interactive proofs
play

Interactive Proofs Lecture 17 IP = PSPACE 1 So far 2 So far IP - PowerPoint PPT Presentation

Jan 17, 2023 •309 likes •1.45k views

Interactive Proofs Lecture 17 IP = PSPACE 1 So far 2 So far IP 2 So far IP AM, MA 2 So far IP AM, MA GNI IP 2 So far IP AM, MA GNI IP GNI AM 2 So far IP AM, MA GNI IP GNI AM Using AM protocol for set

  1. Arithmetization A Boolean formula as a polynomial Arithmetic over a (finite, exponentially large) field 0 and 1 (identities of addition and multiplication) instead of True and False For formula F , polynomial P such that for boolean vector b and corresponding 0-1 vector x we have F(b) = P(x) NOT: (1-x); AND: x.y OR (as NOT of AND of NOT): 1 - (1-x).(1-y) 9

  2. Arithmetization A Boolean formula as a polynomial Arithmetic over a (finite, exponentially large) field 0 and 1 (identities of addition and multiplication) instead of True and False For formula F , polynomial P such that for boolean vector b and corresponding 0-1 vector x we have F(b) = P(x) NOT: (1-x); AND: x.y OR (as NOT of AND of NOT): 1 - (1-x).(1-y) Exercise: Arithmetize x=y (now!). Degree? Size? 9

  3. Arithmetization A Boolean formula as a polynomial Arithmetic over a (finite, exponentially large) field 0 and 1 (identities of addition and multiplication) instead of True and False For formula F , polynomial P such that for boolean vector b and corresponding 0-1 vector x we have F(b) = P(x) NOT: (1-x); AND: x.y OR (as NOT of AND of NOT): 1 - (1-x).(1-y) Exercise: Arithmetize x=y (now!). Degree? Size? Can always use a polynomial linear in each variable since x n =x for x=0 and x=1 9

  4. Arithmetization 10

  5. Arithmetization A QBF as a polynomial 10

  6. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 10

  7. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 Suppose for Boolean formula F , polynomial P 10

  8. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 Suppose for Boolean formula F , polynomial P ∃ x F(x) → P(0) + P(1) > 0 (i.e., Σ x=0,1 P(x) > 0) 10

  9. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 Suppose for Boolean formula F , polynomial P ∃ x F(x) → P(0) + P(1) > 0 (i.e., Σ x=0,1 P(x) > 0) ∀ x F(x) → P(0).P(1) > 0 (i.e., Π x=0,1 P(x) > 0) 10

  10. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 Suppose for Boolean formula F , polynomial P ∃ x F(x) → P(0) + P(1) > 0 (i.e., Σ x=0,1 P(x) > 0) ∀ x F(x) → P(0).P(1) > 0 (i.e., Π x=0,1 P(x) > 0) Extends to more quantifiers: i.e., if F(x) is a QBF above 10

  11. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 Suppose for Boolean formula F , polynomial P ∃ x F(x) → P(0) + P(1) > 0 (i.e., Σ x=0,1 P(x) > 0) ∀ x F(x) → P(0).P(1) > 0 (i.e., Π x=0,1 P(x) > 0) Extends to more quantifiers: i.e., if F(x) is a QBF above So, how do you arithmetize ∃ x ∀ y G(x,y) and ∀ y ∃ x G(x,y)? 10

  12. Arithmetization A QBF as a polynomial TRUE will correspond to > 0, and FALSE, = 0 Suppose for Boolean formula F , polynomial P ∃ x F(x) → P(0) + P(1) > 0 (i.e., Σ x=0,1 P(x) > 0) ∀ x F(x) → P(0).P(1) > 0 (i.e., Π x=0,1 P(x) > 0) Extends to more quantifiers: i.e., if F(x) is a QBF above So, how do you arithmetize ∃ x ∀ y G(x,y) and ∀ y ∃ x G(x,y)? Σ x=0,1 Π y=0,1 P(x,y) > 0 and Π y=0,1 Σ x=0,1 P(x,y) > 0 10

  13. Arithmetization 11

  14. Arithmetization For a protocol for TQBF: Give a protocol for proving that Q 1(x1=0,1) Q 2(x2=0,1) ... Q n(xn=0,1) P(x 1 ,...,x n ) > 0, where Q i are Σ or Π , and P is a (multi-linear) polynomial 11

