name: Ashutosh full_name: Gupta, Ashutosh last_name: Gupta citation: ama: 'Gupta A. Improved Single Pass Algorithms for Resolution Proof Reduction. In: Automated Technology for Verification and Analysis. Vol 7561. LNCS. Berlin, Heidelberg: Springer Berlin Heidelberg; 2012:107-121. doi:10.1007/978-3-642-33386-6_10' apa: 'Gupta, A. (2012). Improved Single Pass Algorithms for Resolution Proof Reduction. In Automated Technology for Verification and Analysis (Vol. 7561, pp. 107–121). Berlin, Heidelberg: Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-33386-6_10' chicago: 'Gupta, Ashutosh. “Improved Single Pass Algorithms for Resolution Proof Reduction.” In Automated Technology for Verification and Analysis, 7561:107–21. LNCS. Berlin, Heidelberg: Springer Berlin Heidelberg, 2012. https://doi.org/10.1007/978-3-642-33386-6_10.' ieee: 'A. Gupta, “Improved Single Pass Algorithms for Resolution Proof Reduction,” in Automated Technology for Verification and Analysis, vol. 7561, Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 107–121.' ista: 'Gupta A. 2012.Improved Single Pass Algorithms for Resolution Proof Reduction. In: Automated Technology for Verification and Analysis. vol. 7561, 107–121.' mla: Gupta, Ashutosh. “Improved Single Pass Algorithms for Resolution Proof Reduction.” Automated Technology for Verification and Analysis, vol. 7561, Springer Berlin Heidelberg, 2012, pp. 107–21, doi:10.1007/978-3-642-33386-6_10. short: A. Gupta, in:, Automated Technology for Verification and Analysis, Springer Berlin Heidelberg, Berlin, Heidelberg, 2012, pp. 107–121. conference: end_date: 2012-10-06 location: Thiruvananthapuram, Kerala, India name: ATVA 2012 start_date: 2012-10-03 date_created: 2018-12-18T13:01:46Z date_published: 2012-01-01T00:00:00Z date_updated: 2023-09-05T14:15:29Z ddc: - '005' department: - _id: ToHe doi: 10.1007/978-3-642-33386-6_10 ec_funded: 1 file: - access_level: open_access checksum: 68415837a315de3cc4d120f6019d752c content_type: application/pdf creator: dernst date_created: 2018-12-18T13:07:35Z date_updated: 2020-07-14T12:47:10Z file_id: '5746' file_name: 2012_ATVA_Gupta.pdf file_size: 465502 relation: main_file file_date_updated: 2020-07-14T12:47:10Z has_accepted_license: '1' intvolume: ' 7561' language: - iso: eng oa: 1 oa_version: None page: 107-121 place: Berlin, Heidelberg project: - _id: 25EE3708-B435-11E9-9278-68D0E5697425 call_identifier: FP7 grant_number: '267989' name: Quantitative Reactive Modeling publication: Automated Technology for Verification and Analysis publication_identifier: eissn: - 1611-3349 isbn: - '9783642333859' - '9783642333866' issn: - 0302-9743 publication_status: published publisher: Springer Berlin Heidelberg pubrep_id: '180' quality_controlled: '1' series_title: LNCS status: public title: Improved Single Pass Algorithms for Resolution Proof Reduction type: book_chapter user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 7561 year: '2012' ... --- _id: '10907' abstract: - lang: eng text: This paper presents a method to create a model of an articulated object using the planar motion in an initialization video. The model consists of rigid parts connected by points of articulation. The rigid parts are described by the positions of salient feature-points tracked throughout the video. Following a filtering step that identifies points that belong to different objects, rigid parts are found by a grouping process in a graph pyramid. Valid articulation points are selected by verifying multiple hypotheses for each pair of parts. acknowledgement: This work has been partially supported by the Austrian Science Fund under grants S9103-N13 and P18716-N13. alternative_title: - LNCS article_processing_charge: No author: - first_name: Nicole M. full_name: Artner, Nicole M. last_name: Artner - first_name: Adrian full_name: Ion, Adrian id: 29F89302-F248-11E8-B48F-1D18A9856A87 last_name: Ion - first_name: Walter G. full_name: Kropatsch, Walter G. last_name: Kropatsch citation: ama: 'Artner NM, Ion A, Kropatsch WG. Spatio-temporal extraction of articulated models in a graph pyramid. In: Jiang X, Ferrer M, Torsello A, eds. Graph-Based Representations in Pattern Recognition. Vol 6658. LNIP. Berlin, Heidelberg: Springer; 2011:215-224. doi:10.1007/978-3-642-20844-7_22' apa: 'Artner, N. M., Ion, A., & Kropatsch, W. G. (2011). Spatio-temporal extraction of articulated models in a graph pyramid. In X. Jiang, M. Ferrer, & A. Torsello (Eds.), Graph-Based Representations in Pattern Recognition (Vol. 6658, pp. 215–224). Berlin, Heidelberg: Springer. https://doi.org/10.1007/978-3-642-20844-7_22' chicago: 'Artner, Nicole M., Adrian Ion, and Walter G. Kropatsch. “Spatio-Temporal Extraction of Articulated Models in a Graph Pyramid.” In Graph-Based Representations in Pattern Recognition, edited by Xiaoyi Jiang, Miquel Ferrer, and Andrea Torsello, 6658:215–24. LNIP. Berlin, Heidelberg: Springer, 2011. https://doi.org/10.1007/978-3-642-20844-7_22.' ieee: N. M. Artner, A. Ion, and W. G. Kropatsch, “Spatio-temporal extraction of articulated models in a graph pyramid,” in Graph-Based Representations in Pattern Recognition, Münster, Germany, 2011, vol. 6658, pp. 215–224. ista: 'Artner NM, Ion A, Kropatsch WG. 2011. Spatio-temporal extraction of articulated models in a graph pyramid. Graph-Based Representations in Pattern Recognition. GbRPR: Graph-based Representations in Pattern RecognitionLNIP, LNCS, vol. 6658, 215–224.' mla: Artner, Nicole M., et al. “Spatio-Temporal Extraction of Articulated Models in a Graph Pyramid.” Graph-Based Representations in Pattern Recognition, edited by Xiaoyi Jiang et al., vol. 6658, Springer, 2011, pp. 215–24, doi:10.1007/978-3-642-20844-7_22. short: N.M. Artner, A. Ion, W.G. Kropatsch, in:, X. Jiang, M. Ferrer, A. Torsello (Eds.), Graph-Based Representations in Pattern Recognition, Springer, Berlin, Heidelberg, 2011, pp. 215–224. conference: end_date: 2011-05-20 location: Münster, Germany name: 'GbRPR: Graph-based Representations in Pattern Recognition' start_date: 2011-05-18 date_created: 2022-03-21T08:08:35Z date_published: 2011-06-01T00:00:00Z date_updated: 2023-09-05T14:10:15Z day: '01' department: - _id: HeEd doi: 10.1007/978-3-642-20844-7_22 editor: - first_name: Xiaoyi full_name: Jiang, Xiaoyi last_name: Jiang - first_name: Miquel full_name: Ferrer, Miquel last_name: Ferrer - first_name: Andrea full_name: Torsello, Andrea last_name: Torsello intvolume: ' 6658' language: - iso: eng month: '06' oa_version: None page: 215-224 place: Berlin, Heidelberg publication: Graph-Based Representations in Pattern Recognition publication_identifier: eisbn: - '9783642208447' eissn: - 1611-3349 isbn: - '9783642208430' issn: - 0302-9743 publication_status: published publisher: Springer quality_controlled: '1' scopus_import: '1' series_title: LNIP status: public title: Spatio-temporal extraction of articulated models in a graph pyramid type: conference user_id: c635000d-4b10-11ee-a964-aac5a93f6ac1 volume: 6658 year: '2011' ... --- _id: '10908' abstract: - lang: eng text: We present ABC, a software tool for automatically computing symbolic upper bounds on the number of iterations of nested program loops. The system combines static analysis of programs with symbolic summation techniques to derive loop invariant relations between program variables. Iteration bounds are obtained from the inferred invariants, by replacing variables with bounds on their greatest values. We have successfully applied ABC to a large number of examples. The derived symbolic bounds express non-trivial polynomial relations over loop variables. We also report on results to automatically infer symbolic expressions over harmonic numbers as upper bounds on loop iteration counts. acknowledgement: This work was supported in part by the Swiss NSF. The fourth author is supported by an FWF Hertha Firnberg Research grant (T425-N23). article_processing_charge: No author: - first_name: Régis full_name: Blanc, Régis last_name: Blanc - first_name: Thomas A full_name: Henzinger, Thomas A id: 40876CD8-F248-11E8-B48F-1D18A9856A87 last_name: Henzinger orcid: 0000-0002-2985-7724 - first_name: Thibaud full_name: Hottelier, Thibaud last_name: Hottelier - first_name: Laura full_name: Kovács, Laura last_name: Kovács citation: ama: 'Blanc R, Henzinger TA, Hottelier T, Kovács L. ABC: Algebraic Bound Computation for loops. In: Clarke EM, Voronkov A, eds. Logic for Programming, Artificial Intelligence, and Reasoning. Vol 6355. LNCS. Berlin, Heidelberg: Springer Nature; 2010:103-118. doi:10.1007/978-3-642-17511-4_7' apa: 'Blanc, R., Henzinger, T. A., Hottelier, T., & Kovács, L. (2010). ABC: Algebraic Bound Computation for loops. In E. M. Clarke & A. Voronkov (Eds.), Logic for Programming, Artificial Intelligence, and Reasoning (Vol. 6355, pp. 103–118). Berlin, Heidelberg: Springer Nature. https://doi.org/10.1007/978-3-642-17511-4_7' chicago: 'Blanc, Régis, Thomas