jean charles faug re
play

Jean-Charles Faugre Joint work with: L. Huot G. Renault and M. - PowerPoint PPT Presentation

May 24, 2023 •182 likes •1.28k views

Solving efficiently structured polynomial systems and Applications in Cryptology Jean-Charles Faugre Joint work with: L. Huot G. Renault and M. Safey El Din, L Perret, P .J. Spaenlehauer, L. Bettale ECC 2011 The 15th workshop on Elliptic

  1. Complexity of Computing Gröbner Bases Definition Degree of regularity d reg : indicator of the complexity of GB algorithms for homogeneous polynomials: the lowest integer d s.t. all monomials of degree d are in LM ( I ) . ☞ maximal degree of a grevlex Gröbner basis is � d reg . Hilbert Series Generating series: HS ( t ) = � ∞ d = 0 r d t d , where r d = # Cols − Rank ( Macaulay ( F , d )) Finite number of solution: HS ( t ) = � d reg − 1 r d t d d = 0

  2. Complexity of Computing Gröbner Bases Definition Degree of regularity d reg : indicator of the complexity of GB algorithms for homogeneous polynomials: the lowest integer d s.t. all monomials of degree d are in LM ( I ) . ☞ maximal degree of a grevlex Gröbner basis is � d reg . Hilbert Series Generating series: HS ( t ) = � ∞ d = 0 r d t d , where r d = # Cols − Rank ( Macaulay ( F , d )) Finite number of solution: HS ( t ) = � d reg − 1 r d t d d = 0 Theorem Complexity of computing a grevlex Gröbner basis: �� n + d reg � ω � O n

  3. Example of generating series Theorem n quadratic equations f i over Q then under some regularity assumption: HS ( t ) = ( 1 + t ) n

  4. Example of generating series Theorem n quadratic equations f i over Q then under some regularity assumption: HS ( t ) = ( 1 + t ) n Consequently, d reg = n + 1. Example Q , n = m = 50 quadratic equations ( 1 + z ) 50 = 1 + 50 z + ∙ ∙ ∙ + z 50 + 0 z 51 Hence the maximal degree occurring in the computation is 51 .

  5. F 5 algorithm: simple matrix version Get rid of the trivial relations: f i f j − f j f i = 0 f 2 i − f i = 0 when K = F 2 Incremental algorithm ( f 1 ) + G prev Incremental degree by degree Special/Simpler version of F 5 for dense/generic quadratic polynomials. the maximal degree D is a parameter of the algorithm. m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1 1 x x x x . . .   . ...   .   . 0 x x x . . .     u r 1 f 1 0 0 1 x x . . .       . . . . . .   . . . . . .   . . . . . . . . .     v rk − 1 f k − 1 0 0 1 x x . . .     w 1 f k  0 0 0 1 x . . .  w 2 f k 0 0 0 0 1 . . .

  6. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Already computed Groebner ( � f 1 , . . . , f k � ) , d ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1  1 x x x x . . .  . ...   .   . 0 x x x . . .     u r 1 f 1 0 0 1 x x . . .       . . . . . .   . . . . . .   . . . . . .  . . .    v rk − 1 f k − 1 0 0 1 x x  . . .          w 1 f k 0 0 0 1 x . . .       w 2 f k 0 0 0 0 1 . . .

  7. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1  1 x x x x . . .  .  ...  .   . 0 x x x . . .     u r 1 f 1 0 0 1 x x . . .       . . . . . .   . . . . . .   . . . . . . . . .     v rk − 1 f k − 1 0 0 1 x x . . .           w 1 f k 0 0 0 1 x . . .       w 2 f k 0 0 0 0 1 . . .

  8. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1  1 x x x x . . .  .  ...  .   . 0 x x x . . .     u r 1 f 1 0 0 1 x x . . .       . . . . . .   . . . . . .   . . . . . . . . .     v rk − 1 f k − 1 0 0 1 x x . . .           w 1 f k 0 0 0 1 x . . .       w 2 f k 0 0 0 0 1 . . . α j w 1 = x α 1 if · · · x 1 j

  9. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1  1 x x x x . . .  .  ...  .   Matrix in degree d + 1 . 0 x x x . . .     u r 1 f 1 0 0 1 x x . . .     t 1 t 2 t 3 t 4 t 5 . . .   . . . . . .   . . . . . .     . . . . . . . . . .     . v rk − 1 f k − 1 0 0 1 x x . . .   . . . .         w 1 x j f k 0 1 x x x . . .         w 1 x j + 1 f k 0 0 1 x x . . .   w 1 f k 0 0 0 1 x . . .         . . . . . . .     . . . . . . .   w 2 f k 0 0 0 0 1 . . . . . . . . . .     w 1 x n f k 0 0 0 1 x . . .       .   . α j w 1 = x α 1 if · · · x . . . . 1 j

  10. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1 1 x x x x  . . .  . ...   Matrix in degree d + 1 .   . 0 x x x  . . .    u r 1 f 1 0 0 1 x x . . .   t 1 t 2 t 3 t 4 t 5 . . .     . . . . . .     . . . . . . .   . . . . . . . . . .     . . . .   v rk − 1 f k − 1 0 0 1 x x . . .       w 1 x j f k 0 1 x x x . . .             w 1 x j + 1 f k 0 0 1 x x . . .   w 1 f k 0 0 0 1 x . . .             . . . . . . .   w 2 f k 0 0 0 0 1 . . . . . . . . . .   .  . . . . . .    w 1 x n f k  0 0 0 1 x . . .      . α j w 1 = x α 1   if · · · x . 1 j . . . .

  11. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1 1 x x x x  . . .  . ...   Matrix in degree d + 1 .   . 0 x x x  . . .    u r 1 f 1 0 0 1 x x . . .   t 1 t 2 t 3 t 4 t 5 . . .     . . . . . .     . . . . . . .   . . . . . . . . . .     . . . .   v rk − 1 f k − 1 0 0 1 x x . . .       w 1 x j f k 0 1 x x x . . .             w 1 x j + 1 f k 0 0 1 x x . . .   w 1 f k 0 0 0 1 x . . .             . . . . . . .   w 2 f k 0 0 0 0 1 . . . . . . . . . .   .  . . . . . .    w 1 x n f k  0 0 0 1 x . . .      . α j w 1 = x α 1   if · · · x . 1 j . . . . Remove w 1 x j + 1 f k iff w 1 x j + 1 ∈ LT ( � f 1 , . . . , f k − 1 � )

