r t s r ts r s t r t s rr r r
play

rt sr ts - PowerPoint PPT Presentation

Aug 20, 2022 •536 likes •1.66k views

rt sr ts rs t rt s rrr r rt

  1. P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ ✼ ✴ ✷✸

  2. P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ ✼ ✴ ✷✸

  3. P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) ✼ ✴ ✷✸

  4. P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s ✼ ✴ ✷✸

  5. P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P ✼ ✴ ✷✸

  6. P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s ✼ ✴ ✷✸

  7. P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ ✼ ✴ ✷✸

  8. P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ ✼ ✴ ✷✸

  9. ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❳♦P ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ✼ ✴ ✷✸

  10. ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❳♦P d ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ✼ ✴ ✷✸

  11. ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❳♦P d ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ✼ ✴ ✷✸

  12. ▼✐rr♦r ❚❤❡♦r② P❛t❛r✐♥✬s ❘❡s✉❧t • ❊①tr❡♠❡❧② ♣♦✇❡r❢✉❧ ❧♦✇❡r ❜♦✉♥❞ • ❍❛s r❡♠❛✐♥❡❞ r❛t❤❡r ✉♥❦♥♦✇♥ s✐♥❝❡ ✐♥tr♦❞✉❝t✐♦♥ ✭✷✵✵✸✮ ❆✉t❤♦rs P✉❜❧✐❝❛t✐♦♥ ❆♣♣❧✐❝❛t✐♦♥ ▼✐rr♦r ❇♦✉♥❞ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✸ ❋❡✐st❡❧ ❙✉❜♦♣t✐♠❛❧ P❛t❛r✐♥ ❈❘❨P❚❖ ✷✵✵✹ ❋❡✐st❡❧ P❛t❛r✐♥ ■❈■❙❈ ✷✵✵✺ ❋❡✐st❡❧ ❖♣t✐♠❛❧ ✐♥ O ( · ) P❛t❛r✐♥✱ ▼♦♥tr❡✉✐❧ ■❈■❙❈ ✷✵✵✺ ❇❡♥❡s P❛t❛r✐♥ ■❈■❚❙ ✷✵✵✽ ❳♦P P❛t❛r✐♥ ❆❋❘■❈❆❈❘❨P❚ ✷✵✵✽ ❇❡♥❡s P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✽✼ ❳♦P ❈♦♥❝r❡t❡ ❜♦✉♥❞ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✵✴✷✾✸ ❋❡✐st❡❧ P❛t❛r✐♥ ❡Pr✐♥t ✷✵✶✸✴✸✻✽ ❳♦P ❳♦P d ❈♦❣❧✐❛t✐✱ ▲❛♠♣❡✱ P❛t❛r✐♥ ❋❙❊ ✷✵✶✹ ❱♦❧t❡✱ ◆❛❝❤❡❢✱ ▼❛rr✐èr❡ ❡Pr✐♥t ✷✵✶✻✴✶✸✻ ❋❡✐st❡❧ ■✇❛t❛✱ ▼❡♥♥✐♥❦✱ ❱✐③ár ❡Pr✐♥t ✷✵✶✻✴✶✵✽✼ ❈❊◆❈ ✼ ✴ ✷✸

  13. ▼✐rr♦r ❚❤❡♦r② ❙②st❡♠ ♦❢ ❊q✉❛t✐♦♥s • r ❞✐st✐♥❝t ✉♥❦♥♦✇♥s P = { P 1 , . . . , P r } • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s P a i ⊕ P b i = λ i • ❙✉r❥❡❝t✐♦♥ ϕ : { a 1 , b 1 , . . . , a q , b q } → { 1 , . . . , r } ●r❛♣❤ ❇❛s❡❞ ❱✐❡✇ P b 1 λ 1 P b 3 P a 8 P a 9 P a 1 = P a 2 P a 6 λ 8 λ 3 λ 9 λ 2 P b 8 = P b 9 = P b 10 = P a 11 λ 6 λ 4 P b 2 = P a 3 = P b 4 P a 4 = P a 5 λ 11 λ 10 P b 6 P a 10 λ 5 P b 5 P b 11 λ 7 P b 7 P a 7 ✽ ✴ ✷✸

  14. ■❢ ♦r ♦r ❈♦♥tr❛❞✐❝t✐♦♥✿ ♦r ♦r ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ ❛♥❞ ❝❤♦✐❝❡s ❢♦r ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✶ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 2 P c ✾ ✴ ✷✸

  15. ■❢ ❛♥❞ ❝❤♦✐❝❡s ❢♦r ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✶ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 2 P c ■❢ λ 1 = 0 ♦r λ 2 = 0 ♦r λ 1 = λ 2 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c ♦r P a = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ✾ ✴ ✷✸

  16. ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✶ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 2 P c ■❢ λ 1 = 0 ♦r λ 2 = 0 ♦r λ 1 = λ 2 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c ♦r P a = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ λ 1 , λ 2 � = 0 ❛♥❞ λ 1 � = λ 2 • 2 n ❝❤♦✐❝❡s ❢♦r P a ✾ ✴ ✷✸

