# Scientific

## Understanding adversarial robustness via optimal transport perspective.

In this talk, I will present the recent progress of understanding adversarial multiclass classification problems, motivated by the empirical observation of the sensitivity of neural networks by small adversarial attacks. From the perspective of optimal transport theory, I will give equivalent reformulations of this problem in terms of 'generalized barycenter problems' and a family of multimarginal optimal transport problems. These new theoretical results reveal a rich geometric structure of adversarial learning problems in multiclass classification and extend recent results restricted to the binary classification setting. Furthermore, based on this optimal transport approach I will give the result of the existence of optimal robust classifiers which not only extends the binary setting to the general one but also provides shorter proof and an interpretation between adversarial training problems and related generalized barycenter problems.

## Sofic groups are surjunctive

In this talk, which is based on Benjamin Weiss' Sofic groups and dynamical systems, I will give the definition of sofic groups which can be considered as common generalizations of amenable and residually finite groups, and discuss examples and some of their basic properties. Finally, we will give Weiss' alternative proof Gromov's theorem stating that sofic groups are surjunctive. This theorem settles Gottschalk's conjecture for sofic groups.

## The eighth moment of $\Gamma_1(q)$ L-functions

In this talk, I will discuss my on-going joint work with Xiannan Li on an unconditional asymptotic formula for the eighth moment of $\Gamma_1(q)$ L-functions, which are associated with eigenforms for the congruence subgroups $\Gamma_1(q)$. Similar to a large family of Dirichlet L-functions, the family of $\Gamma_1(q)$ L-functions has a size around $q^2$ while the conductor is of size $q$. An asymptotic large sieve of the family is available by the work of Iwaniec and Xiaoqing Li, and they observed that this family of harmonics is not perfectly orthogonal. This introduces certain subtleties in our work.

## Twisted moments of characteristic polynomials of random matrices

In the late 90's, Keating and Snaith used random matrix theory to predict the exact leading terms of conjectural asymptotic formulas for all integral moments of the Riemann zeta-function. Prior to their work, no number-theoretic argument or heuristic has led to such exact predictions for all integral moments. In 2015, Conrey and Keating revisited the approach of using divisor sum heuristics to predict asymptotic formulas for moments of zeta. Essentially, their method estimates moments of zeta using lower twisted moments. In this talk, I will discuss a rigorous random matrix theory analogue of the Conrey-Keating heuristic. This is ongoing joint work with Brian Conrey.

## A survey of Büthe's method for estimating prime counting functions

This talk will begin with a study on explicit bounds for $\psi(x)$ starting with the work of Rosser in 1941. It will also cover various improvements over the years including the works of Rosser and Schoenfeld, Dusart, Faber-Kadiri, Platt-Trudgian, Büthe, and Fiori-Kadiri-Swidinsky. In the second part of this talk, I will provide an overview of my master's thesis which is a survey on 'Estimating $\pi(x)$ and Related Functions under Partial RH Assumptions' by Jan Büthe. This article provides the best known bounds for $\psi(x)$ for small values of $x$ in the interval $[e^{50},e^{3000}]$. A distinctive feature of this paper is the use of Logan's function and its Fourier Transform. I will be presenting the main theorem in Büthe's paper regarding estimates for $\psi(x)$ with other necessary results required to understand the proof.

## Some Pólya Fields of Small Degrees

Historically, the notion of Pólya fields dates back to some works of George Pólya and Alexander Ostrowski, in 1919, on entire functions with integer values at integers; a number field $K$ with ring of integers $\mathcal{O}_K$ is called a Pólya field whenever the $\mathcal{O}_K$-module $\{f \in K[X] \, : \, f(\mathcal{O}_K) \subseteq \mathcal{O}_K \}$ admits an $\mathcal{O}_K$-basis with exactly one member from each degree. Pólya fields can be thought of as a generalization of number fields with class number one, and their classification of a specific degree has become recently an active research subject in algebraic number theory. In this talk, I will present some criteria for $K$ to be a Pólya field. Then I will give some results concerning Pólya fields of degrees $2$, $3$, and $6$.

## Characteristic polynomials, the Hybrid model, and the Ratios Conjecture

In the 1960s Shanks conjectured that the $\zeta\'(\rho)$, where $\rho$ is a non-trivial zero of zeta, is both real and positive in the mean. Conjecturing and proving this result has a rich history, but efforts to generalise it to higher moments have so far failed. Building on the work of Keating and Snaith using characteristic polynomials from Random Matrix Theory, the Hybrid model of Gonek, Hughes and Keating, and the Ratios Conjecture of Conrey, Farmer, and Zirnbauer, we have been able to produce new conjectures for the full asymptotics of higher moments of the derivatives of zeta. This is joint work with Chris Hughes.