  12. F5: compute Groebner ( � f 1 , . . . , f k � ) , d + 1 ) Matrix in degree d m 1 m 2 m 3 m 4 m 5 . . . u 1 f 1 1 x x x x  . . .  . ...   Matrix in degree d + 1 .   . 0 x x x  . . .    u r 1 f 1 0 0 1 x x . . .   t 1 t 2 t 3 t 4 t 5 . . .     . . . . . .     . . . . . . .   . . . . . . . . . .     . . . .   v rk − 1 f k − 1 0 0 1 x x . . .       w 1 x j f k 0 1 x x x . . .             w 1 x j + 1 f k 0 0 1 x x . . .   w 1 f k 0 0 0 1 x . . .             . . . . . . .   w 2 f k 0 0 0 0 1 . . . . . . . . . .   .  . . . . . .    w 1 x n f k  0 0 0 1 x . . .      . α j w 1 = x α 1   if · · · x . 1 j . . . . Remove w 1 x j + 1 f k iff w 1 x j + 1 ∈ LT ( Groebner ( � f 1 , . . . , f k − 1 � ) , d − 1 )

  13. F 5 criterion − → complexity of overdetermined systems with M. Bardet and B. Salvy Criterion: t f j is in the matrix if t / ∈ Id ( LT < ( G j − 1 )) , where G j − 1 is a Gröbner basis of { f 1 , . . . , f j − 1 } . R d , i ( n ) number of rows in the matrix generated by F 5 when computing a Gröbner basis of [ f 1 , . . . , f i ] in degree d .

  14. Induction When d ≥ 2 : i − 1 � R d , i ( n ) = i ∙ M d − 2 ( n ) − R d − 2 , j ( n ) � �� � j = 1 � �� � number of monomials F 5 criterion degree ≤ d − 2

  15. Induction When d ≥ 2 : i − 1 + δ K , F 2 � R d , i ( n ) = i ∙ M d − 2 ( n ) − R d − 2 , j ( n ) � �� � j = 1 � �� � number of monomials F 5 criterion degree ≤ d − 2

  16. End of the computation #col = M d ( n )   Matrix   #row = R d , m ( n )   generated by F5

  17. End of the computation #col = M d ( n )   Matrix   #row = R d , m ( n )   generated by F5

  18. End of the computation #col = M d ( n )   Matrix   #row = R d , m ( n )   generated by F5 � When h d , m ( n ) = # col − # row = 0 this end of the computation ! We compute the biggest real root n > 0 of h d , m ( n ) = 0.

  19. Example For quadratic equations, m = n over F 2 : using the previous relation we can compute explicitly: U 0 , i ( n ) = U 1 , i ( n ) = 0 � n � U 2 , i ( n ) = i − 0 = i 0 � n � � i U 3 , i ( n ) = i − U 1 , j ( n ) = i n 1 j = 1

  20. Example For quadratic equations, m = n over F 2 : using the previous relation we can compute explicitly: U 0 , i ( n ) = U 1 , i ( n ) = 0 � n � U 2 , i ( n ) = i − 0 = i 0 � n � � i U 3 , i ( n ) = i − U 1 , j ( n ) = i n 1 j = 1 Then: h 3 , n ( n ) = M 3 ( n ) − U 3 , n ( n ) � n � − n 2 = 3 n ( n 2 − 9 n + 2 ) = 6

  21. Example For quadratic equations, m = n over F 2 : using the previous relation we can compute explicitly: U 0 , i ( n ) = U 1 , i ( n ) = 0 � n � U 2 , i ( n ) = i − 0 = i 0 � n � � i U 3 , i ( n ) = i − U 1 , j ( n ) = i n 1 j = 1 Then: h 3 , n ( n ) = M 3 ( n ) − U 3 , n ( n ) � n � − n 2 = 3 n ( n 2 − 9 n + 2 ) = 6 The biggest real root of this polynomial: � � � � √ √ h 3 , n ( n )= n n − 9 / 2 − 1 / 2 73 n − 9 / 2 + 1 / 2 73

  22. Example � � � � √ √ h 3 , n ( n )= n n − 9 / 2 − 1 / 2 73 n − 9 / 2 + 1 / 2 73 √ 73 ≈ 8 . 772 so that N 3 = 9 . biggest real root is: 9 / 2 + 1 / 2

  23. Example � � � � √ √ h 3 , n ( n )= n n − 9 / 2 − 1 / 2 73 n − 9 / 2 + 1 / 2 73 √ 73 ≈ 8 . 772 so that N 3 = 9 . biggest real root is: 9 / 2 + 1 / 2 Hence d ≤ 3 when n ≤ 9 : d 3 4 5 6 7 8 9 N d 9 16 24 32 41 49 58

  24. Example � � � � √ √ h 3 , n ( n )= n n − 9 / 2 − 1 / 2 73 n − 9 / 2 + 1 / 2 73 √ 73 ≈ 8 . 772 so that N 3 = 9 . biggest real root is: 9 / 2 + 1 / 2 Hence d ≤ 3 when n ≤ 9 : d 3 4 5 6 7 8 9 N d 9 16 24 32 41 49 58 n < 9 = N 3 the maximal degree in F 5 is 3; the total complexity 1 O ( n 3 ω ) . N 3 = 9 ≤ n < N 4 = 16 the maximal degree is 4 and complexity is 2 O ( n 4 ω ) . . . . 3

  25. Generating series Theorem f i of degree d i , i = 1 , . . . , m finite field F q then � � � � n H m = � ∞ � m 1 − ( 1 − δ K , F 2 ) z di 1 − δ K , F 2 z 2 d = 0 h d , m z d = 1 + δ K , F 2 z di 1 − z i = 1

  26. Generating series Theorem f i of degree d i , i = 1 , . . . , m finite field F q then � � � � n H m = � ∞ � m 1 − ( 1 − δ K , F 2 ) z di 1 − δ K , F 2 z 2 d = 0 h d , m z d = 1 + δ K , F 2 z di 1 − z i = 1 particular case: d i = 2, F 2 , n = m equations � 1 + z � n ∞ � h d , n z d = 1 + z 2 d = 0

  27. Generating series particular case: d i = 2, F 2 , n = m equations � 1 + z � n ∞ � h d , n z d = 1 + z 2 d = 0 Example F 2 , n = m = 50 semi-regular quadratic equations � � 50 = 1 + 50 z + 1175 z 2 + 17100 z 3 + 170325 z 4 + 1202510 z 5 1 + z 1 + z 2 + 5915475 z 6 + 17831400 z 7 + 9196475 z 8 − 205886050 z 9 � z 10 � + O Hence the maximal degree occurring in the computation is 9 .

  28. Asymptotic estimate biggest real root of � 1 + z � n � 1 dz h d , n = 1 + z 2 z d + 1 2 i π C 1 λ 0 n − λ 1 1 3 + O ( 1 d n = n 3 ) 4 1 n 3 λ 0 1 n 3 + O ( 1 d n ≈ 11 . 11360 + 1 . 0034n 3 ) 1 n � √ √ 3 ≈ 11 . 13 where λ 0 = 3 / 2 3 + 5 / 2 + 1 / 2 72 + 42 the expression of λ 1 contains the biggest real root of the Airy function (solution of ∂ 2 y ∂ z 2 − zy = 0) The formula is almost exact when n ≥ 3 !

