BC SCIENCE
Saved by @CodyyyGardner

The day has come.

Enter a thread on isogenies, random walks and automorphism groups.

🧵👇

(0/n)

 I will explain some of the background we used to write these papers with Ben Smith, so I encourage you to go read them. There are some results at the end of the thread too!

https://t.co/ZvOjLWdxXY

(1/n)
The main objects in isogeny-based cryptography are elliptic curves and isogenies, usually defined over finite fields. And, of course, isogeny graphs.

(2/n)
You might want to read about elliptic curves here.

https://t.co/XHxOEuJMDN

(3/n)
First of all, an isogeny is a nonconstant morphism of elliptic curves fixing the point at infinity.

So it is a group morphism, a morphism of algebraic curves, it is surjective, and it has finite kernel.

https://t.co/WWSDCbtavl

(4/n)
The size of the kernel is the degree of the isogeny (whenever it is coprime to the characteristic of the finite field).

(5/n)
Isogenies can be thought of as "quotienting out" your curve by the kernel. Another useful concept to keep in mind is that of the dual.

(6/n)
Given an isogeny

a:E1→E2

of degree n, there is a dual isogeny

â:E2→E1,

such that the composition of both is the multiplication-by-n endomorphism.

(7/n)
So, the dual is almost an inverse, but when you get back you carry the degree. Isogenies of degree 1 are isomorphisms.

(8/n)
The supersingular isogeny graph is the graph of (isomorphism classes of) supersingular elliptic curves and the isogenies between them. They can be thought of as undirected graphs (more on that later).

(9/n)
You might know SIDH, which works with supersingular elliptic curves and low-degree isogenies.

(for instance, the previous graph, which consists of degree-2 and 3 isogenies)

https://t.co/qZx1hVEEya

(10/n)
You might also know the Charles-Goren-Lauter hash function, which did actually come first.

https://t.co/Uj8isRiGnC

(11/n)
This hash function is easy to describe: a sequence of bits determines a random walk in the 2-isogeny graph, which is a 3-regular graph.

(slide from https://t.co/gbHPME4w8D)

(12/n)
The walk is determined because we avoid backtracking, so only 2 path choices are actually available at each step.

(13/n)
Let's talk a bit about random walks on graphs. They are a kind of discrete-time finite Markov chain. This means that at any time (natural time, t=0,1,2...) you are in one of finitely many states, in this case, nodes.

https://t.co/yEzgyk3nYu

(14/n)
The probability that you go from one node to the next is (essentially) 1/{degree of current node}. What happens if you have multiple edges, or weights? {weight from A to B}/{total weight from A}.

(15/n)
If your graph is acyclic and connected, there is a distribution on the set nodes that you will converge to, no matter where you start.

(16/n)
Eventually, if you start on any vertex, you'll have a well-defined stable probability to be in any other given vertex.

https://t.co/McytreYG69

(17/n)
The rate to which you converge to this stationary distribution is governed by the second eigenvalue of the random walk transition matrix (or adjacency matrix, if the graph happens to be regular).

(18/n)
We need a definition: a family of expander graphs is just a collection of (growing) d-regular graphs with uniformly bounded eigenvalues.

https://t.co/D15Au2xt5n

(19/n)
Moreover, if the second eigenvalue is as small as theoretically possible, we say the graphs are Ramanujan.

https://t.co/06kAukbFa1

(20/n)
How awesome is it that isogeny graphs are Ramanujan? Very awesome. That's one of the reasons we like them so much. It is a highly non-trivial fact that comes from the Weil conjectures (more on that another day. maybe)

https://t.co/hyx2UZ6Bbc

(21/n)
There is a catch in the case of supersingular isogeny graphs: when you take one such graph in characteristic p != 1 mod 12, the graph stops being undirected.

(22/n)
The behaviour is a bit strange, so I hope this picture helps. Essentially, there are two nodes where the number of out-going edges is the same as in the rest of the graph... but the number of incoming ones changes.

(23/n)
If you look at why (something you might do when learning SIDH, for instance), it is because these curves have more automorphisms than usual. Remember this.

(24/n)
However, this doesn't bother us, since it is _just_ 2 nodes out of p/12. It is a negligible effect, even in terms of Ramanujan-ness. For example, the primes used in SIDH are congruent to 11 mod 12.

