-
Attempting the impossible: enumerating extremal submodular functions for n=6
Authors:
Elod P. Csirmaz,
Laszlo Csirmaz
Abstract:
Enumerating the extremal submodular functions defined on subsets of a fixed base set has only been done for base sets up to five elements. This paper reports the results of attempting to generate all such functions on a six-element base set. Using improved tools from polyhedral geometry, we have computed 360 billion of them, and provide the first reasonable estimate of their total number, which is…
▽ More
Enumerating the extremal submodular functions defined on subsets of a fixed base set has only been done for base sets up to five elements. This paper reports the results of attempting to generate all such functions on a six-element base set. Using improved tools from polyhedral geometry, we have computed 360 billion of them, and provide the first reasonable estimate of their total number, which is expected to be between 1,000 and 10,000 times this number. The applied Double Description and Adjacency Decomposition methods require an insertion order of the defining inequalities. We introduce two novel orders, which speed up the computations significantly, and provide additional insight into the highly symmetric structure of submodular functions. We also present an improvement to the combinatorial test used as part of the Double Description method, and use statistical analyses to estimate the degeneracy of the polyhedral cone used to describe these functions. The statistical results also highlight the limitations of the applied methods.
△ Less
Submitted 20 October, 2024;
originally announced October 2024.
-
A short proof of the Gács--Körner theorem
Authors:
Laszlo Csirmaz
Abstract:
We present a short proof of a celebrated result of Gács and Körner giving sufficient and necessary condition on the joint distribution of two discrete random variables $X$ and $Y$ for the case when their mutual information matches the extractable (in the limit) common information. Our proof is based on the observation that the mere existence of certain random variables jointly distributed with…
▽ More
We present a short proof of a celebrated result of Gács and Körner giving sufficient and necessary condition on the joint distribution of two discrete random variables $X$ and $Y$ for the case when their mutual information matches the extractable (in the limit) common information. Our proof is based on the observation that the mere existence of certain random variables jointly distributed with $X$ and $Y$ can impose restriction on all random variables jointly distributed with $X$ and $Y$.
△ Less
Submitted 25 September, 2023; v1 submitted 26 June, 2023;
originally announced June 2023.
-
Synchronizing Many Filesystems in Near Linear Time
Authors:
Elod P. Csirmaz,
Laszlo Csirmaz
Abstract:
Finding a provably correct subquadratic synchronization algorithm for many filesystem replicas is one of the main theoretical problems in Operational Transformation (OT) and Conflict-free Replicated Data Types (CRDT) frameworks. Based on the Algebraic Theory of Filesystems, which incorporates non-commutative filesystem commands natively, we developed and built a proof-of-concept implementation of…
▽ More
Finding a provably correct subquadratic synchronization algorithm for many filesystem replicas is one of the main theoretical problems in Operational Transformation (OT) and Conflict-free Replicated Data Types (CRDT) frameworks. Based on the Algebraic Theory of Filesystems, which incorporates non-commutative filesystem commands natively, we developed and built a proof-of-concept implementation of an algorithm suite which synchronizes an arbitrary number of replicas. The result is provably correct, and the synchronized system is created in linear space and time after an initial sorting phase. It works by identifying conflicting command pairs and requesting one of the commands to be removed. The method can be guided to reach any of the theoretically possible synchronized states. The algorithm also allows asynchronous usage. After the client sends a synchronization request, the local replica remains available for further modifications. When the synchronization instructions arrive, they can be merged with the changes made since the synchronization request. The suite also works on filesystems with directed acyclic graph-based path structure in place of the traditional tree-like arrangement. Consequently, our algorithms apply to filesystems with hard or soft links as long as the links create no loops.
△ Less
Submitted 17 May, 2023; v1 submitted 19 February, 2023;
originally announced February 2023.
