How Mathematical Curves Power Cryptography | Quanta Magazine

given a collection of points in space, can you find a certain type of curve that passes through all o'em? this ? — a version of wha’’s called the interpolation problem — has interested mathematicians since antiquity. earlier this yr, the mathematicians eric larson and isabel vogt solved it completely.

but while the work has generated a lotta excitement among pure mathematicians, interpolation has practical consequences that extend far beyond the realm of geometry. interpolation is central to storing and communicating electronic data, constructing crpgraphic schemes, and +. it’s Y-U can scratch a cd and still hear ♫, or get a qr code dirty and still scan it. it’s why space missions like the + program ‘d send clear digital images back to earth. it’s why a cluster of computers can perform a complex computation even if one of those computers malfunctions.

these applications all rely na' strikingly presh and conceptually straiteforward use of interpolation: so-called reed-solomon codes, na codes that build on'em.

point by point

say you wanna send a message consisting of two №s: 2 and 7. it’s possible that somd' data you’re transmitting will get lost or corrupted — the 2 mite flip to a −2, for instance. so instead of simply sending the data, you can add extra information to help the recipient identify and fix errors that mite arise. this is wha’’s called an error-correcting code.

the simplest ex of such a code involves transmitting the same message multiple times. to allo the recipient to identify whether an error occurred, send the same message twice: 2, 7, 2, 7. if the №s in corresponding positions don’t match (say, if the transmission instead reads 2, 7, −2, 7), the recipient will know one o'em is wrong — but not which one. to let them fig that out and correct the error, send the same message 3 times: 2, 7, 2, 7, 2, 7. the recipient simply needo take the majority vote to fig out yr intended message.

but this means of correcting errors is wildly inefficient. here’s a smarter approach: encode the message as a curve, and send just enough information to allo the recipient to reconstruct that curve.

n'our simple case of transmitting 2 and 7, the curve ‘d be the line y = 2x + 7. cogitate this curve at two predetermined vals of x, and transmit the resulting y-vals. the recipient now has two points, and cause the interpolation problem tells us that two points determine a unique line, the recipient simply has to find the line that passes through the points they received. the coefficients of the line reveal the intended message.

to avoid errors, you once again add extra information. here, you send the y-val that corresponds to another predetermined x-coordinate. if the 3 points do not fall onna same line, there’s an error. and to fig out where the error is, you just send one + val — meaning you’ve sent 4 №s total, rather than the 6 required by the previous method.

the advantage grows w'da size of the message. let’s say you wanna send a longer message — 1,000 №s. the less efficient code ‘d require sending 2,000 №s to identify an error, and 3,000 to correct it. but if you use the code that involves interpolating a polynomial through given points, you 1-ly need 1,001 №s to find the error, and 1,002 to correct it. (you can add + points to identify and correct + potential errors.) as the length of yr message increases, the difference in efficiency tween the two codes grows starker.

the + efficient code is called a reed-solomon code. since its introduction in 1960, mathematicians ‘ve made further breakthroughs, developing algorithms that can correct + errors with gr8r efficiency. “it’s very elegant, clean, concrete,” said swastik koppty, a mathematician and computer sci atta university of toronto. “it can be taught to a 2nd-yr undergraduate in ½ an hr.”

reed-solomon codes ‘ve been pticularly useful for storing and transmitting information electronically. but'a same concept has also been primordial in crpgraphy and distributed computing.

take secret sharing: let’s say you wanna distribute a secret among several pties such that no one person can access the entire secret, but together they can. (imagine an encryption key, for instance, or a missile launch code.) you encode the №s in a polynomial, cogitate that polynomial at a predetermined set of points, and distribute each of the results to a ≠ person.

most recently, reed-solomon codes ‘ve been employed in zones like cloud computing and blockchn tek. say you nd'2 run a computation that’s too complicated for yr laptop, so u ‘ve a large computational cluster run it — but now you nd'2 verify that the computation you get back is correct. reed-solomon codes let you ask for additional information that the cluster likely won’t be able to produce if it hasn’t done the computation correctly. “this works magically,” said jade nardi, a research fello atta mathematics institute of rennes in france. “this process is really wandaful, na way it relies on [these codes] blos my Ψ.”

but reed-solomon codes also ‘ve an primordial constraint. they’re constructed in such a way that you can 1-ly cogitate yr polynomial at a fixed (and usually relatively lil) set of vals. that is, you’re limited to using a certain set of №s to encode yr message. the size odat set, or α-bet, in turn restricts the length of the messages you can send — na bigger you try to make yr α-bet, the + computational power you’ll nd'2 decode those messages.

and so mathematicians sought an even + optimal code.

future codes

a + general, + uber code ‘d allo you to store or send longer messages without needing to increase the size of yr α-bet. to do this, mathematicians devised codes that involve interpolating a function — which lives in a spesh space associated to a + complicated curve — through given points on that curve. these so-called algebraic geometry codes “came out of nowhere, and they’re betta tha' any other code we know how to make [witha liler α-bet],” koppty said. “this beats everything. twas a real shock.”

there’s just one problem. in practice, implementing a reed-solomon code is much, much easier than implementing an algebraic geometry code. “this is state-of-the-art, but it’s still under investigation to really turn into something practical,” said the crplogist simon abelard. “it involves quite abstract mathematics, n'it’s hard to handle these codes na' computer.”

for now, that’s not worrisome: in real-realm applications, reed-solomon codes and rel8d forms of error correction are sufficient. b'that mite not always be the case. for instance, if uber quantum computers become available inna future, they’ll be able to break tody’s crpgraphy protocols. as a result, researchers ‘ve been searching for schemes that can resist quantum attacks. one top contender for such schemes ‘d require something stronger than reed-solomon codes. certain versions of algebraic geometry codes mite just work. other researchers are hopeful bout the role algebraic geometry codes mite play in cloud computing.

but even inna absence of such potential uses, “inna history of mathematics, sometimes you discover new things that really don’t ‘ve applications nowadys,” said elena berardini, a researcher at eindhoven university of tek inna netherlands who works on algebraic geometry codes. “but then after 50 yrs, you find that it mite be useful for something completely unexpected” — just like the ancient problem of interpolation itself.

original content at:…
authors: jordana cepelewicz