A Henzinger, Thibaud Hottelier, and Laura Kovács. “ABC: Algebraic Bound Computation for Loops.” In Logic for Programming, Artificial Intelligence, and Reasoning, edited by Edmund M Clarke and Andrei Voronkov, 6355:103–18. LNCS. Berlin, Heidelberg: Springer Nature, 2010. https://doi.org/10.1007/978-3-642-17511-4_7.' ieee: 'R. Blanc, T. A. Henzinger, T. Hottelier, and L. Kovács, “ABC: Algebraic Bound Computation for loops,” in Logic for Programming, Artificial Intelligence, and Reasoning, Dakar, Senegal, 2010, vol. 6355, pp. 103–118.' ista: 'Blanc R, Henzinger TA, Hottelier T, Kovács L. 2010. ABC: Algebraic Bound Computation for loops. Logic for Programming, Artificial Intelligence, and Reasoning. LPAR: Conference on Logic for Programming, Artificial Intelligence and ReasoningLNCS vol. 6355, 103–118.' mla: 'Blanc, Régis, et al. “ABC: Algebraic Bound Computation for Loops.” Logic for Programming, Artificial Intelligence, and Reasoning, edited by Edmund M Clarke and Andrei Voronkov, vol. 6355, Springer Nature, 2010, pp. 103–18, doi:10.1007/978-3-642-17511-4_7.' short: R. Blanc, T.A. Henzinger, T. Hottelier, L. Kovács, in:, E.M. Clarke, A. Voronkov (Eds.), Logic for Programming, Artificial Intelligence, and Reasoning, Springer Nature, Berlin, Heidelberg, 2010, pp. 103–118. conference: end_date: 2010-05-01 location: Dakar, Senegal name: 'LPAR: Conference on Logic for Programming, Artificial Intelligence and Reasoning' start_date: 2010-04-25 date_created: 2022-03-21T08:14:35Z date_published: 2010-05-01T00:00:00Z date_updated: 2022-06-13T07:44:21Z day: '01' department: - _id: ToHe doi: 10.1007/978-3-642-17511-4_7 editor: - first_name: Edmund M full_name: Clarke, Edmund M last_name: Clarke - first_name: Andrei full_name: Voronkov, Andrei last_name: Voronkov intvolume: ' 6355' language: - iso: eng main_file_link: - open_access: '1' url: https://infoscience.epfl.ch/record/186096 month: '05' oa: 1 oa_version: Submitted Version page: 103-118 place: Berlin, Heidelberg publication: Logic for Programming, Artificial Intelligence, and Reasoning publication_identifier: eisbn: - '9783642175114' eissn: - 1611-3349 isbn: - '9783642175107' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' series_title: LNCS status: public title: 'ABC: Algebraic Bound Computation for loops' type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 6355 year: '2010' ... --- _id: '11801' abstract: - lang: eng text: "Web search engines have emerged as one of the central applications on the internet. In fact, search has become one of the most important activities that people engage in on the Internet. Even beyond becoming the number one source of information, a growing number of businesses are depending on web search engines for customer acquisition. In this talk I will brief review the history of web search engines: The first generation of web search engines used text-only retrieval techniques. Google revolutionized the field by deploying the PageRank technology – an eigenvector-based analysis of the hyperlink structure- to analyze the web in order to produce relevant results. Moving forward, our goal is to achieve a better understanding of a page with a view towards producing even more relevant results.\r\n\r\nGoogle is powered by a large number of PCs. Using this infrastructure and striving to be as efficient as possible poses challenging systems problems but also various algorithmic challenges. I will discuss some of them in my talk." alternative_title: - LNCS article_processing_charge: No author: - first_name: Monika H full_name: Henzinger, Monika H id: 540c9bbd-f2de-11ec-812d-d04a5be85630 last_name: Henzinger orcid: 0000-0002-5008-6530 citation: ama: 'Henzinger MH. Algorithmic aspects of web search engines. In: 2th Annual European Symposium on Algorithms. Vol 3221. Springer Nature; 2004:3. doi:10.1007/978-3-540-30140-0_2' apa: 'Henzinger, M. H. (2004). Algorithmic aspects of web search engines. In 2th Annual European Symposium on Algorithms (Vol. 3221, p. 3). Bergen, Norway: Springer Nature. https://doi.org/10.1007/978-3-540-30140-0_2' chicago: Henzinger, Monika H. “Algorithmic Aspects of Web Search Engines.” In 2th Annual European Symposium on Algorithms, 3221:3. Springer Nature, 2004. https://doi.org/10.1007/978-3-540-30140-0_2. ieee: M. H. Henzinger, “Algorithmic aspects of web search engines,” in 2th Annual European Symposium on Algorithms, Bergen, Norway, 2004, vol. 3221, p. 3. ista: 'Henzinger MH. 2004. Algorithmic aspects of web search engines. 