-
Data Synchronization: A Complete Theoretical Solution for Filesystems
Authors:
Elod P. Csirmaz,
Laszlo Csirmaz
Abstract:
Data reconciliation in general, and filesystem synchronization in particular, lacks rigorous theoretical foundation. This paper presents, for the first time, a complete analysis of synchronization for two replicas of a theoretical filesystem. Synchronization has two main stages: identifying the conflicts, and resolving them. All existing (both theoretical and practical) synchronizers are operation…
▽ More
Data reconciliation in general, and filesystem synchronization in particular, lacks rigorous theoretical foundation. This paper presents, for the first time, a complete analysis of synchronization for two replicas of a theoretical filesystem. Synchronization has two main stages: identifying the conflicts, and resolving them. All existing (both theoretical and practical) synchronizers are operation-based: they define, using some rationale or heuristics, how conflicts are to be resolved without considering the effect of the resolution on subsequent conflicts. Instead, our approach is declaration-based: we define what constitutes the resolution of all conflicts, and for each possible scenario we prove the existence of sequences of operations / commands which convert the replicas into a common synchronized state. These sequences consist of operations rolling back some local changes, followed by operations performed on the other replica. The set of rolled-back operations provides the user with clear and intuitive information on the proposed changes, so she can easily decide whether to accept them or ask for other alternatives. All possible synchronized states are described by specifying a set of conflicts, a partial order on the conflicts describing the order in which they need to be resolved, as well as the effect of each decision on subsequent conflicts. Using this classification, the outcomes of different conflict resolution policies can be investigated easily.
△ Less
Submitted 12 November, 2022; v1 submitted 10 October, 2022;
originally announced October 2022.
-
Algebra of Data Reconciliation
Authors:
Elod P. Csirmaz,
Laszlo Csirmaz
Abstract:
With distributed computing and mobile applications becoming ever more prevalent, synchronizing diverging replicas of the same data is a common problem. Reconciliation -- bringing two replicas of the same data structure as close as possible without overriding local changes -- is investigated in an algebraic model. Our approach is to consider two sequences of simple commands that describe the change…
▽ More
With distributed computing and mobile applications becoming ever more prevalent, synchronizing diverging replicas of the same data is a common problem. Reconciliation -- bringing two replicas of the same data structure as close as possible without overriding local changes -- is investigated in an algebraic model. Our approach is to consider two sequences of simple commands that describe the changes in the replicas compared to the original structure, and then determine the maximal subsequences of each that can be propagated to the other. The proposed command set is shown to be functionally complete, and an update detection algorithm is presented which produces a command sequence transforming the original data structure into the replica while traversing both simultaneously. Syntactical characterization is provided in terms of a rewriting system for semantically equivalent command sequences. Algebraic properties of sequence pairs that are applicable to the same data structure are investigated. Based on these results the reconciliation problem is shown to have a unique maximal solution. In addition, syntactical properties of the maximal solution allow for an efficient algorithm that produces it.
△ Less
Submitted 9 August, 2022; v1 submitted 12 October, 2021;
originally announced October 2021.
-
Bipartite secret sharing and staircases
Authors:
Laszlo Csirmaz,
František Matúš,
Carles Padró
Abstract:
Bipartite secret sharing schemes have a bipartite access structure in which the set of participants is divided into two parts and all participants in the same part play an equivalent role. Such a bipartite scheme can be described by a \emph{staircase}: the collection of its minimal points. The complexity of a scheme is the maximal share size relative to the secret size; and the $κ$-complexity of a…
▽ More
Bipartite secret sharing schemes have a bipartite access structure in which the set of participants is divided into two parts and all participants in the same part play an equivalent role. Such a bipartite scheme can be described by a \emph{staircase}: the collection of its minimal points. The complexity of a scheme is the maximal share size relative to the secret size; and the $κ$-complexity of an access structure is the best lower bound provided by the entropy method. An access structure is $κ$-ideal if it has $κ$-complexity 1. Motivated by the abundance of open problems in this area, the main results can be summarized as follows. First, a new characterization of $κ$-ideal multipartite access structures is given which offers a straightforward and simple approach to describe ideal bipartite and tripartite access structures. Second, the $κ$-complexity is determined for a range of bipartite access structures, including those determined by two points, staircases with equal widths and heights, and staircases with all heights 1. Third, matching linear schemes are presented for some non-ideal cases, including staircases where all heights are 1 and all widths are equal. Finally, finding the Shannon complexity of a bipartite access structure can be considered as a discrete submodular optimization problem. An interesting and intriguing continuous version is defined which might give further insight to the large-scale behavior of these optimization problems.