  15. Arithmetization For a protocol for TQBF: Give a protocol for proving that Q 1(x1=0,1) Q 2(x2=0,1) ... Q n(xn=0,1) P(x 1 ,...,x n ) > 0, where Q i are Σ or Π , and P is a (multi-linear) polynomial Instead suppose all Q i are Σ 11

  16. Arithmetization For a protocol for TQBF: Give a protocol for proving that Q 1(x1=0,1) Q 2(x2=0,1) ... Q n(xn=0,1) P(x 1 ,...,x n ) > 0, where Q i are Σ or Π , and P is a (multi-linear) polynomial Instead suppose all Q i are Σ Counts number of satisfying assignments to an (unquantified) boolean formula F 11

  17. Arithmetization For a protocol for TQBF: Give a protocol for proving that Q 1(x1=0,1) Q 2(x2=0,1) ... Q n(xn=0,1) P(x 1 ,...,x n ) > 0, where Q i are Σ or Π , and P is a (multi-linear) polynomial Instead suppose all Q i are Σ Counts number of satisfying assignments to an (unquantified) boolean formula F Proving > 0 is trivial 11

  18. Arithmetization For a protocol for TQBF: Give a protocol for proving that Q 1(x1=0,1) Q 2(x2=0,1) ... Q n(xn=0,1) P(x 1 ,...,x n ) > 0, where Q i are Σ or Π , and P is a (multi-linear) polynomial Instead suppose all Q i are Σ Counts number of satisfying assignments to an (unquantified) boolean formula F Proving > 0 is trivial Consider proving = K (will be useful in the general case) 11

  19. Sum-check protocol 12

  20. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P 12

  21. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P 12

  22. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values 12

  23. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. 12

  24. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) 12

  25. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Σ x1 ... Σ xn P(x 1 ,...,x n ) = R(0) + R(1) 12

  26. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Σ x1 ... Σ xn P(x 1 ,...,x n ) = R(0) + R(1) R has only one variable and degree at most d 12

  27. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Only Σ , no Π Σ x1 ... Σ xn P(x 1 ,...,x n ) = R(0) + R(1) R has only one variable and degree at most d 12

  28. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Only Σ , no Π Σ x1 ... Σ xn P(x 1 ,...,x n ) = R(0) + R(1) R has only one variable and degree at most d Prover sends T=R (as d+1 coefficients) to verifier 12

  29. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Only Σ , no Π Σ x1 ... Σ xn P(x 1 ,...,x n ) = R(0) + R(1) R has only one variable and degree at most d Needs degree to be small Prover sends T=R (as d+1 coefficients) to verifier 12

  30. Verifier has Sum-check protocol only oracle access to P To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Note: to evaluate need to add up 2 n values Base case: n=0. Verifier will simply use oracle access to P. For n>0: Let R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Only Σ , no Π Σ x1 ... Σ xn P(x 1 ,...,x n ) = R(0) + R(1) R has only one variable and degree at most d Needs degree to be small Prover sends T=R (as d+1 coefficients) to verifier Verifier checks K = T(0) + T(1). Still needs to check T=R 12

  31. Sum-check protocol 13

  32. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P 13

  33. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Verifier wants to check T(X) = R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) 13

  34. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Verifier wants to check T(X) = R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Picks random field element a (large enough field) 13

  35. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Verifier wants to check T(X) = R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Picks random field element a (large enough field) Asks prover to prove that T(a) = R(a) = Σ x2 ... Σ xn P(a,x 2 ,...,x n ) 13

  36. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Verifier wants to check T(X) = R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Picks random field element a (large enough field) Asks prover to prove that T(a) = R(a) = Σ x2 ... Σ xn P(a,x 2 ,...,x n ) Recurse on P 1 (x 2 ,...,x n ) = P(a,x 2 ,...,x n ) of one variable less 13

  37. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Verifier wants to check T(X) = R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Picks random field element a (large enough field) Asks prover to prove that T(a) = R(a) = Σ x2 ... Σ xn P(a,x 2 ,...,x n ) Recurse on P 1 (x 2 ,...,x n ) = P(a,x 2 ,...,x n ) of one variable less i.e., Recurse to prove Σ x2 ... Σ xn P 1 (x 2 ,...,x n ) = T(a) 13

