Posts

This page collects some of my answers on Cryptography Stack Exchange and Mathematics Stack Exchange. I used these platforms to clarify ideas, explain definitions, work through proof techniques, and discuss questions that arise naturally in cryptography, lattices, complexity theory, and related areas. The answers linked here are informal, but I hope they are useful to students and researchers looking for accessible explanations of technical concepts.

• Cryptography
  • How to complete security definition
  • CPA Security: Does there exist a ciphertext shared by 2 or more plaintexts in randomized encryption
  • What is the difference between a selective model and a full (adaptive) model in Functional Encryption?
  • How to define anonymity in cryptography and how to prove the anonymity of a security solution?
  • How to prove selectively-secure scheme is adaptively secure when message space is small?
  • Injective PRG from one-way functions
  • Decryption using randomness
  • Probabilistic polynomial-time Turing machine with one-way function
  • How to prove that 𝐿 is in NP∖P?
  • AKS Primality-Testing Algorithm
  • In lattice, does converting a “bad” basis to a “good” basis constitute a hard problem?
  • KEM with CCA security without using PKE
  • Pseudo One Time Pad against Computational Unbounded Adversary
  • Is semantic security equvalent to IND-CPA?
  • How to prove the conclusion “linear operation XOR does not affect the division property”?
  • Reject sampling of lattice ZKP, why need factor of M?
  • Question about P and NP problem
  • Languages L that have perfect zero-knowledge that do not have any AM proof system that is perfect or zero-knowledge on L
  • Deterministic vs probabilistic adversaries in a proof-of-knowledge context
  • Rigorous Proof on Malicious Zero-Knowledge Property of Schnorr Protocol
  • How can I demonstrate the existence of such an isomorphism(look at the image below)?
  • Relationship between log⁡(κ) and log⁡(n), and round complexity
  • Why is the first coefficient set to 1 in both GGPR13 & Groth16 SNARKS?
  • Real-or-Random Security (IND$-CPA) for Homomorphic Encryption?
  • Why are the expressions divided by 2 random elements γ & δ in Groth16?
  • Why do many ZKSnarks divide the Inputs into Public & Private Parts?
  • lattice RLWE encryption and decryption process
  • Question about Security proof of Gentry’s Anonymous IBE
  • How do I prove that a bit by bit PKE scheme (that is IND-CPA secure) for an n-bit message is not IND-CCA-2 secure?
  • Question Regarding Idenitities of Gentry’s Homomorphic Encryption on LWE
  • Definition of non-interactive non-commiting encryption
  • Prove that there is no universal Hard-Core Predicates
  • Decryption of LWE-based Inner-Product Fuctional Encryption of Agrawal-Libert-Stehle Crypto 2016
  • Proof that secret sharing based scheme is CPA secure as long as one of the scheme is CPA secure
  • Indistinguishability of (G0(x),G1(x)) from (G0(x),t) where G(x)=G0(x)‖G1(x) is a PRG
  • PRF with a one truly random evaluation
  • Protecting a message with two private keys
  • Extractor and Min-Entropy proof

• Mathematics
  • Clarification on Blomer and Seifert reduction from CVP to SIVP
  • Lattice width of conv(0,ne1,⋯,nen)
  • Extending a closest point to a basis for a lattice
  • Proof for the successive minima being achieved by linearly independent lattice vectors?
  • If two integer matrices A and B have the same row space, A=UB for some unimodular matrix U?
  • Lattice basis consisting of minimal vectors
  • Reduction modulo lattice parallelepipeds
  • Unimodular lattice
  • Spanning vectors of simple cubic lattice
  • Prove that the matrix is totally unimodular, for any binary vector a
  • Is the following also a lattice?
  • Lattice in R3
  • When does lattice equal the whole Zn
  • Dual of intersections (lattices)