  29. Maximal degree 16 Maximal Degree in the Gröbner basis computation random system 14 12 10 8 6 HFE 128<d<513 HFE 16<d<129 4 HFE 3<d<17 2 n 0 01 02 03 04 05 06 07 08 09 0 100

  30. Complexity: overdetermined systems k is a constant (does not depend on n ). d i total degree of f i . Under regularity assumption: m Degree d max m ≤ n K , d i = 2 m + 1 ( Macaulay bound) n + 1 � m ≤ n K 1 + ( d i − 1 ) ( Macaulay bound) i = 1 � m m n + k K , d i = 2 2 − h k , 1 2 + o ( 1 ) � n + k � n + k � d 2 i − 1 d i − 1 n + k K − h k , 1 + o ( 1 ) 2 6 i = 1 i = 1 � � 1 3 − 1 . 47 + 1 . 71 n − 1 n − 2 n 3 + O 2 n K , d i = 2 11 . 6569 + 1 . 04 n 3 � 1 − a 1 ( k − 1 3 + O ( 1 ) k n K , d i = 2 2 − k ( k − 1 )) n + 6 n 1 2 ( k ( k − 1 )) 3 − 1 . 58 + O ( n − 1 1 n 3 ) n F 2 , d i = 2 11 . 1360 + 1 . 0034 n � � � k n F 2 , d i = 2 − k + 1 2 + 1 � 2 k ( k − 5 ) − 1 + 2 ( k + 2 ) k ( k + 2 ) n 2

  31. Classification Classification: m number of polynomials, n number of variables Complexity m = cste n single exponential m = cste n α sub exponential m = cste n 2 polynomial

  32. Bilinear Equations in Algebraic Attacks: Motivation Powerful attack somewhat similar to Lattice attacks: we consider k vectors v i = [ . . . , v i , j , . . . ] with v i , j ∈ Z Try to find: ( λ 1 , . . . , λ k ) ∈ Z k such that k � λ i v i is small i = 1

  33. Bilinear Equations in Algebraic Attacks: Motivation Powerful attack somewhat similar to Lattice attacks: we consider k vectors v i = [ . . . , v i , j , . . . ] with v i , j ∈ Z Try to find: ( λ 1 , . . . , λ k ) ∈ Z k such that k � λ i v i is small i = 1 using LLL : find a ≈ small vector in Polynomial Time

  34. Bilinear Equations in Algebraic Attacks: Motivation For k quadratic multivariate polynomials f i ∈ K [ x 1 , . . . , x n ] : � ∂ 2 f l � f l �→ H ( f l ) = M l = matrix representation of f i ∂ x i ∂ x j 1 � i , j � n Try to find: ( λ 1 , . . . , λ k ) ∈ K k such that: k � λ i M i is “small” i = 1

  35. Bilinear Equations in Algebraic Attacks: Motivation For k quadratic multivariate polynomials f i ∈ K [ x 1 , . . . , x n ] : � ∂ 2 f l � f l �→ H ( f l ) = M l = matrix representation of f i ∂ x i ∂ x j 1 � i , j � n Try to find: ( λ 1 , . . . , λ k ) ∈ K k such that: k � λ i M i is of small rank i = 1

  36. Bilinear Equations in Algebraic Attacks: Motivation For k quadratic multivariate polynomials f i ∈ K [ x 1 , . . . , x n ] : � ∂ 2 f l � f l �→ H ( f l ) = M l = matrix representation of f i ∂ x i ∂ x j 1 � i , j � n Try to find: ( λ 1 , . . . , λ k ) ∈ K k such that: k � λ i M i is of rank r Minrank Problem i = 1

  37. Bilinear Equations in Algebraic Attacks: Motivation For k quadratic multivariate polynomials f i ∈ K [ x 1 , . . . , x n ] : � ∂ 2 f l � f l �→ H ( f l ) = M l = matrix representation of f i ∂ x i ∂ x j 1 � i , j � n Try to find: ( λ 1 , . . . , λ k ) ∈ K k such that: k � λ i M i is of rank r Minrank Problem i = 1 That is to say: in some basis � k i = 1 λ i f i depends only on r variables.

  38. Two algebraic modelings: structured equations M = M 0 − � k i = 1 λ i M i . The Kipnis-Shamir modeling The minors modeling Rank ( M ) ≤ r ⇔ ∃ x ( 1 ) , . . . , x ( m − r ) ∈ Ker ( M ) . Rank ( M ) ≤ r �  I m − r  all minors of size ( r + 1 ) of M vanish.       M ∙ x ( 1 ) x ( m − r ) = 0 .   1 1  . . .  . . .   � m � 2 equations of degree r + 1. . . .   . . .   r + 1   x ( 1 ) x ( m − r ) k variables. r r . . . Few variables, lots of equations, high m ( m − r ) bilinear equations. degree !! k + r ( m − r ) variables. Applications of bilinear equations in Crypto: Cryptanalysis of HFE and MinRank [CRYPTO’08, ISSAC’10, PKC’11]. Cryptanalysis of McEliece [EUROCRYPT’10].

  39. Bilinear systems joint work with M. Safey El Din and PJ Spaenlehauer F = ( f 1 , . . . , f m ) : system of homogeneous bilinear equations . � f i ( X , Y ) = c i , x , y x y where n = # X + # Y x ∈ X , y ∈ Y     ∂ f 1 ∂ f 1 ∂ f 1 ∂ f 1 . . . . . . ∂ y 0 ∂ y ny ∂ x 0 ∂ x nx     . . . . . .     . . . . . . jac X ( F i ) = jac Y ( F i ) = . . . . . .     ∂ f i ∂ f i ∂ f i ∂ f i . . . . . . ∂ x 0 ∂ x nx ∂ y 0 ∂ y ny Euler relations � � ∂ f ∂ f f = x j = y j . ∂ x j ∂ y j       f 1 x 0 y 0       . . . . . .  = jac X ( F i ) ∙  = jac Y ( F i ) ∙     . . . f i x n x y n y

  40. Complexity of affine bilinear systems In affine case: x 0 = 1, y 0 = 1 and the number of variables is n = n X + n Y Theorem : degree of regularity [JSC 2011] Degree of regularity of a generic 0-dim affjne bilinear system for the grevlex ordering: d reg � 1 + min ( n x , n y ) . Sharp bound in practice.

  41. Degree of regularity: idea of the proof Affine: x 0 = 1 Choose the block of variables of smallest cardinality , we assume n X ≤ n Y .     1 ∂ f 1 ∂ f 1 ∂ x 0 . . . ∂ x nx  x 1  I = � f 1 , ∙ ∙ ∙ , f n �   . . ...   Bilinear system of K [ X , Y ] ⇐ ⇒ J X x =  ∙ . .  = 0 .  . . .  . . ∂ f n ∂ f n ∂ x 0 ∂ x nx x n x . . .