  38. Sum-check protocol To prove: Σ x1 ... Σ xn P(x 1 ,...,x n ) = K for some degree d polynomial P Verifier wants to check T(X) = R(X) := Σ x2 ... Σ xn P(X,x 2 ,...,x n ) Picks random field element a (large enough field) Asks prover to prove that T(a) = R(a) = Σ x2 ... Σ xn P(a,x 2 ,...,x n ) Recurse on P 1 (x 2 ,...,x n ) = P(a,x 2 ,...,x n ) of one variable less i.e., Recurse to prove Σ x2 ... Σ xn P 1 (x 2 ,...,x n ) = T(a) Note: P 1 has degree at most d; verifier has oracle access to P 1 (as it knows a, and has oracle access to P) 13

  39. Sum-check protocol 14

  40. Sum-check protocol Why does sum-check protocol work? 14

  41. Sum-check protocol Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field 14

  42. Sum-check protocol Can’t afford more than one check Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field 14

  43. Sum-check protocol Can’t afford more than one check Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field Completeness is obvious 14

  44. Sum-check protocol Can’t afford more than one check Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field Completeness is obvious Soundness: Since T(X) and R(X) are of degree d, if T ≠ R, at most d points where they agree 14

  45. Sum-check protocol Can’t afford more than one check Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field Completeness is obvious Soundness: Since T(X) and R(X) are of degree d, if T ≠ R, at most d points where they agree Error (picking a bad a), with probability ≤ d/p, where field is of size p 14

  46. Sum-check protocol Can’t afford more than one check Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field Completeness is obvious Soundness: Since T(X) and R(X) are of degree d, if T ≠ R, at most d points where they agree Error (picking a bad a), with probability ≤ d/p, where field is of size p Also possible error in recursive step (despite good a) 14

  47. Sum-check protocol Can’t afford more than one check Why does sum-check protocol work? Instead of checking T(X) = R(X), simply checks (recursively) if T(a)=R(a) for a single random a in the field Completeness is obvious Soundness: Since T(X) and R(X) are of degree d, if T ≠ R, at most d points where they agree Error (picking a bad a), with probability ≤ d/p, where field is of size p Also possible error in recursive step (despite good a) At most nd/p if n variables. Can take p exponential. 14

  48. IP Protocol for TQBF 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2

Interactive Proofs Lecture 18 AM 1 Interactive Proofs 2 Interactive Proofs IP[k] 2 Interactive Proofs IP[k] IP[poly] = PSPACE 2 Interactive Proofs IP[k] IP[poly] = PSPACE IP protocol for TQBF using arithmetization 2 Interactive

1.75k views • 136 slides
Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge

Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge

Foundation of Cryptography (0368-4162-01), Lecture 5 Interactive Proofs and Zero Knowledge Iftach Haitner, Tel Aviv University December 4, 2011 IP for GNI Part I Interactive Proofs IP for GNI Interactive Vs. Interactive Proofs Definition 1 (

1.51k views • 110 slides
Interactive Proof System We have seen interactive proofs, in various disguised forms, in the

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the

Interactive Proof System We have seen interactive proofs, in various disguised forms, in the definitions of NP , OTM, Cook reduction and PH . We will see that interactive proofs have fundamental connections to cryptography and approximation

1.46k views • 107 slides
Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs

Zero-Knowledge Proofs Lecture 15 Interactive Proofs Interactive Proofs Interactive Proofs Prover wants to convince verifier that x has some property Interactive Proofs Prover wants to convince verifier that x has some property i.e. x is in

3.29k views • 145 slides
Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive

Zero-Knowledge Proofs 1 Zero-Knowledge Proofs Lecture 15 1 Interactive Proofs 2 Interactive Proofs 2 Interactive Proofs Prover wants to convince verifier that x has some property 2 Interactive Proofs Prover wants to convince verifier

1.9k views • 174 slides
(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

(Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit.

