# Scientific

## Surface sums and Yang-Mills gauge theory

Constructing and understanding the basic properties of Euclidean Yang-Mills theory is a fundamental problem in physics. It is also one of the Clay Institute's famous Millennium Prize problems in mathematics. The basic problem is not hard to understand. You can begin by describing a simple random function from a set of lattice edges to a group of matrices. Then you ask whether you can construct/understand a continuum analog of this object in one way or another. In addition to a truly enormous physics literature, this topic has inspired research within many major areas of mathematics: representation theory, random matrix theory, probability theory, differential geometry, stochastic partial differential equations, low-dimensional topology, graph theory and planar-map combinatorics.

Attempts to understand this problem in the 1970's and 1980's helped inspire the study of "random surfaces" including Liouville quantum gravity surfaces. Various relationships between Yang-Mills theory and random surface theory have been obtained over the years, but many of the most basic questions have remained out of reach. I will discuss our own recent work in this direction, as contained in two long recent papers relating "Wilson loop expectations" (the fundamental objects in Yang-Mills gauge theory) to "sums over spanning surfaces."

1. Wilson loop expectations as sums over surfaces on the plane (joint with Minjae Park, Joshua Pfeffer, Pu Yu)

2. Random surfaces and lattice Yang-Mills (joint with Sky Cao, Minjae Park)

The first paper explains how in 2D (where Yang-Mills theory is more tractable) one can interpret continuum Wilson loop expectations purely in terms of flat surfaces. The second explains a general-dimensional interpretation of the Wilson loop expectations in lattice Yang-Mills theory in terms of discrete-and not-necessarily-flat surfaces, a.k.a. embedded planar maps.

Speaker Biography:

Scott Sheffield is the Leighton Family Professor of Mathematics at MIT. He is a leading figure at the interface of mathematical physics and probability. He has held positions at Microsoft Research, Berkeley, the Institute for Advanced Study and New York University. He received the Rollo Davidson and Loève prizes in probability and has twice spoken at the International Congress of Mathematicians.

## SALSA, PICANTE y VERDE: Machine Learning attacks on LWE with small sparse secrets

Learning with Errors (LWE) is a hard math problem with algebraic structure, underpinning many proposed Post-Quantum Cryptosystems (PQC). The only PQC key exchange standardized by NIST is based on module LWE, and current publicly available PQC Homomorphic Encryption (HE) libraries are based on ring LWE. The security of LWE-based PQ cryptosystems is critical, but certain implementation choices could weaken them. One such choice is sparse binary secrets, desirable for PQ HE schemes for efficiency reasons.

This talk presents novel machine learning-based attacks against LWE schemes with sparse binary secrets. Our initial work, SALSA, demonstrated a proof of concept machine learning-based attack on LWE with sparse binary secrets in small dimensions (n<=128) and small Hamming weights (h<5). Our more recent work, PICANTE and VERDE, recovers secrets in much larger dimensions (up to n=512) and with larger Hamming weights (roughly n/10, and up to h=60 for n=350, h=63 for n=512). We achieve this dramatic improvement via a novel preprocessing step, which allows us to generate training data from a linear number of eavesdropped LWE samples (4n) and changes the distribution of the data to improve transformer training. We also improve the secret recovery methods of SALSA and introduce a novel cross-attention recovery mechanism allowing us to read off the secret directly from the trained models. In VERDE, we extend the attack to apply to sparse ternary and Gaussian secrets. While PICANTE does not threaten NIST’s proposed LWE standards, it demonstrates significant improvement over SALSA and could scale further, highlighting the need for future investigation.

Speaker Bio:

Kristin Lauter is an American mathematician and cryptographer whose research interest is broadly in application of number theory and algebraic geometry in cryptography. She is particularly known for her work in the area of elliptic curve cryptography. She was a researcher at Microsoft Research in Redmond, Washington, from 1999 - 2021, and the head of the Cryptography Group from 2008 - 2021; her group developed Microsoft SEAL. In April 2021, Lauter joined Facebook AI Research (FAIR) as the West Coast Head of Research Science. She became the President-Elect of the Association for Women in Mathematics in February 2014 and served as President from 2015 - 2017.

## Statistics of the Mulitiplicative Groups

For every positive integer n, the quotient ring Z/nZ is the natural ring whose additive group is cyclic. The "multiplicative group modulo n" is the group of invertible elements of this ring, with the multiplication operation. As it turns out, many quantities of interest to number theorists can be interpreted as "statistics" of these multiplicative groups. For example, the cardinality of the multiplicative group modulo n is simply the Euler phi function of n; also, the number of terms in the invariant factor composition of this group is closely related to the number of primes dividing n. Many of these statistics have known distributions when the integer n is chosen at random (the Euler phi function has a singular cumulative distribution, while the Erdös–Kac theorem tells us that the number of prime divisors follows an asymptotically normal distribution). Therefore this family of groups provides a convenient excuse for examining several famous number theory results and open problems. We shall describe how we know, given the factorization of n, the exact structure of the multiplicative group modulo n, and go on to outline the connections to these classical statistical problems in multiplicative number theory.

