Fault-tolerant Computation in the Full Information Model
SIAM Journal on Computing
Multiparty Quantum Coin Flipping
CCC '04 Proceedings of the 19th IEEE Annual Conference on Computational Complexity
The round complexity of two-party random selection
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Shannon entropy vs. kolmogorov complexity
CSR'06 Proceedings of the First international computer science conference on Theory and Applications
Random selection with an adversarial majority
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Semi-loss-tolerant strong coin flipping protocol using EPR pairs
Quantum Information & Computation
| Hi-index | 0.00 |
We study the two party problem of randomly selecting a string among all the strings of length n. We want the protocol to have the property that the output distribution has high entropy, even when one of the two parties is dishonest and deviates from the protocol. We develop protocols that achieve high, close to n, entropy.In the literature the randomness guarantee is usually expressed as being close to the uniform distribution or in terms of resiliency. The notion of entropy is not directly comparable to that of resiliency, but we establish a connection between the two that allows us to compare our protocols with the existing ones.We construct an explicit protocol that yields entropy n茂戮驴 O(1) and has 4log*nrounds, improving over the protocol of Goldreich et al. [3] that also achieves this entropy but needs O(n) rounds. Both these protocols need O(n2) bits of communication.Next we reduce the communication in our protocols. We show the existence, non-explicitly, of a protocol that has 6 rounds, 2n+ 8lognbits of communication and yields entropy n茂戮驴 O(logn) and min-entropy n/2 茂戮驴 O(logn). Our protocol achieves the same entropy bound as the recent, also non-explicit, protocol of Gradwohl et al. [4], however achieves much higher min-entropy: n/2 茂戮驴 O(logn) versus O(logn).Finally we exhibit very simple explicit protocols. We connect the security parameter of these geometric protocols with the well studied Kakeya problem motivated by harmonic analysis and analytical number theory. We are only able to prove that these protocols have entropy 3n/4 but still n/2 茂戮驴 O(logn) min-entropy. Therefore they do not perform as well with respect to the explicit constructions of Gradwohl et al. [4] entropy-wise, but still have much better min-entropy. We conjecture that these simple protocols achieve n茂戮驴 o(n) entropy. Our geometric construction and its relation to the Kakeya problem follows a new and different approach to the random selection problem than any of the previously known protocols.