ACC0

Abstract: We use algebraic methods to get lower bounds for complexity of different functions based on constant depth unbounded fan-in circuits with the given set of basic operations. In particular, we prove that depth k circuits with gates NOT, OR and MODp where p is a prime require Exp(O(n1/2k)) gates to calculate MODr functions for any r ≠ pm. This statement contains as special cases Yao's PARITY result [ Ya 85 ] and Razborov's new MAJORITY result [Ra 86] (MODm gate is an oracle which outputs zero, if the number of ones is divisible by m).

Abstract: We show that any language recognized by an NC 1 circuit (fan-in 2, depth O (log n )) can be recognized by a width-5 polynomial-size branching program. As any bounded-width polynomial-size branching program can be simulated by an NC 1 circuit, we have that the class of languages recognized by such programs is exactly nonuniform NC 1 . Further, following Ruzzo ( J. Comput. System Sci. 22 (1981), 365–383) and Cook ( Inform. and Control 64 (1985) 2–22) , if the branching programs are restricted to be ATIME(logn)-uniform, they recognize the same languages as do ATIME(log n )-uniform NC 1 circuits, that is, those languages in ATIME(log n ). We also extend the method of proof to investigate the complexity of the word problem for a fixed permutation group and show that polynomial size circuits of width 4 also recognize exactly nonuniform NC 1 .

Abstract: Physical computational devices leak side-channel information that may, and often does, reveal secret internal states. We present a general transformation that compiles any circuit into a new, functionally equivalent circuit which is resilient against well-defined classes of leakage. Our construction requires a small, stateless and computation-independent leak-proof component that draws random elements from a fixed distribution. In essence, we reduce the problem of shielding arbitrarily complex circuits to the problem of shielding a single, simple component. Our approach is based on modeling the adversary as a powerful observer that inspects the device via a limited measurement apparatus. We allow the apparatus to access all the bits of the computation (except those inside the leak-proof component) and the amount of leaked information to grow unbounded over time. However, we assume that the apparatus is limited either in its computational ability (namely, it lacks the ability to decode certain linear encodings and outputs a limited number of bits per iteration), or its precision (each observed bit is flipped with some probability). While our results apply in general to such leakage classes, in particular, we obtain security against: Constant depth circuits leakage, where the measurement apparatus can be implemented by an AC0 circuit (namely, a constant depth circuit composed of NOT gates and unbounded fan-in AND and OR gates), or an ACC0[p] circuit (which is the same as AC0, except that it also uses MODp gates) which outputs a limited number of bits. Noisy leakage, where the measurement apparatus reveals all the bits of the state of the circuit, perturbed by independent binomial noise. Namely, each bit of the computation is perturbed with probability p, and remains unchanged with probability 1−p.