2th Annual European Symposium on Algorithms. ESA: European Symposium on Algorithms, LNCS, vol. 3221, 3.' mla: Henzinger, Monika H. “Algorithmic Aspects of Web Search Engines.” 2th Annual European Symposium on Algorithms, vol. 3221, Springer Nature, 2004, p. 3, doi:10.1007/978-3-540-30140-0_2. short: M.H. Henzinger, in:, 2th Annual European Symposium on Algorithms, Springer Nature, 2004, p. 3. conference: end_date: 2004-09-17 location: Bergen, Norway name: 'ESA: European Symposium on Algorithms' start_date: 2004-09-14 date_created: 2022-08-11T13:18:05Z date_published: 2004-09-01T00:00:00Z date_updated: 2023-02-13T11:47:26Z day: '01' doi: 10.1007/978-3-540-30140-0_2 extern: '1' intvolume: ' 3221' language: - iso: eng month: '09' oa_version: None page: '3' publication: 2th Annual European Symposium on Algorithms publication_identifier: eissn: - 1611-3349 isbn: - ' 3540230254' issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: Algorithmic aspects of web search engines type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 3221 year: '2004' ... --- _id: '11800' abstract: - lang: eng text: "Web search engines have emerged as one of the central applications on the Internet. In fact, search has become one of the most important activities that people engage in on the the Internet. Even beyond becoming the number one source of information, a growing number of businesses are depending on web search engines for customer acquisition.\r\n\r\nThe first generation of web search engines used text-only retrieval techniques. Google revolutionized the field by deploying the PageRank technology – an eigenvector-based analysis of the hyperlink structure – to analyze the web in order to produce relevant results. Moving forward, our goal is to achieve a better understanding of a page with a view towards producing even more relevant results." alternative_title: - LNCS article_processing_charge: No author: - first_name: Monika H full_name: Henzinger, Monika H id: 540c9bbd-f2de-11ec-812d-d04a5be85630 last_name: Henzinger orcid: 0000-0002-5008-6530 citation: ama: 'Henzinger MH. The past, present, and future of web search engines. In: 31st International Colloquium on Automata, Languages and Programming. Vol 3142. Springer Nature; 2004:3. doi:10.1007/978-3-540-27836-8_2' apa: 'Henzinger, M. H. (2004). The past, present, and future of web search engines. In 31st International Colloquium on Automata, Languages and Programming (Vol. 3142, p. 3). Turku, Finland: Springer Nature. https://doi.org/10.1007/978-3-540-27836-8_2' chicago: Henzinger, Monika H. “The Past, Present, and Future of Web Search Engines.” In 31st International Colloquium on Automata, Languages and Programming, 3142:3. Springer Nature, 2004. https://doi.org/10.1007/978-3-540-27836-8_2. ieee: M. H. Henzinger, “The past, present, and future of web search engines,” in 31st International Colloquium on Automata, Languages and Programming, Turku, Finland, 2004, vol. 3142, p. 3. ista: 'Henzinger MH. 2004. The past, present, and future of web search engines. 31st International Colloquium on Automata, Languages and Programming. ICALP: International Colloquium on Automata, Languages, and Programming, LNCS, vol. 3142, 3.' mla: Henzinger, Monika H. “The Past, Present, and Future of Web Search Engines.” 31st International Colloquium on Automata, Languages and Programming, vol. 3142, Springer Nature, 2004, p. 3, doi:10.1007/978-3-540-27836-8_2. short: M.H. Henzinger, in:, 31st International Colloquium on Automata, Languages and Programming, Springer Nature, 2004, p. 3. conference: end_date: 2004-07-16 location: Turku, Finland name: 'ICALP: International Colloquium on Automata, Languages, and Programming' start_date: 2004-07-12 date_created: 2022-08-11T12:38:58Z date_published: 2004-07-01T00:00:00Z date_updated: 2023-02-13T11:45:25Z day: '01' doi: 10.1007/978-3-540-27836-8_2 extern: '1' intvolume: ' 3142' language: - iso: eng month: '07' oa_version: None page: '3' publication: 31st International Colloquium on Automata, Languages and Programming publication_identifier: eissn: - 1611-3349 issn: - 0302-9743 publication_status: published publisher: Springer Nature quality_controlled: '1' scopus_import: '1' status: public title: The past, present, and future of web search engines type: conference user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87 volume: 3142 year: '2004' ...