  42. Degree of regularity: idea of the proof Affine: x 0 = 1 Choose the block of variables of smallest cardinality , we assume n X ≤ n Y .     1 ∂ f 1 ∂ f 1 ∂ x 0 . . . ∂ x nx   x 1 I = � f 1 , ∙ ∙ ∙ , f n �   . .   ... Bilinear system of K [ X , Y ] ⇐ ⇒ J X x =  ∙  = 0 .  . . .  . . . . ∂ f n ∂ f n ∂ x 0 ∂ x nx x n x . . . J X is singular ! J X is a singular p × q = ( n X + 1 ) × ( n X + n Y ) matrix. = ⇒ all the maximal minors are = 0 !

  43. Degree of regularity: idea of the proof     1 ∂ f 1 ∂ f 1 ∂ x 0 . . . ∂ x nx   x 1 I = � f 1 , ∙ ∙ ∙ , f n �   . .   ... Bilinear system of K [ X , Y ] ⇐ ⇒ J X x =  ∙  = 0 .  . . .  . . . . ∂ f n ∂ f n ∂ x 0 ∂ x nx x n x . . . J X is singular ! J X is a singular p × q = ( n X + 1 ) × ( n X + n Y ) matrix. = ⇒ all the maximal minors are = 0 ! Determinantal miracle ! A Theorem of Bernstein, Sturmfels and Zelevinski M a p × q matrix whose entries are variables . The maximal minors of M are a universal Gröbner basis.

  44. Degree of regularity: idea of the proof J X is singular ! J X is a singular p × q = ( n X + 1 ) × ( n X + n Y ) matrix. = ⇒ all the maximal minors are = 0 ! Extension of the Theorem of Bernstein, Sturmfels and Zelevinski [JSC 2011] J X a p × q linear matrix with coefficients in K [ y 1 , . . . , y n Y ] , the maximal minors of M are a grevlex Gröbner basis. LM ( Minors ( J X )) = � all monomials of degree n X + 1 in y 1 , . . . , y n Y � .

  45. Degree of regularity: idea of the proof J X is singular ! J X is a singular p × q = ( n X + 1 ) × ( n X + n Y ) matrix. = ⇒ all the maximal minors are = 0 ! Extension of the Theorem of Bernstein, Sturmfels and Zelevinski [JSC 2011] J X a p × q linear matrix with coefficients in K [ y 1 , . . . , y n Y ] , the maximal minors of M are a grevlex Gröbner basis. LM ( Minors ( J X )) = � all monomials of degree n X + 1 in y 1 , . . . , y n Y � .   x 1   . . Rewrite J X x = A ( y )  + b = 0  . x n x Cramer’s rule :   x 1  .  . det ( A ( y ))  + Adj ( A ) b ∈ I  . x n x

  46. Degree of regularity: idea of the proof J X is singular ! J X is a singular p × q = ( n X + 1 ) × ( n X + n Y ) matrix. = ⇒ all the maximal minors are = 0 ! Extension of the Theorem of Bernstein, Sturmfels and Zelevinski [JSC 2011] J X a p × q linear matrix with coefficients in K [ y 1 , . . . , y n Y ] , the maximal minors of M are a grevlex Gröbner basis. LM ( Minors ( J X )) = � all monomials of degree n X + 1 in y 1 , . . . , y n Y � .   x 1   . . Rewrite J X x = A ( y )  + b = 0  .   x n x x 1 Cramer’s rule :   .  + det ( A ( y )) − 1 Adj ( A ) b ∈ I .  . x n x

  47. Degree of regularity: idea of the proof J X is singular ! J X is a singular p × q = ( n X + 1 ) × ( n X + n Y ) matrix. ⇒ all the maximal minors are = 0 ! = Extension of the Theorem of Bernstein, Sturmfels and Zelevinski [JSC 2011] J X a p × q linear matrix with coefficients in K [ y 1 , . . . , y n Y ] , the maximal minors of M are a grevlex Gröbner basis. LM ( Minors ( J X )) = � all monomials of degree n X + 1 in y 1 , . . . , y n Y � .   x 1   . . Rewrite J X x = A ( y )  + b = 0  .   x n x x 1 Cramer’s rule :   .  + det ( A ( y )) − 1 Adj ( A ) b ∈ I .  . x n x Any � n X � n Y → � n Y mod Minors ( J X ) with � γ k ≤ n X α j k = 1 y β k k = 1 y γ k j = 1 x − j k k

  48. Trivial Syzygies of Bilinear Systems An example with small parameters: n x = n y = 2 , m = 4 We rewrite the usual trivial syzygie as: � � � � f 1 f 2 � � 0 = f 2 f 1 − f 1 f 2 = � � f 1 f 2

  49. Trivial Syzygies of Bilinear Systems An example with small parameters: n x = n y = 2 , m = 4 We rewrite the usual trivial syzygie as: � � � � f 1 f 2 � � 0 = f 2 f 1 − f 1 f 2 = � � f 1 f 2 Theorem (Trivial Syzygies) When n x = n y = 2 , m = 4 the trivial syzygies of a generic bilinear system are: � � � � � � f 1 f 2 f 3 f 4 � � f 1 f 2 f 3 f 4 � � � � � � � � ∂ f 1 ∂ f 2 ∂ f 3 ∂ f 4 � � � � f i f j � � ∂ x 0 ∂ x 0 ∂ x 0 ∂ x 0 � � � � � i � = j , , � � � ∂ f 1 ∂ f 2 ∂ f 3 ∂ f 4 � � jac Y ( F 4 ) f i f j � � � � ∂ x 1 ∂ x 1 ∂ x 1 ∂ x 1 � � � � � ∂ f 1 ∂ f 2 ∂ f 3 ∂ f 4 � ∂ x 2 ∂ x 2 ∂ x 2 ∂ x 2

  50. Results Variant of F 5 : avoid computing zero . 1 Characterize a “nice” subclass of systems. 2 we defined a notion of biregularity. Theorem Generically, bilinear systems are biregular , i.e. the set of biregular bilinear systems is a Zariski nonempty open subset . Generic Hilbert series . 3 � 1 t β dim ( K [ X , Y ] α,β / I α,β ) t α HS I ( t 1 , t 2 ) = 2 We can compute it explicitly! Complexity analysis. 4

  51. Complexity Solving affine bilinear systems The complexity of computing a grevlex Gröbner basis of a zero-dimensional ideal generated by generic affine bilinear � n � � n � polynomials is polynomial in the number of solutions = n x n y � 2 ω min ( n x , n y ) � O ( Monomials ( 1 + min ( n x , n y )) ω ) ≈ O . Consequences: n x constant, n y grows = ⇒ complexity polynomial in n y . X and Y unbalanced ⇒ easy to solve . Better than Macaulay bound : � 2 ω ( n x + n y ) � O ( Monomials ( n x + n y + 1 ) ω ) ≈ O . n X is a constant in the case of Minrank challenges !