△ Less
Submitted 5 October, 2023; v1 submitted 8 March, 2021;
originally announced March 2021.
-
An optimization problem for continuous submodular functions
Authors:
Laszlo Csirmaz
Abstract:
Real continuous submodular functions, as a generalization of the corresponding discrete notion to the continuous domain, gained considerable attention recently. The analog notion for entropy functions requires additional properties: a real function defined on the non-negative orthant of $\mathbb R^n$ is entropy-like (EL) if it is submodular, takes zero at zero, non-decreasing, and has the Diminish…
▽ More
Real continuous submodular functions, as a generalization of the corresponding discrete notion to the continuous domain, gained considerable attention recently. The analog notion for entropy functions requires additional properties: a real function defined on the non-negative orthant of $\mathbb R^n$ is entropy-like (EL) if it is submodular, takes zero at zero, non-decreasing, and has the Diminishing Returns property.
Motivated by problems concerning the Shannon complexity of multipartite secret sharing, a special case of the following general optimization problem is considered: find the minimal cost of those EL functions which satisfy certain constraints.
In our special case the cost of an EL function is the maximal value of the $n$ partial derivatives at zero. Another possibility could be the supremum of the function range. The constraints are specified by a smooth bounded surface $S$ cutting off a downward closed subset. An EL function is feasible if at the internal points of $S$ the left and right partial derivatives of the function differ by at least one.
A general lower bound for the minimal cost is given in terms of the normals of the surface $S$. The bound is tight when $S$ is linear. In the two-dimensional case the same bound is tight for convex or concave $S$. It is shown that the optimal EL function is not necessarily unique. The paper concludes with several open problems.
△ Less
Submitted 11 February, 2021; v1 submitted 26 September, 2020;
originally announced September 2020.
-
Sticky polymatroids on at most five elements
Authors:
Laszlo Csirmaz
Abstract:
The sticky polymatroid conjecture states that any two extensions of the polymatroid have an amalgam if and only if the polymatroid has no non-modular pairs of flats. We show that the conjecture holds for polymatroids on five or less elements.
The sticky polymatroid conjecture states that any two extensions of the polymatroid have an amalgam if and only if the polymatroid has no non-modular pairs of flats. We show that the conjecture holds for polymatroids on five or less elements.
△ Less
Submitted 3 February, 2020; v1 submitted 11 November, 2019;
originally announced November 2019.
-
Secret sharing and duality
Authors:
Laszlo Csirmaz
Abstract:
Secret sharing is an important building block in cryptography. All explicitly defined secret sharing schemes with known exact complexity bounds are multi-linear, thus are closely related to linear codes. The dual of such a linear scheme, in the sense of duality of linear codes, gives another scheme for the dual access structure. These schemes have the same complexity, namely the largest share size…
▽ More
Secret sharing is an important building block in cryptography. All explicitly defined secret sharing schemes with known exact complexity bounds are multi-linear, thus are closely related to linear codes. The dual of such a linear scheme, in the sense of duality of linear codes, gives another scheme for the dual access structure. These schemes have the same complexity, namely the largest share size relative to the secret size is the same. It is a long-standing open problem whether this fact is true in general: the complexity of any access structure is the same as the complexity of its dual. We give an almost answer to this question. An almost perfect scheme allows negligible errors, both in the recovery and in the independence. There exists an almost perfect ideal scheme on 174 participants whose complexity is strictly smaller than that of its dual.