## Water Waves: Instabilities of Stokes Waves

The study of ocean waves, particularly surface waves, is crucial for predicting and preparing for natural disasters such as tsunamis. Although ocean waves naturally occur in three dimensions, there are instances when they can be analyzed within a two-dimensional framework. For example, waves that propagate from the epicenter of a storm can be treated as unidirectional. In this presentation, we will examine periodic traveling waves that occur at the free surface of an ideal (incompressible and inviscid) two-dimensional fluid of infinite depth. Specifically, we will introduce surface waves of permanent shape, also known as Stokes waves and discuss their stability.

## On Arnoux's coding of the geodesic flow on the modular surface.

I will present Pierre Arnoux's 1994 paper in which he applies Veech's notion of zippered rectangles in the genus one setting to coordinatize the unit tangent bundle of the modular surface and thereby win an explicit description of its geodesic flow. From this, Arnoux recovered a result of C. Series': the dynamical system defined by the Gauss map (underlying regular continued fractions) is a factor of a section to the geodesic flow on the aforementioned unit tangent bundle. Time permitting, I will sketch some further implications given in the paper.

## Easy detection of (Di)Graphical Regular Representations

Graphical and Digraphical Regular Representations (GRRs and DRRs) are a concrete way to visualise the regular action of a group, using graphs. More precisely, a GRR or DRR on the group G is a (di)graph whose automorphism group is isomorphic to the regular action of G on itself by right-multiplication.

For a (di)graph to be a DRR or GRR on G, it must be a Cayley (di)graph on G. Whenever the group G admits an automorphism that fixes the connection set of the Cayley (di)graph setwise, this induces a nontrivial graph automorphism that fixes the identity vertex, which means that the (di)graph is not a DRR or GRR. Checking whether or not there is any group automorphism that fixes a particular connection set can be done very quickly and easily compared with checking whether or not any nontrivial graph automorphism fixes some vertex, so it would be nice to know if there are circumstances under which the simpler test is enough to guarantee whether or not the Cayley graph is a GRR or DRR. I will present a number of results on this question.

This is based on joint work with Dave Morris and with Gabriel Verret.

## Counting Permutation Groups

What does a random permutation group look like? This talk will start with a brief survey of how we might go about counting subgroups of the symmetric group Sn, and talk about what is known about “most” subgroups.

To tackle the general problem, it would clearly be helpful to know how many subgroups there are. An elementary argument gives that there are at least 2n2/16 subgroups, and it was conjectured by Pyber in 1993 that up to lower order error terms this is also an upper bound. This talk will present an answer to Pyber's conjecture.

This is joint work with Gareth Tracey.

## Mathematical Biomedicine: Examples

Mathematical biomedicine is an area of research where questions that arise in medicine are addressed by mathematical methods. Each such question needs first to be represented by a network with nodes that includes the biological entities that will be used to address the medical question. This network is then converted into a dynamical system for these entities, with parameters that need to be computed, or estimated. Simulations of the model are first used to validate the model, and then to address the specific question. I will give some examples, mostly from my recent work, including cancer drug resistance, side effects and metastasis, autoimmune diseases, and chronic and diabetic wounds, where the dynamical systems are PDEs. In each example, I will write explicitly the biological network, but will not the details of the corresponding PDE system.

## Machine Learning for Functional Data

Functional data analysis (FDA) is a growing statistical field for analyzing curves, images, or any multidimensional functions, in which each random function is treated as a sample element. Functional data is found commonly in many applications such as longitudinal studies and brain imaging. In this talk, I will present a methodology for integrating functional data into deep neural networks. The model is defined for scalar responses with multiple functional and scalar covariates. A by-product of the method is a set of dynamic functional weights that can be visualized during the optimization process. This visualization leads to greater interpretability of the relationship between the covariates and the response relative to conventional neural networks. The model is shown to perform well in a number of contexts including prediction of new data and recovery of the true underlying relationship between the functional covariate and scalar response; these results were confirmed through real data applications and simulation studies.

## Topology and Azumaya algebras

An Azumaya algebra is something that is "locally" isomorphic to a matrix algebra. By varying the sense of "locally", we arrive at different incarnations of the concept. The motivating example is that of central simple algebras over a field. In this talk, I will concentrate on the topological aspects of the idea. I will give examples and show that the flexibility of topology allows one to produce counterexamples in algebra. At the end, I will mention some problems I do not know how to solve.