  52. Solving Systems with Symmetries G is a finite group. Compute the roots of the system: V L = { z ∈ L n | f 1 ( z ) = ∙ ∙ ∙ = f m ( z ) = 0 } Two cases: Most difficult case: V L is invariant by G : if z ∈ V L then σ . z ∈ V L for all σ ∈ G Open Issue to compute efficiently V L / G even if G = S n

  53. Solving Systems with Symmetries G is a finite group. Compute the roots of the system: V L = { z ∈ L n | f 1 ( z ) = ∙ ∙ ∙ = f m ( z ) = 0 } Two cases: Most difficult case: V L is invariant by G : if z ∈ V L then σ . z ∈ V L for all σ ∈ G Open Issue to compute efficiently V L / G even if G = S n Each equation is invariant by G σ . f i = f i for all σ ∈ G

  54. Invariant ring Definition K [ x 1 , . . . , x n ] and G ⊂ GL ( K , n ) a linear group acting on K n . K [ x 1 , . . . , x n ] G = { p ∈ K [ x 1 , . . . , x n ] | σ ∙ p = p for all σ ∈ G } where ( σ ∙ p )( v ) = p ( σ − 1 ∙ v ) for all v ∈ K n . Hilbert’s finiteness theorem If G is a linear group then its invariant ring is finitely generated. Theorem K [ x 1 , . . . , x n ] S n = K [ e 1 , . . . , e n ] � x i 1 x i 2 ∙ ∙ ∙ x i k is the k th elementary symmetric where e k = 1 ≤ i 1 < i 2 <...< i k ≤ n polynomial.

  55. Hironaka decomposition ⇒ K [ x 1 , . . . , x n ] G G is a linear group = There exist primary invariants θ 1 , . . . , θ n ∈ K [ x 1 , . . . , x n ] G algebraically independent secondary invariants η 1 , . . . , η t ∈ K [ x 1 , . . . , x n ] G Method proposed by [Sturmfels]: Each equation: f ∈ K [ x 1 , . . . , x n ] G − → f ( θ 1 , . . . , θ n , η 1 , . . . , η t )

  56. Hironaka decomposition ⇒ K [ x 1 , . . . , x n ] G G is a linear group = There exist primary invariants θ 1 , . . . , θ n ∈ K [ x 1 , . . . , x n ] G algebraically independent secondary invariants η 1 , . . . , η t ∈ K [ x 1 , . . . , x n ] G Method proposed by [Sturmfels]: Each equation: f ∈ K [ x 1 , . . . , x n ] G − → f ( θ 1 , . . . , θ n , η 1 , . . . , η t ) OK : we compute a Gröbner basis of I ( V L / G ) NOK: the resulting system is often more difficult to solve than the original ! ◮ we have n + t variables ◮ the η 1 , . . . , η t are not independent Add equations: F ( η 1 , . . . , η t ) = 0

  57. First easy case: each equation is invariant Example (Cyclic n problem) G = C n  x 1 + ∙ ∙ ∙ + x n = 0     x 1 x 2 + ∙ ∙ ∙ + x i x i + 1 + ∙ ∙ ∙ = 0    � 1 ∙ ∙ ∙ R ( f ) = σ. f Reynolds ∙ ∙ ∙ + x i x i + 1 ∙ ∙ ∙ x i + k − 1 + ∙ ∙ ∙ = 0  # G   σ ∈ G   ∙ ∙ ∙   x 1 x 2 ∙ ∙ ∙ x n = 1

  58. First easy case: each equation is invariant Example (Cyclic n problem) G = C n  R ( x 1 ) = 0     R ( x 1 x 2 ) = 0    � ∙ ∙ ∙ 1 R ( f ) = σ. f Reynolds R ( x 1 x 2 ∙ ∙ ∙ x k − 1 ) = 0  # G   σ ∈ G   ∙ ∙ ∙   x 1 x 2 ∙ ∙ ∙ x n = 1 Very compact representation !

  59. First easy case: each equation is invariant Example (Cyclic n problem) G = C n  R ( x 1 ) = 0     R ( x 1 x 2 ) = 0    � ∙ ∙ ∙ 1 R ( f ) = σ. f Reynolds R ( x 1 x 2 ∙ ∙ ∙ x k − 1 ) = 0  # G   σ ∈ G  ∙ ∙ ∙    x 1 x 2 ∙ ∙ ∙ x n = 1 Very compact representation ! Theory to adapt Gröbner basis theory: S ubalgebra A nalog to G röbner B asis for I deals = SAGBI L.Robbiano and M. Sweedler. Subalgebra bases. Commutative algebra, pp. 61–87 in LMM. 1430, Springer, 1990. D. Kapur and K. Madlener, A completion procedure for computing a canonical basis for a k -subalgebra", pp. 1-11 in Computers and Mathematics (Cambridge, MA, 1989), edited

  60. First easy case: each equation is invariant Example (Cyclic n problem) G = C n  R ( x 1 ) = 0     R ( x 1 x 2 ) = 0    � ∙ ∙ ∙ 1 R ( f ) = σ. f Reynolds R ( x 1 x 2 ∙ ∙ ∙ x k − 1 ) = 0  # G   σ ∈ G  ∙ ∙ ∙    x 1 x 2 ∙ ∙ ∙ x n = 1 Very compact representation ! SAGBI Gröbner Bases : in general infinite ! Propose efficient algorithms (variants of F 5 and FGLM) to represent solutions of the system by another system in e 1 , . . . , e n . Example Cyclic n = 5 Symmetric Gröbner basis: [ e 1 , 125 e 2 + e 34 , e 36 + 3125 e 3 , e 4 , e 5 − 1 ]

  61. Algorithm [F., Rahmany, 2009] Gröbner basis in the invariant ring K [ e 1 , . . . , e n ] where e i is the i -th elementary symmetric polynomial. FGLM-Invariant algorithm D - Sym Gröbner basis ✲ D -Sagbi in K [ e 1 , . . . , e n ] ✻ ✛ ✘ ❄ Matrix Test ✲ Solutions no yes ✛ F 5 -Inv ? ✚ ✙ L n Zero Dim recovering algorithm D := D + 1 solutions Input System in K [ x 1 , . . . , x n ] G

  62. Experiments ... n D F 5 -invariant Magma 2.15-7 (F4) cyclic 9 15 10.4 s 136.1 s cyclic 10 16 206.1 s "Killed" cyclic 11 17 1 h 54 m cyclic 12 18 16 h 34m

  63. Experiments ... n D F 5 -invariant Magma 2.15-7 (F4) cyclic 9 15 10.4 s 136.1 s cyclic 10 16 206.1 s "Killed" cyclic 11 17 1 h 54 m cyclic 12 18 16 h 34m Reduced size of the computed objects: #Solutions #polynomials Max length of poly C 7 lex 924 35 132 inv C 7 lex 57 4 9 C 8 lex dim 1 57 2545 inv C 8 lex dim 1 15 87 inv C 9 lex dim 2 7 41

  64. Second easy case: G is a reflection group Theorem (Chevalley, Shepard, Todd) If char ( K ) ∤ # G then ⇒ K [ x 1 , . . . , x n ] G = K [ θ 1 , . . . , θ n ] G is a reflection group = where θ 1 , . . . , θ n ∈ K [ x 1 , . . . , x n ] are algebraically independent.