△ Less
Submitted 3 February, 2020; v1 submitted 30 September, 2019;
originally announced September 2019.
-
Sticky matroids and convolution
Authors:
Laszlo Csirmaz
Abstract:
Motivated by the characterization of the lattice of cyclic flats of a matroid, the convolution of a ranked lattice and a discrete measure is defined, generalizing polymatroid convolution. Using the convolution technique we prove that if a matroid has a non-principal modular cut then it is not sticky. A similar statement for matroids has been proved in [8] using different technique.
Motivated by the characterization of the lattice of cyclic flats of a matroid, the convolution of a ranked lattice and a discrete measure is defined, generalizing polymatroid convolution. Using the convolution technique we prove that if a matroid has a non-principal modular cut then it is not sticky. A similar statement for matroids has been proved in [8] using different technique.
△ Less
Submitted 2 October, 2019; v1 submitted 5 September, 2019;
originally announced September 2019.
-
Complexity of universal access structures
Authors:
Laszlo Csirmaz
Abstract:
An important parameter in a secret sharing scheme is the number of minimal qualified sets. Given this number, the universal access structure is the richest possible structure, namely the one in which there are one or more participants in every possible Boolean combination of the minimal qualified sets. Every access structure is a substructure of the universal structure for the same number of minim…
▽ More
An important parameter in a secret sharing scheme is the number of minimal qualified sets. Given this number, the universal access structure is the richest possible structure, namely the one in which there are one or more participants in every possible Boolean combination of the minimal qualified sets. Every access structure is a substructure of the universal structure for the same number of minimal qualified subsets, thus universal access structures have the highest complexity given the number of minimal qualified sets. We show that the complexity of the universal structure with $n$ minimal qualified sets is between $n/\log_2 n$ and $n/2.7182$ asymptotically.
△ Less
Submitted 14 August, 2019;
originally announced August 2019.
-
One-adhesive polymatroids
Authors:
Laszlo Csirmaz
Abstract:
Adhesive polymatroids were defined by F. Matúš motivated by entropy functions. Two polymatroids are adhesive if they can be glued together along their joint part in a modular way; and are one-adhesive, if one of them has a single point outside their intersection. It is shown that two polymatroids are one-adhesive if and only if two closely related polymatroids have any extension. Using this result…
▽ More
Adhesive polymatroids were defined by F. Matúš motivated by entropy functions. Two polymatroids are adhesive if they can be glued together along their joint part in a modular way; and are one-adhesive, if one of them has a single point outside their intersection. It is shown that two polymatroids are one-adhesive if and only if two closely related polymatroids have any extension. Using this result, adhesive polymatroid pairs on a five-element set are characterized.
△ Less
Submitted 27 August, 2019; v1 submitted 16 April, 2019;
originally announced April 2019.
-
Inner approximation algorithm for solving linear multiobjective optimization problems
Authors:
Laszlo Csirmaz
Abstract:
Benson's outer approximation algorithm and its variants are the most frequently used methods for solving linear multiobjective optimization problems. These algorithms have two intertwined components: one-dimensional linear optimization one one hand, and a combinatorial part closely related to vertex numeration on the other. Their separation provides a deeper insight into Benson's algorithm, and po…
▽ More
Benson's outer approximation algorithm and its variants are the most frequently used methods for solving linear multiobjective optimization problems. These algorithms have two intertwined components: one-dimensional linear optimization one one hand, and a combinatorial part closely related to vertex numeration on the other. Their separation provides a deeper insight into Benson's algorithm, and points toward a dual approach. Two skeletal algorithms are defined which focus on the combinatorial part. Using different single-objective optimization problems - called oracle calls - yield different algorithms, such as a sequential convex hull algorithm, another version of Benson's algorithm with the theoretically best possible iteration count, the dual algorithm of Ehrgott, Löhne and Shao, and the new algorithm. The new algorithm has several advantages. First, the corresponding one-dimensional optimization problem uses the original constraints without adding any extra variables or constraints. Second, its iteration count meets the theoretically best possible one. As a dual algorithm, it is sequential: in each iteration it produces an extremal solution, thus can be aborted when a satisfactory solution is found. The Pareto front can be "probed" or "scanned" from several directions at any moment without adversely affecting the efficiency. Finally, it is well suited to handle highly degenerate problems where there are many linear dependencies among the constraints. On problems with ten or more objectives the implementation shows a significant increase in efficiency compared to Bensolve - due to the reduced number of iterations and the improved combinatorial handling.
