diff options
| author | Bryan Bishop <kanzure@gmail.com> | 2016-09-06 16:09:57 -0500 |
|---|---|---|
| committer | Bryan Bishop <kanzure@gmail.com> | 2016-09-06 16:09:57 -0500 |
| commit | a57777079873f6209520a9596a0889c91f2cb8a6 (patch) | |
| tree | e88ac619585e88f2cecb263a31a4cff16e179b26 | |
| parent | 5168f63a13f323dc74db8c6f524055c97e89d643 (diff) | |
| download | diyhpluswiki-a57777079873f6209520a9596a0889c91f2cb8a6.tar.gz diyhpluswiki-a57777079873f6209520a9596a0889c91f2cb8a6.zip | |
fix typo about weir pairings
| -rw-r--r-- | transcripts/simons-institute/pairing-cryptography.mdwn | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/transcripts/simons-institute/pairing-cryptography.mdwn b/transcripts/simons-institute/pairing-cryptography.mdwn index f104fab..1ddb1e5 100644 --- a/transcripts/simons-institute/pairing-cryptography.mdwn +++ b/transcripts/simons-institute/pairing-cryptography.mdwn @@ -340,7 +340,7 @@ So the first interesting question you want to ask is, well can we generalize thi <https://www.youtube.com/watch?v=8WDOpzxpnTE&t=47m> -I didn't want to write this down on a slide, but I'll mention it. The two, the standard vale pairing, you can think of it as a 2-by-2 determinant, if you visualize things properly, literally what it's computing for you is a 2-by-2 determinant, and that's why it's bilinear, 2-by-2 determinant. You can generalize that and ask, well, what if we just define a 3-by-3 determinant in the exactly same way. You can write down a very precise definition of a 3-multilinear map, and it's in fact, it would be multilinear, and it's a dream come true. Unfortunately, we showed, this was in work with Alice Silverberg, that in fact all these generalizations of pairings from algebraic geometry, that is to say generally abelian varieties, none of them, even though they are all multilinear, and they have all the properties like hard discrete log and multilinear and everything we want, unfortunately none of them are computed by polynomials in the way that the Vale pairing is computed by polynomials. And it's a particular way to show that it's not computable by polynomials, basically you show one gal one go is not invariant under, so there's something magic about the number 2 that makes the pairing computable, and the minute you go beyond 2, it's no longer computable. So if we want multilinear maps, which we definitely want multilinear maps, if we're going to build them from algebraic geometry, we're going to have to build them from a completely different way of doing it. +I didn't want to write this down on a slide, but I'll mention it. The two, the standard weil pairing, you can think of it as a 2-by-2 determinant, if you visualize things properly, literally what it's computing for you is a 2-by-2 determinant, and that's why it's bilinear, 2-by-2 determinant. You can generalize that and ask, well, what if we just define a 3-by-3 determinant in the exactly same way. You can write down a very precise definition of a 3-multilinear map, and it's in fact, it would be multilinear, and it's a dream come true. Unfortunately, we showed, this was in work with Alice Silverberg, that in fact all these generalizations of pairings from algebraic geometry, that is to say generally abelian varieties, none of them, even though they are all multilinear, and they have all the properties like hard discrete log and multilinear and everything we want, unfortunately none of them are computed by polynomials in the way that the Vale pairing is computed by polynomials. And it's a particular way to show that it's not computable by polynomials, basically you show one gal one go is not invariant under, so there's something magic about the number 2 that makes the pairing computable, and the minute you go beyond 2, it's no longer computable. So if we want multilinear maps, which we definitely want multilinear maps, if we're going to build them from algebraic geometry, we're going to have to build them from a completely different way of doing it. So of course, my favorite result of the last decade, huge huge result, is a multilinear map, I'm sure you guys have heard about this to infinity by now, of course, GGH'13, came up with this beautiful result, but it doesn't quite solve the original problem in the sense that the multilinear map that operates on noisy representation of group elements and not actually kind of these clean algebraic representation of group elements. So a major open problem, this is actually one of the open questions where I'm spending a lot of my time these days, is looking at pairings that come more from traditional algebraic geometry and see if there's a way to generalize them to get a 3-linear map. I'm absolutely convinced that these exist. If I went to sleep now and woke up in 100 years, I'm certain that we will have a clean 3-way multilinear map without noise. I'm absolutely convinced that this exists. So far everything I have tried doesn't work, so please please think about this too. |