## Surface sums and Yang-Mills gauge theory

Constructing and understanding the basic properties of Euclidean Yang-Mills theory is a fundamental problem in physics. It is also one of the Clay Institute's famous Millennium Prize problems in mathematics. The basic problem is not hard to understand. You can begin by describing a simple random function from a set of lattice edges to a group of matrices. Then you ask whether you can construct/understand a continuum analog of this object in one way or another. In addition to a truly enormous physics literature, this topic has inspired research within many major areas of mathematics: representation theory, random matrix theory, probability theory, differential geometry, stochastic partial differential equations, low-dimensional topology, graph theory and planar-map combinatorics.

Attempts to understand this problem in the 1970's and 1980's helped inspire the study of "random surfaces" including Liouville quantum gravity surfaces. Various relationships between Yang-Mills theory and random surface theory have been obtained over the years, but many of the most basic questions have remained out of reach. I will discuss our own recent work in this direction, as contained in two long recent papers relating "Wilson loop expectations" (the fundamental objects in Yang-Mills gauge theory) to "sums over spanning surfaces."

1. Wilson loop expectations as sums over surfaces on the plane (joint with Minjae Park, Joshua Pfeffer, Pu Yu)

2. Random surfaces and lattice Yang-Mills (joint with Sky Cao, Minjae Park)

The first paper explains how in 2D (where Yang-Mills theory is more tractable) one can interpret continuum Wilson loop expectations purely in terms of flat surfaces. The second explains a general-dimensional interpretation of the Wilson loop expectations in lattice Yang-Mills theory in terms of discrete-and not-necessarily-flat surfaces, a.k.a. embedded planar maps.

Speaker Biography:

Scott Sheffield is the Leighton Family Professor of Mathematics at MIT. He is a leading figure at the interface of mathematical physics and probability. He has held positions at Microsoft Research, Berkeley, the Institute for Advanced Study and New York University. He received the Rollo Davidson and Loève prizes in probability and has twice spoken at the International Congress of Mathematicians.

## SALSA, PICANTE y VERDE: Machine Learning attacks on LWE with small sparse secrets

Learning with Errors (LWE) is a hard math problem with algebraic structure, underpinning many proposed Post-Quantum Cryptosystems (PQC). The only PQC key exchange standardized by NIST is based on module LWE, and current publicly available PQC Homomorphic Encryption (HE) libraries are based on ring LWE. The security of LWE-based PQ cryptosystems is critical, but certain implementation choices could weaken them. One such choice is sparse binary secrets, desirable for PQ HE schemes for efficiency reasons.

This talk presents novel machine learning-based attacks against LWE schemes with sparse binary secrets. Our initial work, SALSA, demonstrated a proof of concept machine learning-based attack on LWE with sparse binary secrets in small dimensions (n<=128) and small Hamming weights (h<5). Our more recent work, PICANTE and VERDE, recovers secrets in much larger dimensions (up to n=512) and with larger Hamming weights (roughly n/10, and up to h=60 for n=350, h=63 for n=512). We achieve this dramatic improvement via a novel preprocessing step, which allows us to generate training data from a linear number of eavesdropped LWE samples (4n) and changes the distribution of the data to improve transformer training. We also improve the secret recovery methods of SALSA and introduce a novel cross-attention recovery mechanism allowing us to read off the secret directly from the trained models. In VERDE, we extend the attack to apply to sparse ternary and Gaussian secrets. While PICANTE does not threaten NIST’s proposed LWE standards, it demonstrates significant improvement over SALSA and could scale further, highlighting the need for future investigation.

Speaker Bio:

Kristin Lauter is an American mathematician and cryptographer whose research interest is broadly in application of number theory and algebraic geometry in cryptography. She is particularly known for her work in the area of elliptic curve cryptography. She was a researcher at Microsoft Research in Redmond, Washington, from 1999 - 2021, and the head of the Cryptography Group from 2008 - 2021; her group developed Microsoft SEAL. In April 2021, Lauter joined Facebook AI Research (FAIR) as the West Coast Head of Research Science. She became the President-Elect of the Association for Women in Mathematics in February 2014 and served as President from 2015 - 2017.

## Statistics of the Mulitiplicative Groups

For every positive integer n, the quotient ring Z/nZ is the natural ring whose additive group is cyclic. The "multiplicative group modulo n" is the group of invertible elements of this ring, with the multiplication operation. As it turns out, many quantities of interest to number theorists can be interpreted as "statistics" of these multiplicative groups. For example, the cardinality of the multiplicative group modulo n is simply the Euler phi function of n; also, the number of terms in the invariant factor composition of this group is closely related to the number of primes dividing n. Many of these statistics have known distributions when the integer n is chosen at random (the Euler phi function has a singular cumulative distribution, while the Erdös–Kac theorem tells us that the number of prime divisors follows an asymptotically normal distribution). Therefore this family of groups provides a convenient excuse for examining several famous number theory results and open problems. We shall describe how we know, given the factorization of n, the exact structure of the multiplicative group modulo n, and go on to outline the connections to these classical statistical problems in multiplicative number theory.