△ Less
Submitted 20 March, 2019; v1 submitted 6 August, 2018;
originally announced August 2018.
-
Secret sharing on large girth graphs
Authors:
Laszlo Csirmaz,
Peter Ligeti
Abstract:
We investigate graph based secret sharing schemes and its information ratio, also called complexity, measuring the maximal amount of information the vertices has to store. It was conjectured that in large girth graphs, where the interaction between far away nodes is restricted to a single path, this ratio is bounded. This conjecture was supported by several result, most notably by a result of Csir…
▽ More
We investigate graph based secret sharing schemes and its information ratio, also called complexity, measuring the maximal amount of information the vertices has to store. It was conjectured that in large girth graphs, where the interaction between far away nodes is restricted to a single path, this ratio is bounded. This conjecture was supported by several result, most notably by a result of Csirmaz and Ligeti saying that the complexity of graphs with girth at least six and no neighboring high degree vertices is strictly below 2. In this paper we refute the above conjecture. First, a family of $d$-regular graphs is defined iteratively such that the complexity of these graphs is the largest possible $(d+1)/2$ allowed by Stinson's bound. This part extends earlier results of van Dijk and Blundo et al, and uses the so-called entropy method. Second, using combinatorial arguments, we show that this family contains graphs with arbitrary large girth. In particular, we obtain the following purely combinatorial result, which might be interesting on its own: there are $d$-regular graphs with arbitrary large girth such that any fractional edge-cover by stars (or by complete multipartite graphs) must cover some vertex $(d+1)/2$ times.
△ Less
Submitted 30 May, 2017;
originally announced May 2017.
-
On-line secret sharing
Authors:
Laszlo Csirmaz,
Gábor Tardos
Abstract:
In an on-line secret sharing scheme the dealer assigns shares in the order the participants show up, knowing only those qualified subsets whose all members she has seen. We assume that the overall access structure is known and only the order of the participants is unknown. On-line secret sharing is a useful primitive when the set of participants grows in time, and redistributing the secret is too…
▽ More
In an on-line secret sharing scheme the dealer assigns shares in the order the participants show up, knowing only those qualified subsets whose all members she has seen. We assume that the overall access structure is known and only the order of the participants is unknown. On-line secret sharing is a useful primitive when the set of participants grows in time, and redistributing the secret is too expensive. In this paper we start the investigation of unconditionally secure on-line secret sharing schemes. The complexity of a secret sharing scheme is the size of the largest share a single participant can receive over the size of the secret. The infimum of this amount in the on-line or off-line setting is the on-line or off-line complexity of the access structure, respectively. For paths on at most five vertices and cycles on at most six vertices the on-line and offline complexities are equal, while for other paths and cycles these values differ. We show that the gap between these values can be arbitrarily large even for graph based access structures. We present a general on-line secret sharing scheme that we call first-fit. Its complexity is the maximal degree of the access structure. We show, however, that this on-line scheme is never optimal: the on-line complexity is always strictly less than the maximal degree. On the other hand, we give examples where the first-fit scheme is almost optimal, namely, the on-line complexity can be arbitrarily close to the maximal degree. The performance ratio is the ratio of the on-line and off-line complexities of the same access structure. We show that for graphs the performance ratio is smaller than the number of vertices, and for an infinite family of graphs the performance ratio is at least constant times the square root of the number of vertices.