(25/n)
It does change the stationary distribution I talked about, BUT (and this is extremely important) the probability of landing in any other curve is exactly the same.

(26/n)
The stationary distribution is constant outside the "bad nodes".

(27/n)
Is everything done for elliptic curve isogenies? Not at all!
Just to name a couple of open questions: (1) we are not sure about the fastest way to compute an isogeny, and

(28/n)
(2) we don't know how to produce a random curve while guaranteeing no one (including us) knows its endomorphism ring.

(29/n)
But still, people have been asking: what happens when you go higher genus?

There are a number of challenges, but the most important one is that computing isogenies is not that easy. It isn't even implemented in Sage.

(30/n)
It is in Magma (https://t.co/dmAcxcRZZG), but I haven't tried that myself. I hear there is a lot of algebraic geometry going on in the theoretical part of it (personal todo/reading list).

(31/n)
But what _is_ an isogeny in higher genus?

For what is worth, what _are_ the analogues of elliptic curves?

(32/n)
The answer is (are) principally polarized abelian varieties, or PPAVs to abbrviate.

There are two classes of them: jacobians of curves, and products of lower-dimensional PPAVs. Let's talk about genus two.

(33/n)
Curves of genus two can be given by nonsingular hyperelliptic equations y^2 = ax^6 + ... (there is an issue with just going projective with this, but it is solved by using weighted coordinates)

https://t.co/Nf8eCjlmhw

(34/n)
The jacobians of such curves are two-dimensional abelian varieties, or surfaces (PPASs).

(35/n)
Product varieties in dimension 2 are easy: just take products of elliptic curves!

(36/n)
There is a definition of supersingular in higher dimension, but the proper analogue here is _superspecial_ (a stronger notion).

https://t.co/wdmIa6oxcg

(37/n)
In practice, this means that all the elliptic curves appearing in products in our graph are supersingular. But please do not take this as a definition.

(38/n)
Isogenies, as before, are nonconstant maps between PPAS that fix the zero, are surjective, and have finite kernel (and that are compatible with the polarization).

(39/n)
An isogeny between E1xE2 and E3xE4 (E1, E2, E3, E4 being elliptic curves) is just the product of two isogenies a:E1→E2 and b:E3→E4.

If r=deg(a), and s=deg(b), we say a x b is an (r,s)-isogeny.

(40/n)
The pair (r,s) essentially tells the group structure of the kernel (I'm always assuming degrees and characteristic have no relation, i.e. they are coprime).

(41/n)
The kernel structure part is more important than the fact that some isogenies are products.

There are isogenies between abelian surfaces of type (4,4,2), for instance.

(42/n)
Isogenies between elliptic products are easy, what about jacobians? We have to take a look at Richelot isogenies.

(43/n)
Given the hyperelliptic curve C: y^2 = f(x), with deg f = 6, we take a quadratic splitting f(x) = g1(x)g2(x)g3(x) (there are 15 ways to do that).

The Richelot isogeny gives a curve D: y^2 = h(x).

(44/n)
The Jacobians of C and D are related by a (2,2)-isogeny Jac(C)→Jac(D).

Sometimes this fails a little bit (something quite curious arithmetically), and it degenerates into an isogeny Jac(C)→E1xE2.

(45/n)
All these isogenies have duals, as you'd expect.

But! Two isogenies can share the same dual. A picture is worth several thousand words here (numbers are isogeny counts). Isn't it beautiful?

(46/n)
What's causing these imbalances?

As in the genus 1 case, the answer is automorphisms. If an automorphism fixes the kernel of an isogeny, that's fine, but if it changes it, it gives a different isogeny.

(47/n)
However, these two isogenies are now _isomorphic_, and they'll probably have the same dual. Unless the same thing happens in the codomain variety, of course.

(48/n)
What we have to look at is both the automorphism group of both varieties, AND the stabilizers of the kernels.

(49/n)
Katsura and Takashima looked at this about a year ago: https://t.co/i527jnk0sh

(50/n)
Nicely enough, the stabilizer of the kernel of an isogeny is isomorphic to the stabilizer of the kernel of the dual.