  65. Second easy case: G is a reflection group Theorem (Chevalley, Shepard, Todd) If char ( K ) ∤ # G then ⇒ K [ x 1 , . . . , x n ] G = K [ θ 1 , . . . , θ n ] G is a reflection group = where θ 1 , . . . , θ n ∈ K [ x 1 , . . . , x n ] are algebraically independent. Example (DLP Edwards) Consider a set of symmetric equations. In addition we assume that ( y 1 , . . . , y n ) ∈ V L = ⇒ ( − y 1 , − y 2 , y 3 , . . . , y n ) ∈ V L = ⇒ ( y 1 , − y 2 , − y 3 , . . . , y n ) ∈ V L even number change of signs on { y 1 , . . . , y n } .

  66. Second easy case: G is a reflection group Example (DLP Edwards) Consider a set of symmetric equations. In addition we assume that ( y 1 , . . . , y n ) ∈ V L ⇒ ( − y 1 , − y 2 , y 3 , . . . , y n ) ∈ V L = = ⇒ ( y 1 , − y 2 , − y 3 , . . . , y n ) ∈ V L � ⌊ n � n � 2 ⌋ = 2 n − 1 even number change of signs on { y 1 , . . . , y n } . i = 0 2 i Definition (Coxeter Group) D n is the symmetry group of the n -demi hypercube. D n = ( Z / 2 Z ) n − 1 ⋊ S n = ⇒ # D n = n ! ∙ 2 n − 1 Theorem F q [ y 1 , . . . , y n ] D n = F q [ E 1 , . . . , E n − 1 , e n ] n ) the i th elementary symmetric polynomial in where E i = e i ( y 2 1 , . . . , y 2 terms of y 2 i .

  67. DLP Discrete Logarithm Problem (DLP) Input: finite group G and g , h ∈ G , Question: Find – if any – an integer x such that h = [ x ] g . � √ # G � For any G , generic algorithms O . G = ( F × q , × ) , index calculus sub-exponential. G = ( J C ( F q ) , +) if g > 2 index calculus sub-exponential w.r.t. q . G = E ( F q ) no sub-exponential algorithm (except for few weak curves) � if q = p m , Diem // Gaudry index calculus attack.

  68. Adaptation of index calculus (Gaudry//Diem) Algorithm Input : P , Q ∈ E ( F q n ) Output : x such that Q = [ x ] P 1. Factor base : F = { ( x , y ) ∈ E ( F q n ) | x ∈ F q } 2. Compute relations : � � proba = 1 [ a j ] P ⊕ [ b j ] Q = P 1 ⊕ ∙ ∙ ∙ ⊕ P n , P i ∈ F n ! until having # F + 1 such relations � 3. Linear algebra [ λ j ∙ a j ] P ⊕ [ λ j ∙ b j ] Q = 0 E ( F qn ) j

  69. Adaptation of index calculus (Gaudry//Diem) Algorithm Input : P , Q ∈ E ( F q n ) Output : x such that Q = [ x ] P 1. Factor base : F = { ( x , y ) ∈ E ( F q n ) | x ∈ F q } 2. Compute relations : � � proba = 1 [ a j ] P ⊕ [ b j ] Q = P 1 ⊕ ∙ ∙ ∙ ⊕ P n , P i ∈ F n ! until having # F + 1 such relations � 3. Linear algebra [ λ j ∙ a j ] P ⊕ [ λ j ∙ b j ] Q = 0 E ( F qn ) j Complexity O ( q 2 − 2 For n fixed, � n ) (Gaudry, pprint 2004 and JSC 2009 / Diem, ANTS 2006)

  70. Problem : point decomposition (PDP) Given: R ∈ E ( F q n ) F = { ( x , y ) ∈ E ( F q n ) | x ∈ F q } ⊂ E ( F q n ) find P 1 , . . . , P n ∈ F such that R = P 1 ⊕ . . . ⊕ P n Algebraic method Modeling the problem as a polynomial system { g 1 , . . . , g s } and solve this system.

  71. Related work [Joux, Vitse eprint.iacr.org/2010/157] General approach. Similar to hybrid approach (specialization of one point) ➘ decrease the cost of solving the algebraic system ➚ add an exhaustive search on F of size ∼ q � In practice: limits the size of F q , q ∼ 2 30 Goal (joint work with L. Huot and G. Renault) Focus on Edwards curves � Take advantage of the symmetries to decrease the cost of solving system (in comparison to Gaudry). No exhaustive search, complexity linear w.r.t. log ( q ) . � for n fixed, (almost) no limit on q

  72. Curve representations Twisted Edwards Weierstrass Edwards, Bulletin of the AMS 2007 Bernstein et al., AFRICACRYPT 2008 E : y 2 = x 3 + a x + b E a , d : a x 2 + y 2 = 1 + d x 2 y 2 ∀ P = ( x , y ) ∈ E , ⊖ P = ( x , − y ) . where ad ( a − d ) � = 0. ∀ P = ( x , y ) ∈ E a , d , ⊖ P = ( − x , y ) .

  73. Summation polynomials in Weierstrass representation [Semaev, Technical report 2004] Projection of point decomposition problem � f m ( x 1 , . . . , x m ) � = � g 1 , . . . , g s � ∩ F q n [ x 1 , . . . , x m ] ∀ m ≥ 2 m th summation polynomial is defined by ∀ ( x 1 , . . . , x m ) ∈ K m , f m ( x 1 , ..., x m ) = 0 � m s.t. ∀ i , P i = ( x i , y i ) ∈ E and P 1 ⊕ ∙ ∙ ∙ ⊕ P m = 0 E ( K ) ∃ ( y 1 , ..., y m ) ∈ K Properties → ˜ ∀ m > 2 , f m is symmetric f n + 1 ( x 1 , . . . , x n , x R ) − f n + 1 ( e 1 , . . . , e n ) If E is defined by a Weierstrass equation then deg x i ( f m ) = 2 m − 2 .