△ Less
Submitted 6 February, 2014;
originally announced February 2014.
-
Book inequalities
Authors:
Laszlo Csirmaz
Abstract:
Information theoretical inequalities have strong ties with polymatroids and their representability. A polymatroid is entropic if its rank function is given by the Shannon entropy of the subsets of some discrete random variables. The book is a special iterated adhesive extension of a polymatroid with the property that entropic polymatroids have $n$-page book extensions over an arbitrary spine. We p…
▽ More
Information theoretical inequalities have strong ties with polymatroids and their representability. A polymatroid is entropic if its rank function is given by the Shannon entropy of the subsets of some discrete random variables. The book is a special iterated adhesive extension of a polymatroid with the property that entropic polymatroids have $n$-page book extensions over an arbitrary spine. We prove that every polymatroid has an $n$-page book extension over a single element and over an all-but-one-element spine. Consequently, for polymatroids on four elements, only book extensions over a two-element spine should be considered. F. Matúš proved that the Zhang-Yeung inequalities characterize polymatroids on four elements which have such a 2-page book extension. The $n$-page book inequalities, defined in this paper, are conjectured to characterize polymatroids on four elements which have $n$-page book extensions over a two-element spine. We prove that the condition is necessary; consequently every book inequality is an information inequality on four random variables. Using computer-aided multiobjective optimization, the sufficiency of the condition is verified up to 9-page book extensions.
△ Less
Submitted 29 May, 2014; v1 submitted 23 December, 2013;
originally announced December 2013.
-
Erdős-Pyber theorem for hypergraphs and secret sharing
Authors:
László Csirmaz,
Péter Ligeti,
Gábor Tardos
Abstract:
A new, constructive proof with a small explicit constant is given to the Erdős-Pyber theorem which says that the edges of a graph on $n$ vertices can be partitioned into complete bipartite subgraphs so that every vertex is covered at most $O(n/\log n)$ times. The theorem is generalized to uniform hypergraphs. Similar bounds with smaller constant value is provided for fractional partitioning both f…
▽ More
A new, constructive proof with a small explicit constant is given to the Erdős-Pyber theorem which says that the edges of a graph on $n$ vertices can be partitioned into complete bipartite subgraphs so that every vertex is covered at most $O(n/\log n)$ times. The theorem is generalized to uniform hypergraphs. Similar bounds with smaller constant value is provided for fractional partitioning both for graphs and for uniform hypergraphs. We show that these latter constants cannot be improved by more than a factor of 1.89 even for fractional covering by arbitrary complete multipartite subgraphs or subhypergraphs. In the case every vertex of the graph is connected to at least $n-m$ other vertices, we prove the existence of a fractional covering of the edges by complete bipartite graphs such that every vertex is covered at most $O(m/\log m)$ times, with only a slightly worse explicit constant. This result also generalizes to uniform hypergraphs. Our results give new improved bounds on the complexity of graph and uniform hypergraph based secret sharing schemes, and show the limits of the method at the same time.
△ Less
Submitted 20 November, 2013;
originally announced November 2013.