That is Lemma 1 in https://t.co/wsXTvNCfLA

(51/n)
This restricts the kinds of nodes that can be neighbors. For instance, a jacobian with only two automorphisms ([1] and [-1]) cannot have a (2,2)-isogeny to an elliptic product, which always has more automorphisms.

(52/n)
Okay, what happens next is quite surprising: the number of PPASs with extra automorphisms actually _grows_ with p. The proportion in the entire graph is 1/p, which is less than negligible.

(53/n)
This makes the graph a directed one, by the way! We have quite good control on undirected graphs and random walks (see here https://t.co/ySamXQczdA), but directed graphs are a whole other world.

(54/n)
This changes the stationary distribution of the random walk on these graphs. Luckily, though, one is able to control it. The reason lies very close to the adjoint property of Hecke operators.

(55/n)
And the distribution is constant on each set of varieties with the same automorphism group, so it is not so bad.

(56/n)
So, are higher-genus isogenies still good for, say, hash functions?

(57/n)
This has already been done (twice), and it has already a nontrivial answer if one wants to avoid trivial collisions. But it is doable. If you are curious, it hashes three bits per random walk step.

(58/n)
Katsura's paper on this https://t.co/CptrFlArBQ

(59/n)
Castryck-Decru-Smith's paper on this
https://t.co/VwA1siu9SP

(60/n)
However, the distribution of the hash is not uniform in the set of possible outcomes. Is it that bad? I'd say no, since one can always increase the size of the prime, but it is important to keep it in mind.

(61/n)
Actually, the proposed algorithm for hashing in genus two still has to solve some other issues (what happens if the random walk ends in an elliptic product?)

(62/n)
Back to our random walks, we don't have the Ramanujan property for g=2 and (2,2)-isogenies. We conjecture the eigenvalues should remain bounded, though.

(63/n)
This would prove, for instance, that the graph diameter grows as log(p).

(64/n)
I will be ending here, since this thread is already way too long. I shall expand on a few of these things in the future!

(65/n)
I hope you have liked it 😇😄

(66/n, n=66)

More from Science

Nick Hudson \U0001f642
Nick Hudson 🙂
@NickHudsonCT
Here is another very enjoyable conversation, with @Pandata19’s scientific advisory board member, Dr Jay Bhattacharya. Key ideas in this thread.

We are making world-changing decisions on the basis of evidence that is not very good. Vast scientific evidence tells us that infection fatality rates are much lower than originally expected. A small fraction of people get severe illness. 2/10

The scientific community has been resistant to evidence not supporting the majoritarian view, preferring instead to gin up panic, focusing on the worst case for everything the virus does & the best case for everything lockdowns do, and ignoring the range of uncertainty. 3/10

Academe is a strange place now, with debate stifled. But there's a sense some are opening up to considering opposing views. This is key, since suppression of views stops knowledge from progressing—the end of science. Public health norms of unified messaging complicate this. 4/10

Why did we, from the start, assume we knew nothing about this virus, instead of assuming a reasonable prior? Low susceptibility was evident early on. Assuming any virus is new is hard to square with our deep-time co-evolution with viruses, & their slow evolution. 5/10
SCIENCE
Camilo L\xf3pez Aguirre
Camilo López Aguirre...
@cernestola
Ok people, the current hype in #Science around #Archaeology research in #Chiribiquete and #LaLindosa in #Colombia, albeit deserving, it's a clear example of how scientific discovery is colonised and monopolised. We need to have an awkward conversation

As a Colombian expat in #Science, I was always surprised with how places like Chiribiquete were pretty much unknown overseas, considering their scientific, cultural and biological value, and that almost any Colombian has heard about them 2/n

The last couple of weeks I started an increasing trend of people in "developed countries" talking about discoveries of ancient paintings in the Amazon, and managed to trace back the source to this paper from April

As people started reacting more and more to it, media coverage started popping up. At that point a narrative was clear: A British-led expedition just discovered a trove of paintings from the heart of the Colombian Amazon

The discovery was so F&%$ unbelievable that they kept it under the wraps until a @Channel4 documentary was shot and produced to be released later this month
SCIENCE
Advertisement
Robbie Andrew
Robbie Andrew
@robbie_andrew
"NO LONGER BEST IN THE WORLD"
UNEP's new Human Development Index includes a new (separate) index: Planetary pressures-adjusted HDI (PHDI). News in Norway is that its position drops from #1 to #16 because of this, while Ireland rises from #2 to #1.
Why?