15-251: Great Theoretical Ideas in Computer Science Lecture 24 (Interactive) Proofs Proofs from 900 BCE until 1800s Pythagorass Theorem: Proof: Looks legit. Then there was Russell Principia Mathematica Volume 2 Russell and others worked

949 views • 50 slides
Real Interactive Proofs for VPSPACE Klaus Meer Brandenburgische Technische Universit at,

Real Interactive Proofs for VPSPACE Klaus Meer Brandenburgische Technische Universit at,

Real Interactive Proofs for VPSPACE Klaus Meer Brandenburgische Technische Universit at, Cottbus-Senftenberg, Germany Colloquium Logicum Hamburg, September 2016 joint work with M. Baartse Klaus Meer Real Interactive Proofs for VPSPACE 1.

800 views • 36 slides
Towards Human Interactive Proofs in the Text-Domain Richard Bergmair University of Derby in

Towards Human Interactive Proofs in the Text-Domain Richard Bergmair University of Derby in

Towards Human Interactive Proofs in the Text-Domain Richard Bergmair University of Derby in Austria and Stefan Katzenbeisser Technische Universitt Mnchen Institut fr Informatik Towards Human Interactive Proofs in the Text-Domain

572 views • 29 slides
Models for Probabilistic Programs with an Adversary Robert Rand, Steve Zdancewic University of

Models for Probabilistic Programs with an Adversary Robert Rand, Steve Zdancewic University of

Models for Probabilistic Programs with an Adversary Robert Rand, Steve Zdancewic University of Pennsylvania Probabilistic Programming Semantics 2016 Interactive Proofs 2/47 Interactive Proofs 2/47 Interactive Proofs 2/47 Interactive

1.17k views • 86 slides
Quantum zero-knowledge from Locally Simulatable Proofs Alex Bredariol Grilo joint work with Anne

Quantum zero-knowledge from Locally Simulatable Proofs Alex Bredariol Grilo joint work with Anne

Quantum zero-knowledge from Locally Simulatable Proofs Alex Bredariol Grilo joint work with Anne Broadbent (U. of Ottawa) arxiv:1911.07782 Quantum found. QZK Crypto TCS 2 / 19 Interactive proofs 3 / 19 Interactive proofs L NP P V 0

1.06k views • 89 slides
On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs

On Hypersequents and Labelled Sequents Translating Labelled Sequent Proofs to Hypersequent Proofs Robert Rothenberg 1 2 1 School of Computer Science University of St Andrews 2 Interactive Information, Ltd Edinburgh Workshop in Honour of Roy

393 views • 26 slides
Non-Interactive Plaintext (In-)Equality Proofs and Group Signatures with Verifiable Controllable

Non-Interactive Plaintext (In-)Equality Proofs and Group Signatures with Verifiable Controllable

S C I E N C E P A S S I O N T E C H N O L O G Y Non-Interactive Plaintext (In-)Equality Proofs and Group Signatures with Verifiable Controllable Linkability Olivier Blazy 1 , David Derler 2 , Daniel Slamanig 2 , Raphael

345 views • 21 slides
Lin inear Multi-Prover In Interactive Proofs Dan Boneh, Yuval Ishai, Amit Sahai, and David J. Wu

Lin inear Multi-Prover In Interactive Proofs Dan Boneh, Yuval Ishai, Amit Sahai, and David J. Wu

Quasi-Optimal SNARGs via ia Lin inear Multi-Prover In Interactive Proofs Dan Boneh, Yuval Ishai, Amit Sahai, and David J. Wu Non-Interactive Arguments for NP = , = 1 for some (, )

629 views • 36 slides
MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert Krebbers 1 Jacques-Henri Jourdan 2 Ralf Jung 3 Joseph Tassarotti 4 Jan-Oliver Kaiser 3 Amin Timany 5 eraud 6 Derek Dreyer 3 Arthur Chargu 1 Delft

1.55k views • 141 slides
MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert

MoSeL: A General, Extensible Modal Framework for Interactive Proofs in Separation Logic Robbert Krebbers 1 Jacques-Henri Jourdan 2 Ralf Jung 3 Joseph Tassarotti 4 Jan-Oliver Kaiser 3 Amin Timany 5 eraud 6 Derek Dreyer 3 Arthur Chargu 1 Delft

710 views • 49 slides
Parallelizing an Interactive Theorem Prover Functional Programming and Proofs with ACL2 David L.

Parallelizing an Interactive Theorem Prover Functional Programming and Proofs with ACL2 David L.