  74. Summation polynomials for twisted Edwards curves We need to fix a small technical Issue: For all P = ( x , y ) ∈ E a , d we have ⊖ P = ( − x , y ) . � � � � P 1 ⊕ ∙ ∙ ∙ ⊕ P m = 0 E a , d ( ⊖ P 1 ) ⊕ ∙ ∙ ∙ ⊕ ( ⊖ P m ) = 0 E a , d � � = ⇒ � � f m ( x 1 , . . . , x m ) = 0 F qn f m ( − x 1 , . . . , − x m ) = 0 F qn Degree is too big ! deg x i ( f m ) = ( 2 m − 2 ) 2 Trick : x ↔ y Summation polynomials for Edwards curves : f n + 1 ( y 1 , . . . , y n , y R ) . Algorithm adaptation : F = { ( x , y ) ∈ E a , d ( F q n ) | y ∈ F q }

  75. Use that we are in some extension F q n Up to now we have only one equation: � x i ∈ F q ˜ f n + 1 ( e 1 , . . . , e n ) = 0 but f n + 1 ∈ F q n [ x 1 , . . . , x n ]

  76. Use that we are in some extension F q n Up to now we have only one equation: � x i ∈ F q ˜ f n + 1 ( e 1 , . . . , e n ) = 0 but f n + 1 ∈ F q n [ x 1 , . . . , x n ] Weil restriction on summation polynomial F q n : n dimensional F q -vector space � � ˜ ˜ f ( 0 ) n + 1 ( e 1 , . . . , e n ) , ∙ ∙ ∙ , ˜ f ( n − 1 ) f n + 1 ( e 1 , . . . , e n ) = 0 F qn = n + 1 ( e 1 , . . . , e n )  f ( 0 ) f ( n − 1 ) S = { ˜ n + 1 , . . . , ˜  - n + 1 } ⊂ F q [ x 1 , . . . , x n ] � - n variables, n equations  solutions in F q -

Recommend

Computing Gr obner Bases a short overview Christian Eder, Jean-Charles Faug` ere, Fayssal

Computing Gr obner Bases a short overview Christian Eder, Jean-Charles Faug` ere, Fayssal

Computing Gr obner Bases a short overview Christian Eder, Jean-Charles Faug` ere, Fayssal Martani, John Perry and Bjarke Hammersholt Roune Seminar of the CARAMEL Team in Nancy, France September 11, 2014 1 / 57 Preliminaries

1.77k views • 150 slides
Diamond materials for detection Jean-Charles ARNAULT jean-charles.arnault@cea.fr Workshop

Diamond materials for detection Jean-Charles ARNAULT jean-charles.arnault@cea.fr Workshop

09 juin 2015 Diamond materials for detection Jean-Charles ARNAULT jean-charles.arnault@cea.fr Workshop Diamant et dtecteurs, LPSC, June 9, 2015 Diamond Sensors Laboratory from Chemical Vapour Deposition of diamond to sensors MEMS

638 views • 39 slides
Towards Mixed Gr obner Basis Algorithms: the Multihomogeneous and Sparse Case July 19, 2018

Towards Mixed Gr obner Basis Algorithms: the Multihomogeneous and Sparse Case July 19, 2018

Towards Mixed Gr obner Basis Algorithms: the Multihomogeneous and Sparse Case July 19, 2018 Mat as R. Bender, Jean-Charles Faug` ere &amp; Elias Tsigaridas Sorbonne Universit e, CNRS , INRIA , Laboratoire dInformatique de Paris 6,

786 views • 39 slides
Bilinear systems with two supports: Koszul resultant matrices, eigenvalues, and eigenvectors July

Bilinear systems with two supports: Koszul resultant matrices, eigenvalues, and eigenvectors July

Bilinear systems with two supports: Koszul resultant matrices, eigenvalues, and eigenvectors July 17, 2018 as R. Bender 1 , Jean-Charles Faug` ere 1 , Mat Angelos Mantzaflaris 2 &amp; Elias Tsigaridas 1 1 Sorbonne Universit e, CNRS , INRIA

499 views • 31 slides
Jean-Charles Faugre with many collaborators [in the talk] Workshop 3: Computer Algebra and

Jean-Charles Faugre with many collaborators [in the talk] Workshop 3: Computer Algebra and

Recent progress on computing Grbner bases: theory and practice Jean-Charles Faugre with many collaborators [in the talk] Workshop 3: Computer Algebra and Polynomials Linz - Nov. 2013 Solving Polynomial Systems of Equations K a field, K r x

1.38k views • 71 slides
Binary Factorizations of the Matrix of All Ones Maguy Trefois Paul Van Dooren Jean-Charles

Binary Factorizations of the Matrix of All Ones Maguy Trefois Paul Van Dooren Jean-Charles

Binary Factorizations of the Matrix of All Ones Maguy Trefois Paul Van Dooren Jean-Charles Delvenne Universit catholique de Louvain, Belgium ILAS, June 2013 1 Motivation : the finite-time average consensus problem We have: n

784 views • 39 slides
Algebraic classification related to contrast optimization for MRI Bernard Bonnard 1 Jean-Charles

Algebraic classification related to contrast optimization for MRI Bernard Bonnard 1 Jean-Charles

Algebraic classification related to contrast optimization for MRI Bernard Bonnard 1 Jean-Charles Faugre 2 Alain Jacquemard 2 Mohab Safey El Din 2 Thibaut Verron 2 1 Institut de Mathmatiques de Bourgogne, Dijon, France UMR CNRS 5584 2

212 views • 19 slides
TAMING SIFIS Xavier Freixas (UPF) Jean-Charles Rochet (Z urich and TSE) (Preliminary)

TAMING SIFIS Xavier Freixas (UPF) Jean-Charles Rochet (Z urich and TSE) (Preliminary)

1. Introduction 2. Literature 3. The Model 4. Optimal Contract 5. The Case Where Bank Managers Are Scarce 6. Implementation TAMING SIFIS Xavier Freixas (UPF) Jean-Charles Rochet (Z urich and TSE) (Preliminary) September 14, 2011

338 views • 21 slides
Transitions towards a F4 society A three year modelling program supported by IDDRI Jean-Charles

Transitions towards a F4 society A three year modelling program supported by IDDRI Jean-Charles

Transitions towards a F4 society A three year modelling program supported by IDDRI Jean-Charles Hourcade, Renaud Crassous, Olivier Sassi, Frederic Ghersi, Sandrine Mathy, Vincent Gitz, Henri Weitzman A specific institutional setting IDDRI:

270 views • 22 slides
Nonequilibrium effects in DNA microarrays: a multiplatform study Jean-Charles Walter KU Leuven,

Nonequilibrium effects in DNA microarrays: a multiplatform study Jean-Charles Walter KU Leuven,

Introduction : DNA and microarrays Two- and Three-state models Analysis of experimental data Nonequilibrium effects in DNA microarrays: a multiplatform study Jean-Charles Walter KU Leuven, Belgium Collaborators : Myriam Kroll , Jef Hooyberghs

393 views • 22 slides
A distinguisher for high-rate McEliece Cryptosystems J.C. Faug` ere (INRIA, SALSA project),

A distinguisher for high-rate McEliece Cryptosystems J.C. Faug` ere (INRIA, SALSA project),

A distinguisher for high-rate McEliece Cryptosystems J.C. Faug` ere (INRIA, SALSA project), Val erie Gauthier (Math. dep. Tech. Univ. of Denmark), A. Otmani (Universit e Caen- INRIA, SECRET project), L. Perret (INRIA, SALSA project),