https://t.co/aVraIEzRfh


Check out Norway's 'Domestic Material Consumption'. Fossil fuels are no different here to Ireland's. What's different is this huge 'non-metallic minerals' category.
(Note also the jump in 1998, suggesting data problems.)
https://t.co/5QvzONbqmN


In Norway's case, it looks like the apparent consumption equation (production+imports-exports) for non-metal minerals is dominated by production: extraction of material in Norway.
https://t.co/5QvzONbqmN


And here we see that this production of non-metallic minerals is sand, gravel and crushed rock for construction. So it's about Norway's geology.
https://t.co/y6rqWmFVWc


Norway drops 15 places on the PHDI list not because of its CO₂ emissions (fairly high at 41st highest in the world per capita), but because of its geology, because it shifts a lot of rock whenever it builds anything.
SCIENCE
Navin Kabra
Navin Kabra
@NGKabra
Did you know that all the nuclear bombs we exploded in the '40s-50s-60s have permanently contaminated all the steel the world has produced since then? All steel in the world is divided into two categories: pre-1945 non-contaminated steel, and post-1945 contaminated steel.

How?

Nuclear bombs (including the tests) create a lot of radioisotopes that are not found in nature. For example Cobalt-60 (a radioactive version of Cobalt-59). And since the 1945 Trinity test, these have all dispersed in the atmosphere.

What does this have to do with steel?

The process of manufacturing steel uses atmospheric air (or atmospheric oxygen). Some of the radioisotopes like Cobalt-60 get pulled in too, and as a result, any steel produced after 1945 has embedded in it some of these radioisotopes, sitting there emitting gamma rays.

Why do we care about traces of radioisotopes in steel? When making Geiger counters, or medical devices to check for radioactive contamination, or astronomical instruments, the emissions from the contaminated steel would interfere with the measurements.

So we need pre-1945 steel

Pre-1945 non-contaminated steel is called "low background steel". And when we need it, where do we get it from?

We go, find pre-World-War-II sunken shipwrecks, and then salvage the steel (and lead) from those to build our instruments which need heavy radiation shielding.
SCIENCE
Prof Francois Balloux
Prof Francois Balloux
@BallouxFrancois
@mugecevik is an excellent scientist and a responsible professional. She likely read the paper more carefully than most. She grasped some of its strengths and weaknesses that are not apparent from a cursory glance. Below, I will mention a few points some may have missed.
1/


The paper does NOT evaluate the effect of school closures. Instead it conflates all ‘educational settings' into a single category, which includes universities.
2/

The paper primarily evaluates data from March and April 2020. The article is not particularly clear about this limitation, but the information can be found in the hefty supplementary material.
3/


The authors applied four different regression methods (some fancier than others) to the same data. The outcomes of the different regression models are correlated (enough to reach statistical significance), but they vary a lot. (heat map on the right below).
4/


The effect of individual interventions is extremely difficult to disentangle as the authors stress themselves. There is a very large number of interventions considered and the model was run on 49 countries and 26 US States (and not >200 countries).
5/
SCIENCE

You May Also Like

Talha
Talha
@dhiblawe1990
Thread: History of Mogadishu and it’s conquest by Imaam Al Yaqubi


One of the First Imaams of the Hiraab Imamate was Mohamed Ibn Imaam Ahmed ibn Imam Ahmed Ibn Imaam Mohamoud Ibn Imaam Cumar Halol Al Yacquubi (Abgaal) during the year 1097 hijri.


After the collapse of the Ajuuran Abgaal nomads from the interior had started moving to take over the strategic port town of Mogadishu which was then under the muzzafar dynasty. By the 1600s Abgaal warriors had captured the city and set up their base in shingaani.


Mogadishu at the time was a large and well known port town. The Abgaal clan taking over control allowed them to obtain political power and world wide recognition.


Under Imaam Yaqubi’s time in power it’s reported that French merchants had arrived at the port in 1701
and stayed for 11 days. They had attempted to take the city but were successfully repulsed.
HISTORY
Vikrant
Vikrant
@Trading0secrets
Trading view scanner process -

1 - open trading view in your browser and select stock scanner in left corner down side .