Introduction Parallelism Primitives Parallelizing ACL2 Evaluate Approach Conclusion Talking Points Parallelizing an Interactive Theorem Prover Functional Programming and Proofs with ACL2 David L. Rager ragerdl@gmail.com June 17, 2013 1 /

751 views • 57 slides
AnaPAON4 : Analysis software for PAON4 JSkyMap : Map making and simulation software suit

AnaPAON4 : Analysis software for PAON4 JSkyMap : Map making and simulation software suit

BAORadio / PAON4 c++ software suite R. Ansari 21 cm Cosmology workshop & Tianlai collaboration meeting Xingchen Tianyuan Hotel, Pingtang, Guizhou , China September 2018 AnaPAON4 : Analysis software for PAON4 JSkyMap : Map making and

268 views • 15 slides
Saturnin A suite of lightweight symmetric algorithms for post-quantum security Anne Canteaut 1

Saturnin A suite of lightweight symmetric algorithms for post-quantum security Anne Canteaut 1

Saturnin A suite of lightweight symmetric algorithms for post-quantum security Anne Canteaut 1 Sbastien Duval 2 Gatan Leurent 1 Mara Naya-Plasencia 1 Lo Perrin 1 Thomas Pornin 3 Andr Schrottenloher 1 1 Inria, France 2 UCL Crypto Group,

750 views • 26 slides
Session 1 Introduction to C Programming Sbastien Combfis Fall 2019 This work is licensed

Session 1 Introduction to C Programming Sbastien Combfis Fall 2019 This work is licensed

E301B C Programming Session 1 Introduction to C Programming Sbastien Combfis Fall 2019 This work is licensed under a Creative Commons Attribution NonCommercial NoDerivatives 4.0 International License. Objectives Compilation and

812 views • 67 slides
Efficient Seeds Computation Revisited Michalis Christou, Maxime Crochemore, Costas S.

Efficient Seeds Computation Revisited Michalis Christou, Maxime Crochemore, Costas S.

Efficient Seeds Computation Revisited Michalis Christou, Maxime Crochemore, Costas S. Iliopoulos, Marcin Kubica, Solon P. Pissis, Jakub Radoszewski , Wojciech Rytter, Bartosz Szreder, Tomasz Wale Kings College London & University of

1.3k views • 62 slides
Streaming Graph Computations with a Helpful Advisor Justin Thaler Graham Cormode and Michael

Streaming Graph Computations with a Helpful Advisor Justin Thaler Graham Cormode and Michael

Streaming Graph Computations with a Helpful Advisor Justin Thaler Graham Cormode and Michael Mitzenmacher Thanks to Andrew McGregor A few slides borrowed from IITK Workshop on Algorithms for Processing Massive Data Sets. Data Streaming

1.31k views • 81 slides
16. Recursion 2 Output: 103 Input: (3 + 5) * 20 Output: 160 Input: -(3 + 5) + 20 Output: 12

16. Recursion 2 Output: 103 Input: (3 + 5) * 20 Output: 160 Input: -(3 + 5) + 20 Output: 12

Motivation: Calculator Goal: we build a command line calculator Example Input: 3 + 5 Output: 8 Input: 3 / 5 Output: 0.6 Input: 3 + 5 * 20 16. Recursion 2 Output: 103 Input: (3 + 5) * 20 Output: 160 Input: -(3 + 5) + 20 Output: 12 Building a

387 views • 11 slides
Progress on UDP Options Implementation Gorry Fairhurst, Tom Jones TSVWG *@erg.abdn.ac.uk IETF

Progress on UDP Options Implementation Gorry Fairhurst, Tom Jones TSVWG *@erg.abdn.ac.uk IETF

Progress on UDP Options Implementation Gorry Fairhurst, Tom Jones TSVWG *@erg.abdn.ac.uk IETF 103 - Bangkok 1 UDP Option Area IP transport payload <------------------------------------------------->

476 views • 10 slides
Using Symbols in Expressions (1) (define z y) Symbol z ==> y z prints as y (+

Using Symbols in Expressions (1) (define z y) Symbol z ==> y z prints as y (+

Using Symbols in Expressions (1) (define z y) Symbol z ==> y z prints as y (+ x 3) evaluate sub-expressions... PrimProc Number Number ( ) machine 23 3 code to add apply... Number ==> 26 prints as 26 1

434 views • 19 slides

More recommend