Kai-Min Chung

Radius margin bounds for support vector machines with the RBF kernel

An important approach for efficient support vector machine (SVM) model selection is to use differentiable bounds of the leave-one-out (loo) error. Past efforts focused on finding tight bounds of loo (e.g., radius margin bounds, span bounds). However, their practical viability is still not very satisfactory. Duan, Keerthi, and Poo (2003) showed that radius margin bound gives good prediction for L2-SVM, one of the cases we look at. In this letter, through analyses about why this bound performs well for L2-SVM, we show that finding a bound whose minima are in a region with small loo values may be more important than its tightness. Based on this principle, we propose modified radius margin bounds for L1-SVM (the other case) where the original bound is applicable only to the hard-margin case. Our modification for L1-SVM achieves comparable performance to L2-SVM. To study whether L1-or L2-SVM should be used, we analyze other properties, such as their differentiability, number of support vectors, and number of free support vectors. In this aspect, L1-SVM possesses the advantage of having fewer support vectors. Their implementations are also different, so we discuss related issues in detail.

On Extractability Obfuscation

We initiate the study of extractability obfuscation, a notion first suggested by Barak et al. (JACM 2012): An extractability obfuscator \(e{\mathcal{O}}\) for a class of algorithms \(\mathcal{M}\) guarantees that if an efficient attacker \(\mathcal{A}\) can distinguish between obfuscations \(e{\mathcal O}(M_1), e{\mathcal O}(M_2)\) of two algorithms \(M_1,M_2 \in{\mathcal{M}}\), then \(\mathcal{A}\) can efficiently recover (given M 1 and M 2) an input on which M 1 and M 2 provide different outputs.

An Optimal Algorithm for the Maximum-Density Segment Problem

We address a fundamental problem arising from analysis of biomolecular sequences. The input consists of two numbers wmin and wmax and a sequence S of n number pairs (ai,wi) with wi > 0. Let segment S(i,j) of S be the consecutive subsequence of S between indices i and j. The density of S(i,j) is d(i,j) = (ai + ai + 1 + \cdots + aj)/(wi + wi + 1 + \cdots + wj)

Constant-Round Concurrent Zero-Knowledge from Indistinguishability Obfuscation

. The maximum-density segment problem is to find a maximum-density segment over all segments S(i,j) with wmin \leq wi + wi + 1 + \cdots + wj \leq wmax. The best previously known algorithm for the problem, due to Goldwasser, Kao, and Lu [Proceedings of the Second International Workshop on Algorithms in Bioinformatics, R. Guigo and D. Gusfield, eds., Lecture Notes in Comput. Sci. 2452, Springer-Verlag, New York, 2002, pp. 157--171], runs in O(n log(wmax- wmin+1)) time. In the present paper, we solve the problem in O(n) time. Our approach bypasses the complicated right-skew decomposition, introduced by Lin, Jiang, and Chao [J. Comput. System Sci., 65 (2002), pp. 570--586]. As a result, our algorithm has the capability to process the input sequence in an online manner, which is an important feature for dealing with genome-scale sequences. Moreover, for a type of input sequences S representable in O(m) space, we show how to exploit the sparsity of S and solve the maximum-density segment problem for S in O(m) time.

Oblivious Parallel RAM and Applications

We present a constant-round concurrent zero-knowledge protocol for \({\mathsf {NP}} \). Our protocol relies on the existence of families of collision-resistant hash functions, one-way permutations, and indistinguishability obfuscators for \(\mathbf{P}/poly\) (with slightly super-polynomial security).

Chernoff-Hoeffding Bounds for Markov Chains: Generalized and Simplified

We initiate the study of cryptography for parallel RAM (PRAM) programs. The PRAM model captures modern multi-core architectures and cluster computing models, where several processors execute in parallel and make accesses to shared memory, and provides the “best of both” circuit and RAM models, supporting both cheap random access and parallelism.

Parallel repetition theorems for interactive arguments

We prove the first Chernoff-Hoeffding bounds for general nonreversible finite-state Markov chains based on the standard L_1 (variation distance) mixing-time of the chain. Specifically, consider an ergodic Markov chain M and a weight function f: [n] -> [0,1] on the state space [n] of M with mean mu = E_{v = delta mu t ], is at most exp(-Omega(delta^2 mu t / T)) for 0 1. In fact, the bounds hold even if the weight functions f_is for i in [t] are distinct, provided that all of them have the same mean mu. We also obtain a simplified proof for the Chernoff-Hoeffding bounds based on the spectral expansion lambda of M, which is the square root of the second largest eigenvalue (in absolute value) of M tilde{M}, where tilde{M} is the time-reversal Markov chain of M. We show that the probability Pr [ |X - mu t| >= delta mu t ] is at most exp(-Omega(delta^2 (1-lambda) mu t)) for 0 1. Both of our results extend to continuous-time Markov chains, and to the case where the walk starts from an arbitrary distribution x, at a price of a multiplicative factor depending on the distribution x in the concentration bounds.

Large-Scale Secure Computation: Multi-party Computation for (Parallel) RAM Programs

We study efficient parallel repetition theorems for several classes of interactive arguments and obtain the following results: We show a tight parallel repetition theorem for public-coin interactive arguments by giving a tight analysis for a reduction algorithm of Hastad et al. [HPPW08]. That is, n-fold parallel repetition decreases the soundness error from δ to δn. The crux of our improvement is a new analysis that avoid using Raz’s Sampling Lemma, which is the key ingredient to the previous results. We give a new security analysis to strengthen a parallel repetition theorem of Hastad et al. for a more general class of arguments. We show that n-fold parallel repetition decreases the soundness error from δ to δn/2, which is almost tight. In particular, we remove the dependency on the number of rounds in the bound, and as a consequence, extend the “concurrent” repetition theorem of Wikstrom [Wik09] to this model. We obtain a way to turn any interactive argument to one in the class above using fully homomorphic encryption schemes. This gives a way to amplify the soundness of any interactive argument without increasing the round complexity. We give a simple and generic transformation which shows that tight direct product theorems imply almost-tight Chernoff-type theorems. This extends our results to Chernoff-type theorems, and gives an alternative proof to the Chernoff-type theorem of Impagliazzo et al. [IJK09] for weakly-verifiable puzzles.

4-Round Resettably-Sound Zero Knowledge

We present the first efficient (i.e., polylogarithmic overhead) method for securely and privately processing large data sets over multiple parties with parallel, distributed algorithms. More specifically, we demonstrate load-balanced, statistically secure computation protocols for computing Parallel RAM (PRAM) programs, handling \((1/3 - \epsilon )\) fraction malicious players, while preserving up to polylogarithmic factors the computation, parallel time, and memory complexities of the PRAM program, aside from a one-time execution of a broadcast protocol per party. Additionally, our protocol has \(\mathsf{polylog}\) communication locality—that is, each of the n parties speaks only with \(\mathsf{polylog}(n)\) other parties.

On the power of nonuniformity in proofs of security

While 4-round constructions of zero-knowledge arguments are known based on the existence of one-way functions, constuctions of resettably-sound zero-knowledge arguments require either stronger assumptions (the existence of a fully-homomorphic encryption scheme), or more communication rounds. We close this gap by demonstrating a 4- round resettably-sound zero-knowledge argument for NP based on the existence of one-way functions.