-
Infinite Probabilistic Secret Sharing
Authors:
László Csirmaz
Abstract:
A probabilistic secret sharing scheme is a joint probability distribution of the shares and the secret together with a collection of secret recovery functions. The study of schemes using arbitrary probability spaces and unbounded number of participants allows us to investigate their abstract properties, to connect the topic to other branches of mathematics, and to discover new design paradigms. A…
▽ More
A probabilistic secret sharing scheme is a joint probability distribution of the shares and the secret together with a collection of secret recovery functions. The study of schemes using arbitrary probability spaces and unbounded number of participants allows us to investigate their abstract properties, to connect the topic to other branches of mathematics, and to discover new design paradigms. A scheme is perfect if unqualified subsets have no information on the secret, that is, their total share is independent of the secret. By relaxing this security requirement, three other scheme types are defined. Our first result is that every (infinite) access structure can be realized by a perfect scheme where the recovery functions are non-measurable. The construction is based on a paradoxical pair of independent random variables which determine each other. Restricting the recovery functions to be measurable ones, we give a complete characterization of access structures realizable by each type of the schemes. In addition, either a vector-space or a Hilbert-space based scheme is constructed realizing the access structure. While the former one uses the traditional uniform distributions, the latter one uses Gaussian distributions, leading to a new design paradigm.
△ Less
Submitted 24 October, 2022; v1 submitted 28 October, 2013;
originally announced October 2013.
-
Infinite Secret Sharing -- Examples
Authors:
Alexander Dibert,
László Csirmaz
Abstract:
The motivation for extending secret sharing schemes to cases when either the set of players is infinite or the domain from which the secret and/or the shares are drawn is infinite or both, is similar to the case when switching to abstract probability spaces from classical combinatorial probability. It might shed new light on old problems, could connect seemingly unrelated problems, and unify diver…
▽ More
The motivation for extending secret sharing schemes to cases when either the set of players is infinite or the domain from which the secret and/or the shares are drawn is infinite or both, is similar to the case when switching to abstract probability spaces from classical combinatorial probability. It might shed new light on old problems, could connect seemingly unrelated problems, and unify diverse phenomena.
Definitions equivalent in the finitary case could be very much different when switching to infinity, signifying their difference. The standard requirement that qualified subsets should be able to determine the secret has different interpretations in spite of the fact that, by assumption, all participants have infinite computing power. The requirement that unqualified subsets should have no, or limited information on the secret suggests that we also need some probability distribution. In the infinite case events with zero probability are not necessarily impossible, and we should decide whether bad events with zero probability are allowed or not.
In this paper, rather than giving precise definitions, we enlist an abundance of hopefully interesting infinite secret sharing schemes. These schemes touch quite diverse areas of mathematics such as projective geometry, stochastic processes and Hilbert spaces. Nevertheless our main tools are from probability theory. The examples discussed here serve as foundation and illustration to the more theory oriented companion paper.
△ Less
Submitted 28 October, 2013;
originally announced October 2013.
-
Entropy region and convolution
Authors:
František Matúš,
Lászlo Csirmaz
Abstract:
The entropy region is constructed from vectors of random variables by collecting Shannon entropies of all subvectors. Its shape is studied here by means of polymatroidal constructions, notably by convolution. The closure of the region is decomposed into the direct sum of tight and modular parts, reducing the study to the tight part. The relative interior of the reduction belongs to the entropy reg…
▽ More
The entropy region is constructed from vectors of random variables by collecting Shannon entropies of all subvectors. Its shape is studied here by means of polymatroidal constructions, notably by convolution. The closure of the region is decomposed into the direct sum of tight and modular parts, reducing the study to the tight part. The relative interior of the reduction belongs to the entropy region. Behavior of the decomposition under selfadhesivity is clarified. Results are specialized to and completed for the region of four random variables. This and computer experiments help to visualize approximations of a symmetrized part of the entropy region. Four-atom conjecture on the minimization of Ingleton score is refuted.
△ Less
Submitted 22 October, 2013;
originally announced October 2013.
-
Gruppen secret sharing, or, how to share several secrets if you must?
