Itzhak Tamo

Amit Berman, Yaron Shany, Itzhak Tamo

Products of MDS codes are of major practical importance; for a recent example, they are used in Data Availability Sampling (DAS) in blockchain networks such as Celestia and as part of the Ethereum roadmap. This motivates us to consider subcodes of such codes with the goal of obtaining a larger minimum distance. In this paper, we present explicit constructions of subcodes of Reed--Solomon product codes, along with bounds on their minimum distance. In particular, they achieve an optimal or near-optimal dimension--distance tradeoff. For component codes of dimension $r$, our construction requires a field whose size is bounded linearly by the overall product code length, and attains the maximum possible minimum distance for subcode dimensions $r^2-1$, $r^2-2$, and all dimensions at most $2r-1$. Furthermore, we establish a new upper bound on the minimum distance of subcodes of the product of two codes with identical parameters.

Swastik Kopparty, Itzhak Tamo

Expander (Tanner) codes combine sparse graphs with local constraints, enabling linear-time decoding and asymptotically good distance--rate tradeoffs. A standard constraint-counting argument yields the global-rate lower bound $R\ge 2r-1$ for a Tanner code with local rate $r$, which gives no positive-rate guarantee in the low-rate regime $r\le 1/2$. This regime is nonetheless important in applications that require algebraic local constraints (e.g., Reed--Solomon locality and the Schur-product/multiplication property). We introduce \emph{Algebraic Expander Codes}, an explicit algebraic family of Tanner-type codes whose local constraints are Reed--Solomon and whose global rate remains bounded away from $0$ for every fixed $r\in(0,1)$ (in particular, for $r\le 1/2$), while achieving constant relative distance. Our codes are defined by evaluating a structured subspace of polynomials on an orbit of a non-commutative subgroup of $\mathrm{AGL}(1,\mathbb{F})$ generated by translations and scalings. The resulting sparse coset geometry forms a strong spectral expander, proved via additive character-sum estimates, while the rate analysis uses a new notion of polynomial degree and a polytope-volume/dimension-counting argument.

Netanel Raviv, Ben Langton, Itzhak Tamo

A Sidon space is a subspace of an extension field over a base field in which the product of any two elements can be factored uniquely, up to constants. This paper proposes a new public-key cryptosystem of the multivariate type which is based on Sidon spaces, and has the potential to remain secure even if quantum supremacy is attained. This system, whose security relies on the hardness of the well-known MinRank problem, is shown to be resilient to several straightforward algebraic attacks. In particular, it is proved that the two popular attacks on the MinRank problem, the kernel attack, and the minor attack, succeed only with exponentially small probability. The system is implemented in software, and its hardness is demonstrated experimentally.

Netanel Raviv, Itzhak Tamo, Eitan Yaakobi

In a Private Information Retrieval (PIR) protocol, a user can download a file from a database without revealing the identity of the file to each individual server. A PIR protocol is called $t$-private if the identity of the file remains concealed even if $t$ of the servers collude. Graph based replication is a simple technique, which is prevalent in both theory and practice, for achieving erasure robustness in storage systems. In this technique each file is replicated on two or more storage servers, giving rise to a (hyper-)graph structure. In this paper we study private information retrieval protocols in graph based replication systems. The main interest of this work is maximizing the parameter $t$, and in particular, understanding the structure of the colluding sets which emerge in a given graph. Our main contribution is a $2$-replication scheme which guarantees perfect privacy from acyclic sets in the graph, and guarantees partial-privacy in the presence of cycles. Furthermore, by providing an upper bound, it is shown that the PIR rate of this scheme is at most a factor of two from its optimal value for an important family of graphs. Lastly, we extend our results to larger replication factors and to graph-based coding, which is a similar technique with smaller storage overhead and larger PIR rate.

Netanel Raviv, Itzhak Tamo, Rashish Tandon et al.

Gradient coding is a technique for straggler mitigation in distributed learning. In this paper we design novel gradient codes using tools from classical coding theory, namely, cyclic MDS codes, which compare favorably with existing solutions, both in the applicable range of parameters and in the complexity of the involved algorithms. Second, we introduce an approximate variant of the gradient coding problem, in which we settle for approximate gradient computation instead of the exact one. This approach enables graceful degradation, i.e., the $\ell_2$ error of the approximate gradient is a decreasing function of the number of stragglers. Our main result is that normalized adjacency matrices of expander graphs yield excellent approximate gradient codes, which enable significantly less computation compared to exact gradient coding, and guarantee faster convergence than trivial solutions under standard assumptions. We experimentally test our approach on Amazon EC2, and show that the generalization error of approximate gradient coding is very close to the full gradient while requiring significantly less computation from the workers.