Youming Qiao

Tiange Li, Yinan Li, Youming Qiao et al.

In Grochow and Qiao (SIAM J. Comput., 2021), the complexity class Tensor Isomorphism (TI) was introduced and isomorphism problems for groups, algebras, and polynomials were shown to be TI-complete. In this paper, we study average-case algorithms for several TI-complete problems over finite fields, including algebra isomorphism, matrix code conjugacy, and $4$-tensor isomorphism. Our main results are as follows. Over the finite field of order $q$, we devise (1) average-case polynomial-time algorithms for algebra isomorphism and matrix code conjugacy that succeed in a $1/Θ(q)$ fraction of inputs and (2) an average-case polynomial-time algorithm for the $4$-tensor isomorphism that succeeds in a $1/q^{Θ(1)}$ fraction of inputs. Prior to our work, algorithms for algebra isomorphism with rigorous average-case analyses ran in exponential time, albeit succeeding on a larger fraction of inputs (Li--Qiao, FOCS'17; Brooksbank--Li--Qiao--Wilson, ESA'20; Grochow--Qiao--Tang, STACS'21). These results reveal a finer landscape of the average-case complexities of TI-complete problems, providing guidance for cryptographic systems based on isomorphism problems. Our main technical contribution is to introduce the spectral properties of random matrices into algorithms for TI-complete problems. This leads to not only new algorithms but also new questions in random matrix theory over finite fields. To settle these questions, we need to extend both the generating function approach as in Neumann and Praeger (J. London Math. Soc., 1998) and the characteristic sum method of Gorodetsky and Rodgers (Trans. Amer. Math. Soc., 2021).

Jeremy Chizewer, Samuel Everett, Deven Mithal et al.

We study the problem of testing whether two tensors in $\mathbb{R}^\ell\otimes \mathbb{R}^m\otimes \mathbb{R}^n$ are isomorphic under the natural action of orthogonal groups $\textbf{O}(\ell, \mathbb{R})\times\textbf{O}(m, \mathbb{R})\times\textbf{O}(n, \mathbb{R})$, as well as the corresponding question over $\mathbb{C}$ and unitary groups. These problems naturally arise in several areas, including graph and tensor isomorphism (Grochow--Qiao, SIAM J. Comp. '21), scaling algorithms for orbit closure intersections (Allen-Zhu--Garg--Li--Oliveira--Wigderson, STOC '18), and quantum information (Liu--Li--Li--Qiao, Phys. Rev. Lett. '12). We study average-case algorithms for orthogonal and unitary tensor isomorphism, with one random tensor where each entry is sampled uniformly independently from a sub-Gaussian distribution, and the other arbitrary. For the algorithm design, we develop algorithmic ideas from the higher-order singular value approach into polynomial-time exact (algebraic) and approximate (numerical) algorithms with rigorous average-case analyses. Following (Allen-Zhu--Garg--Li--Oliveira--Wigderson, STOC '18), we present an algorithm for a gapped version of the orbit distance approximation problem. For the average-case analysis, we work from recent progress in random matrix theory on eigenvalue repulsion of sub-Gaussian Wishart matrices (Christoffersen--Luh--O'Rourke--Shearer and Han, arXiv '25) by extending their results from side lengths of Wishart matrices linearly related to polynomially related.

Zhengfeng Ji, Youming Qiao, Fang Song et al.

Starting from the one-way group action framework of Brassard and Yung (Crypto '90), we revisit building cryptography based on group actions. Several previous candidates for one-way group actions no longer stand, due to progress both on classical algorithms (e.g., graph isomorphism) and quantum algorithms (e.g., discrete logarithm). We propose the general linear group action on tensors as a new candidate to build cryptography based on group actions. Recent works (Futorny--Grochow--Sergeichuk, Lin. Alg. Appl., 2019) suggest that the underlying algorithmic problem, the tensor isomorphism problem, is the hardest one among several isomorphism testing problems arising from areas including coding theory, computational group theory, and multivariate cryptography. We present evidence to justify the viability of this proposal from comprehensive study of the state-of-art heuristic algorithms, theoretical algorithms, and hardness results, as well as quantum algorithms. We then introduce a new notion called pseudorandom group actions to further develop group-action based cryptography. Briefly speaking, given a group $G$ acting on a set $S$, we assume that it is hard to distinguish two distributions of $(s, t)$ either uniformly chosen from $S\times S$, or where $s$ is randomly chosen from $S$ and $t$ is the result of applying a random group action of $g\in G$ on $s$. This subsumes the classical decisional Diffie-Hellman assumption when specialized to a particular group action. We carefully analyze various attack strategies that support the general linear group action on tensors as a candidate for this assumption. Finally, we establish the quantum security of several cryptographic primitives based on the one-way group action assumption and the pseudorandom group action assumption.

Gábor Ivanyos, Youming Qiao

We consider two basic algorithmic problems concerning tuples of (skew-)symmetric matrices. The first problem asks to decide, given two tuples of (skew-)symmetric matrices $(B_1, \dots, B_m)$ and $(C_1, \dots, C_m)$, whether there exists an invertible matrix $A$ such that for every $i\in\{1, \dots, m\}$, $A^tB_iA=C_i$. We show that this problem can be solved in randomized polynomial time over finite fields of odd size, the real field, and the complex field. The second problem asks to decide, given a tuple of square matrices $(B_1, \dots, B_m)$, whether there exist invertible matrices $A$ and $D$, such that for every $i\in\{1, \dots, m\}$, $AB_iD$ is (skew-)symmetric. We show that this problem can be solved in deterministic polynomial time over fields of characteristic not $2$. For both problems we exploit the structure of the underlying $*$-algebras, and utilize results and methods from the module isomorphism problem. Applications of our results range from multivariate cryptography, group isomorphism, to polynomial identity testing. Specifically, these results imply efficient algorithms for the following problems. (1) Test isomorphism of quadratic forms with one secret over a finite field of odd size. This problem belongs to a family of problems that serves as the security basis of certain authentication schemes proposed by Patarin (Eurocrypto 1996). (2) Test isomorphism of $p$-groups of class 2 and exponent $p$ ($p$ odd) with order $p^k$ in time polynomial in the group order, when the commutator subgroup is of order $p^{O(\sqrt{k})}$. (3) Deterministically reveal two families of singularity witnesses caused by the skew-symmetric structure, which represents a natural next step for the polynomial identity testing problem following the direction set up by the recent resolution of the non-commutative rank problem (Garg et al., FOCS 2016; Ivanyos et al., ITCS 2017).

Xiaohui Bei, Youming Qiao, Shengyu Zhang

We introduce a graphical framework for fair division in cake cutting, where comparisons between agents are limited by an underlying network structure. We generalize the classical fairness notions of envy-freeness and proportionality to this graphical setting. Given a simple undirected graph G, an allocation is envy-free on G if no agent envies any of her neighbor's share, and is proportional on G if every agent values her own share no less than the average among her neighbors, with respect to her own measure. These generalizations open new research directions in developing simple and efficient algorithms that can produce fair allocations under specific graph structures. On the algorithmic frontier, we first propose a moving-knife algorithm that outputs an envy-free allocation on trees. The algorithm is significantly simpler than the discrete and bounded envy-free algorithm recently designed by Aziz and Mackenzie for complete graphs. Next, we give a discrete and bounded algorithm for computing a proportional allocation on descendant graphs, a class of graphs by taking a rooted tree and connecting all its ancestor-descendant pairs.