Authors:
Laszlo Csirmaz
Abstract:
Each member of an $n$-person team has a secret, say a password. The $k$ out of $n$ gruppen secret sharing requires that any group of $k$ members should be able to recover the secrets of the other $n-k$ members, while any group of $k-1$ or less members should have no information on the secret of other team member even if other secrets leak out. We prove that when all secrets are chosen independentl…
▽ More
Each member of an $n$-person team has a secret, say a password. The $k$ out of $n$ gruppen secret sharing requires that any group of $k$ members should be able to recover the secrets of the other $n-k$ members, while any group of $k-1$ or less members should have no information on the secret of other team member even if other secrets leak out. We prove that when all secrets are chosen independently and have size $s$, then each team member must have a share of size at least $(n-k)s$, and we present a scheme which achieves this bound when $s$ is large enough. This result shows a significant saving over $n$ independent applications of Shamir's $k$ out of $n-1$ threshold schemes which assigns shares of size $(n-1)s$ to each team member independently of $k$.
We also show how to set up such a scheme without any trusted dealer, and how the secrets can be recovered, possibly multiple times, without leaking information. We also discuss how our scheme fits to the much-investigated multiple secret sharing methods.
△ Less
Submitted 17 October, 2013;
originally announced October 2013.
-
Secret sharing on the $d$-dimensional cube
Authors:
Laszlo Csirmaz
Abstract:
We prove that for $d>1$ the best information ratio of the perfect secret sharing scheme based on the edge set of the $d$-dimensional cube is exactly $d/2$. Using the technique developed, we also prove that the information ratio of the infinite $d$-dimensional lattice is $d$.
We prove that for $d>1$ the best information ratio of the perfect secret sharing scheme based on the edge set of the $d$-dimensional cube is exactly $d/2$. Using the technique developed, we also prove that the information ratio of the infinite $d$-dimensional lattice is $d$.
△ Less
Submitted 17 October, 2013;
originally announced October 2013.
-
Using multiobjective optimization to map the entropy region of four random variables
Authors:
Laszlo Csirmaz
Abstract:
Presently the only available method of exploring the 15-dimensional entropy region formed by the entropies of four random variables is the one of Zhang and Yeung from 1998. It is argued that their method is equivalent to solving linear multiobjective optimization problems. Benson's outer approximation algorithm is a fundamental tool for solving these optimization problems. An improved version of B…
▽ More
Presently the only available method of exploring the 15-dimensional entropy region formed by the entropies of four random variables is the one of Zhang and Yeung from 1998. It is argued that their method is equivalent to solving linear multiobjective optimization problems. Benson's outer approximation algorithm is a fundamental tool for solving these optimization problems. An improved version of Benson's algorithm is described which requires solving one scalar linear program in each iteration rather than two or three as in previous versions. During the algorithm design special care was taken for numerical stability. The implemented algorithm was used to check previous statements about the entropy region, and to gain new information on that region. The experimental results demonstrate the viability of the method for determining the extremal set of medium size, numerically ill-posed optimization problems. With growing problem size two limitations of Benson's algorithm have been observed: the inefficiency of the scalar LP solver on one hand and the unexpectedly large number of intermediate vertices on the other.
△ Less
Submitted 28 October, 2013; v1 submitted 17 October, 2013;
originally announced October 2013.
-
Optimal information rate of secret sharing schemes on trees
Authors:
L. Csirmaz,
G. Tardos
Abstract:
The information rate for an access structure is the reciprocal of the load of the optimal secret sharing scheme for this structure. We determine this value for all trees: it is 1/(2-1/c), where c is the size of the largest core of the tree. A subset of the vertices of a tree is a core if it induces a connected subgraph and for each vertex in the subset one finds a neighbor outside the subset. Our…
▽ More
The information rate for an access structure is the reciprocal of the load of the optimal secret sharing scheme for this structure. We determine this value for all trees: it is 1/(2-1/c), where c is the size of the largest core of the tree. A subset of the vertices of a tree is a core if it induces a connected subgraph and for each vertex in the subset one finds a neighbor outside the subset. Our result follows from a lower and an upper bound on the information rate that applies for any graph and happen to coincide for trees because of a correspondence between the size of the largest core and a quantity related to a fractional cover of the tree with stars.
△ Less
Submitted 19 February, 2013;
originally announced February 2013.