734 views • 35 slides
On The Complexity Of Computing Grbner Bases For Weighted Homogeneous Systems Jean-Charles

On The Complexity Of Computing Grbner Bases For Weighted Homogeneous Systems Jean-Charles

On The Complexity Of Computing Grbner Bases For Weighted Homogeneous Systems Jean-Charles Faugre 1 Mohab Safey El Din 1 , 2 Thibaut Verron 1 1 Universit Pierre et Marie Curie, Paris 6, France INRIA Paris-Rocquencourt, quipe P OL S YS

431 views • 28 slides
On The Complexity Of Computing Grbner Bases For Weighted Homogeneous Systems Jean-Charles

On The Complexity Of Computing Grbner Bases For Weighted Homogeneous Systems Jean-Charles

On The Complexity Of Computing Grbner Bases For Weighted Homogeneous Systems Jean-Charles Faugre 1 Mohab Safey El Din 1 Thibaut Verron 2 1 Universit Pierre et Marie Curie, Paris 6, France INRIA Paris-Rocquencourt, quipe P OL S YS

1.04k views • 47 slides
Financial Stability Course PIMS Summer School UBC July 2014 Jean-Charles ROCHET (SFI, UZH and

Financial Stability Course PIMS Summer School UBC July 2014 Jean-Charles ROCHET (SFI, UZH and

Financial Stability Course PIMS Summer School UBC July 2014 Jean-Charles ROCHET (SFI, UZH and TSE) 1 Background Concept of systemic risk (in finance) was put forward by bank regulators around 1995. They recognized that their prudential tools

1.02k views • 36 slides
Automation Industrielle Dependability - Overview Dr. Jean-Charles Tournier CERN, Geneva,

Automation Industrielle Dependability - Overview Dr. Jean-Charles Tournier CERN, Geneva,

Industrial Automation Automation Industrielle Dependability - Overview Dr. Jean-Charles Tournier CERN, Geneva, Switzerland 2015 - JCT The material of this course has been initially created by Prof. Dr. H. Kirrmann and adapted by Dr. Y-A.

927 views • 50 slides
High Voltage Insulator Testing Based on Electric Field Method CHARLES JEAN Personnel Safety

High Voltage Insulator Testing Based on Electric Field Method CHARLES JEAN Personnel Safety

High Voltage Insulator Testing Based on Electric Field Method CHARLES JEAN Personnel Safety Through Assessment of Electric Field Distribution Along Energized Insulators By Charles Jean P. Eng. Personnel Safety Through Assessment of Electric

384 views • 23 slides
Co Context In high energy physic experiments, gas mixture is the sensitive medium where the

Co Context In high energy physic experiments, gas mixture is the sensitive medium where the

EPFL, LAMS Industrial Automation course Dr. Yvonne-Anne Pignolet yvonneanne.pignolet@epfl.ch Dr. Jean-Charles Tournier jean-charles.tournier@epfl.ch Project for the course Industrial Automation 2020 Co Context In high energy

387 views • 5 slides
Charles Darwin (1809-1882), wedding portrait, 1841. Jean-Baptiste de Lamarck (1744-1829) Erasmus

Charles Darwin (1809-1882), wedding portrait, 1841. Jean-Baptiste de Lamarck (1744-1829) Erasmus

Charles Darwin (1809-1882), wedding portrait, 1841. Jean-Baptiste de Lamarck (1744-1829) Erasmus Darwin (1731-1802) Charles Darwin in 1860, photo taken by his son Erasmus Thus from the war of nature, from famine and death, the most

544 views • 21 slides
FOR VIRTUAL MATERIAL DESIGN Adib Akl 1,2 , Charles Yaacoub 2 , Marc Donias 1 , Jean-Pierre Da Costa

FOR VIRTUAL MATERIAL DESIGN Adib Akl 1,2 , Charles Yaacoub 2 , Marc Donias 1 , Jean-Pierre Da Costa

30/10/2014 IEEE International Conference on Image Processing STRUCTURE TENSOR BASED SYNTHESIS OF DIRECTIONAL TEXTURES FOR VIRTUAL MATERIAL DESIGN Adib Akl 1,2 , Charles Yaacoub 2 , Marc Donias 1 , Jean-Pierre Da Costa 1 , Christian Germain 1 1

459 views • 15 slides
On The Complexity Of Computing Grbner Bases For Quasi-Homogeneous Systems Jean-Charles Faugre

On The Complexity Of Computing Grbner Bases For Quasi-Homogeneous Systems Jean-Charles Faugre

On The Complexity Of Computing Grbner Bases For Quasi-Homogeneous Systems Jean-Charles Faugre 1 Mohab Safey El Din 1 , 2 Thibaut Verron 1 , 3 1 Universit Pierre et Marie Curie, Paris 6, France INRIA Paris-Rocquencourt, quipe P OL S YS

471 views • 25 slides
Race and Economic Well-Being in the United States Jean-Felix Brouillette, Charles I. Jones and

Race and Economic Well-Being in the United States Jean-Felix Brouillette, Charles I. Jones and

Race and Economic Well-Being in the United States Jean-Felix Brouillette, Charles I. Jones and Peter J. Klenow November 4, 2020 Race and economic well-being Large and persistent racial differences in economic outcomes in the U.S.: Earnings:

428 views • 31 slides
Industrial Automation 2019 Dr. Yvonne-Anne Pignolet, Dfinity Foundation Dr. Jean-Charles

Industrial Automation 2019 Dr. Yvonne-Anne Pignolet, Dfinity Foundation Dr. Jean-Charles

Industrial Automation 2019 Dr. Yvonne-Anne Pignolet, Dfinity Foundation Dr. Jean-Charles Tournier, CERN Background Survey: http://tinyurl.com/qau3el4 Course Goals Raise interest for industrial automation systems Understand

343 views • 8 slides
Computing Grbner bases for quasi-homogeneous systems Jean-Charles Faugre 1 Mohab Safey El Din

Computing Grbner bases for quasi-homogeneous systems Jean-Charles Faugre 1 Mohab Safey El Din

Computing Grbner bases for quasi-homogeneous systems Jean-Charles Faugre 1 Mohab Safey El Din 12 Thibaut Verron 13 1 Universit Pierre et Marie Curie, Paris 6, France INRIA Paris-Rocquencourt, quipe P OL S YS Laboratoire dInformatique de

715 views • 47 slides
Automation Industrielle Real-time Control Systems Dr. Jean-Charles Tournier CERN, Geneva,

Automation Industrielle Real-time Control Systems Dr. Jean-Charles Tournier CERN, Geneva,

Industrial Automation Automation Industrielle Real-time Control Systems Dr. Jean-Charles Tournier CERN, Geneva, Switzerland 2015 - JCT The material of this course has been initially created by Prof. Dr. H. Kirrmann and adapted by Dr. Y-A.

654 views • 39 slides

More recommend