109 Views

Download Presentation
##### One-way protocols and combinatorial designs

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -

**One-way protocols and combinatorial designs**Mike Atkinson Joint work with Michael Albert, Hans van Ditmarsch, Robert Aldred, Chris Handley**The plan**• Description of problem • Modelling the problem • Solutions**The 2000 Moscow Mathematical Olympiad**• Players Alice, Bob, Crow draw cards from a 7 card deck. A receives 3 cards, B receives 3 cards, C receives 1 card • How can A, in a single public announcement, tell B what her cards are without C learning a single card of A or B’s holding?**First thoughts**• A could make some very complex announcement (“I hold card 2 or card 4; if I hold card 3 I don’t hold card 5; if I hold any consecutive numbered cards then one is prime,….”) • B, knowing his own cards, finds A’s announcement useful • C, knowing only his card, can’t use it**Pitfalls**• Suppose A held 0,1,2; she could say “I hold 0,1,2 or 3,4,5” • B would successfully learn A’s hand because only one of those possibilities can be consistent with his own hand • But, for all A knows, C might hold 3 and then C could infer A’s holding (note: A would be safe if C held 6)**Second thoughts**• No matter how complex is A’s announcement it is tantamount to saying “My holding is one of the following …” • A’s announcement must be effective for B and ineffective for C no matter what B and C hold**First solution**• A says “Modulo 7 my total is x”. • The 35 possible holdings for A come in 7 groups of 5 corresponding to their sum mod 7 • “Modulo 7 my total is 3” is tantamount to saying “I hold 012, 136, 145, 235, or 046” • B can now work out C’s card and therefore work out A’s holding • C can only work out A’s sum modulo 7 and B’s sum modulo 7: he can’t work out any one card of A or B.**Second solution**• A could announce (supposing that she holds 0,1,2) “I hold one of 012,056,034,145,136,235,246” • Exhaustive check. E.g. suppose B held 345 then he could deduce A holds 012 since all other possibilities intersect his own holding. But C (holding 6) can deduce only that A’s holding is one of 012,034,145,235 and no card of A is revealed.**Other solutions**• All solutions involve an announcement of 5 or 6 or 7 possible holdings • More than 7 makes it too hard for B • Less than 5 makes it too easy for C**Reveal as little as possible**• If A wishes to reveal as little as possible she should choose to present 7 possible holdings rather than 5 • How are the “optimal” solutions found?**2**1 4 3 0 6 5 Structure of the solution012,056,034,145,136,235,246 • The 7 triples are the lines of the 7 point projective plane**The general problem**• A holds a cards, B b cards, C c cards from a deck of v=a+b+c cards • A must make one public announcement from which B can infer A’s holding but C cannot infer any card of either A or B • For which a, b, c is this possible? • If it is possible, what are the most and least informative announcements? • Find a suitable announcement!**Communication protocols**• A protocol is a series of messages by various parties to communicate information E.g. A might send a message to B, B might answer with another message, A might send yet another message,…. Eventually the required information is communicated. • We are studying one-way protocols**The one-way restriction**• Suppose a=2, b=4, c=1 (and v=7) • No one-way protocol is possible • There is a 2 message protocol: • B first announces a number of possible holdings for himself that allows A to deduce B’s holding whereas C learns no card of either A or B • A now knows C’s card and announces it; this tells C nothing further but allows B to infer A’s holding**The one-way restriction**• Suppose a=2, b=4, c=1 (and v=7) • No one-way protocol is possible • There is a 2 message protocol: • B (holding, say, 1236) could announce he holds one of 3456, 0156, 1245, 1236, 0134, 0235, 0246. A (holding, say, 05) could then infer B’s holding • A now knows C’s card is 4 and announces it; B can now deduce that A holds 05**Combinatorial conditions**• A collection L of a-subsets of {0,1,..,v-1} is a one-way protocol if and only if • For all L1,L2 in L , |L1 L2| ≤ a-c-1 • For all c-sets X the set of members of L disjoint from X have empty intersection and their union contains every point not in X**Combinatorial problems**• For given a,b,c find a suitable collection L of a-subsets of {0,1,…,v-1}. • Find upper and lower bounds on the size of |L|. • Find general constructions valid for a range of (a,b,c) values.**v!c!**(v-a)!(v-b)! Bounds on |L| • |L| ≤ • |L| ≥ v(c+1)/a • Some other bounds also known • Sometimes the bounds prove that no one-way protocol exists • Occasionally, they pin down |L| uniquely • e.g. if b=2, c=1 then |L| = (a+2)(a+3)/6**General construction**• Let D be a set of a integers such that among the (non-zero) differences d1-d2 no value occurs more than e times. • Let L be the set {i + D |i = 0 … v-1} (arithmetic mod v) • L realises the parameter set a,v-2a+e+1,a-e-1**Examples**• Many one-way protocols seem to have no further combinatorial interest • Those for which |L| is maximal are often more interesting • v = 13 (all the spades), a = 4, b = 7, c = 2, L is the set of 13 lines of the 13 point projective plane • v = 11, a = 5, b = 5, c = 1, L is the set of 66 blocks of the Steiner system 4-(5,11,1) whose automorphism group is M11**Examples cont.**• a=4, b=3, c=1. Code the 8 cards as vectors in Z2 Z2 Z2. Let L be the 7 subgroups of order 4 and their complements