2 - touch the percentage% gain change ( and u can see higest gainer of today)


3. Then, start with 6% gainer to 20% gainer and look charts of everyone in daily Timeframe . (For fno selection u can choose 1% to 4% )

4. Then manually select the stocks which are going to give all time high BO or 52 high BO or already given.

5. U can also select those stocks which are going to give range breakout or already given range BO

6 . If in 15 min chart📊 any stock sustaing near BO zone or after BO then select it on your watchlist

7 . Now next day if any stock show momentum u can take trade in it with RM

This looks very easy & simple but,

U will amazed to see it's result if you follow proper risk management.

I did 4x my capital by trading in only momentum stocks.

I will keep sharing such learning thread 🧵 for you 🙏💞🙏

Keep learning / keep sharing 🙏
@AdityaTodmal
EQUITY , TRADINGTHREAD , TRADINGVIEW
Advertisement
The Light - Truthpaper
The Light - Truthpaper
@LightTruthpaper
Latest update from @TheBernician

1/19

Hancock, Whitty, Vallance & Ferguson Stand Accused of Pandemic Fraud.

After yet more damning evidence arose last week, further additions had to be made to the court papers, which we are now aiming to lay in the coming week.

2/19

The four defendants will be Matt Hancock, Chris Whitty, Patrick Vallance and Neil Ferguson, each of whom has inextricable and ultimately incriminating connections with Bill Gates and Big Pharma.

3/19

As well as three counts of fraud by false representation and seven counts of fraud by non-disclosure, under sections 2 and 3 of the Fraud Act 2006, we can now also prove that the entire worldwide scamdemic originated on these shores.

4/19

In fact, we can show that, without the dishonest statements and non-disclosures of the four defendants we are initially proceeding against, COVID-1984 would not have transpired.

5/19

Furthermore, the 1st defendant, Matt Hancock, cannot rely upon the defence of Parliamentary Privilege, on the ground that none of the evidence relied upon by the prosecution is capable of preventing parliamentarians from carrying out their lawful business in Parliament.
CULTURE
katya adler
katya adler
@BBCkatyaadler
Again, at such a key moment in UK and at such high political levels, evidence of deep misunderstanding of EU: The PM is under pressure in some quarters to delay #Brexit vote to allow her first to “improve” deal in Brussels BUT EU is determined not to budge at this stage

2) All EU leaders watching tomorrow’s vote. Of course they want to avoid a no deal #Brexit BUT they feel the deal - so painfully negotiated between EU and UK - is too fresh to re-open. Clarifications, yes but fundamental renegotiations, no.

3) The EU’s international reputation as a tough deal-maker is at stake here too. If Brussels now suddenly “gives in” to U.K. on EU red lines (eg backstop) then that would weaken the EU’s reputation in future trade negotiations with other non EU countries

4) Also on backstop the EU is unlikely to cave in to favour a relationship with a leaving member state (UK) against the explicit wishes and ignoring the deep concerns of a continuing member: Ireland.

5) Both the EU and the PM signed up to a guarantee to protect the border between Northern Ireland and the Republic of Ireland. If either the U.K. or EU can leave the backstop unilaterally then this clearly is no longer a guarantee.
POLITICS
Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
ANCIENT BHARAT WAS CALLED VISHWAGURU, AND IT REALLY DESERVED IT.

India had a well developed education system centuries before the westerners arrived and called us uncivilized. Education was always given a great importance in Indian civilisation since times immemorial.


Ancient India had the Gurukulas and Ashramas as the epicentres of the knowledge and enlightenment. Bigger Gurukulas served as the centres of higher education called universities. Besides these universities, temples also emerged as the major learning centres.

Studying the Holy Scriptures, character building, personality development, responsibilities towards self,family and society,discipline and preservation of the ancient culture and heritage were the key embodiments of education.

This kind of education system made ancient India, a centre of knowledge all over the world. Many foreign students came to India for education and India was called the 'Vishwaguru'.
Takshshila and Nalanda were the two prominent universities of ancient India.


But were these only Universities of ancient India?The answer is 'No'.Let's learn about these gems of our education system that flourished across ancient India & be proud.

NALANDA UNIVERSITY
This was the oldest university of ancient India.Situated in Nalanda distt. of Bihar...
ALL