  17. ❋✐①❡s ✭✇❤✐❝❤ ✐s ❛s ❞❡s✐r❡❞✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✶ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 2 P c ■❢ λ 1 = 0 ♦r λ 2 = 0 ♦r λ 1 = λ 2 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c ♦r P a = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ λ 1 , λ 2 � = 0 ❛♥❞ λ 1 � = λ 2 • 2 n ❝❤♦✐❝❡s ❢♦r P a • ❋✐①❡s P b = λ 1 ⊕ P a ✭✇❤✐❝❤ ✐s � = P a ❛s ❞❡s✐r❡❞✮ ✾ ✴ ✷✸

  18. ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✶ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 2 P c ■❢ λ 1 = 0 ♦r λ 2 = 0 ♦r λ 1 = λ 2 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c ♦r P a = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ λ 1 , λ 2 � = 0 ❛♥❞ λ 1 � = λ 2 • 2 n ❝❤♦✐❝❡s ❢♦r P a • ❋✐①❡s P b = λ 1 ⊕ P a ✭✇❤✐❝❤ ✐s � = P a ❛s ❞❡s✐r❡❞✮ • ❋✐①❡s P c = λ 2 ⊕ P b ✭✇❤✐❝❤ ✐s � = P a , P b ❛s ❞❡s✐r❡❞✮ ✾ ✴ ✷✸

  19. ■❢ ♦r ❈♦♥tr❛❞✐❝t✐♦♥✿ ♦r ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ ❝❤♦✐❝❡s ❢♦r ✭✇❤✐❝❤ ✜①❡s ✮ ❋♦r ❛♥❞ ✇❡ r❡q✉✐r❡ ❆t ❧❡❛st ❝❤♦✐❝❡s ❢♦r ✭✇❤✐❝❤ ✜①❡s ✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✷ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 λ 2 P c P d P c ⊕ P d = λ 2 ✶✵ ✴ ✷✸

  20. ■❢ ❝❤♦✐❝❡s ❢♦r ✭✇❤✐❝❤ ✜①❡s ✮ ❋♦r ❛♥❞ ✇❡ r❡q✉✐r❡ ❆t ❧❡❛st ❝❤♦✐❝❡s ❢♦r ✭✇❤✐❝❤ ✜①❡s ✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✷ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 λ 2 P c P d P c ⊕ P d = λ 2 ■❢ λ 1 = 0 ♦r λ 2 = 0 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ✶✵ ✴ ✷✸

  21. ❋♦r ❛♥❞ ✇❡ r❡q✉✐r❡ ❆t ❧❡❛st ❝❤♦✐❝❡s ❢♦r ✭✇❤✐❝❤ ✜①❡s ✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✷ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 λ 2 P c P d P c ⊕ P d = λ 2 ■❢ λ 1 = 0 ♦r λ 2 = 0 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ λ 1 , λ 2 � = 0 • 2 n ❝❤♦✐❝❡s ❢♦r P a ✭✇❤✐❝❤ ✜①❡s P b ✮ ✶✵ ✴ ✷✸

  22. ❆t ❧❡❛st ❝❤♦✐❝❡s ❢♦r ✭✇❤✐❝❤ ✜①❡s ✮ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✷ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 λ 2 P c P d P c ⊕ P d = λ 2 ■❢ λ 1 = 0 ♦r λ 2 = 0 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ λ 1 , λ 2 � = 0 • 2 n ❝❤♦✐❝❡s ❢♦r P a ✭✇❤✐❝❤ ✜①❡s P b ✮ • ❋♦r P c ❛♥❞ P d ✇❡ r❡q✉✐r❡ • P c � = P a , P b • P d = λ 2 ⊕ P c � = P a , P b ✶✵ ✴ ✷✸

  23. ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✷ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 λ 2 P c P d P c ⊕ P d = λ 2 ■❢ λ 1 = 0 ♦r λ 2 = 0 • ❈♦♥tr❛❞✐❝t✐♦♥✿ P a = P b ♦r P b = P c • ❙❝❤❡♠❡ ✐s ❞❡❣❡♥❡r❛t❡ ■❢ λ 1 , λ 2 � = 0 • 2 n ❝❤♦✐❝❡s ❢♦r P a ✭✇❤✐❝❤ ✜①❡s P b ✮ • ❋♦r P c ❛♥❞ P d ✇❡ r❡q✉✐r❡ • P c � = P a , P b • P d = λ 2 ⊕ P c � = P a , P b • ❆t ❧❡❛st 2 n − 4 ❝❤♦✐❝❡s ❢♦r P c ✭✇❤✐❝❤ ✜①❡s P d ✮ ✶✵ ✴ ✷✸

  24. ■❢ ❈♦♥tr❛❞✐❝t✐♦♥✿ ❡q✉❛t✐♦♥s s✉♠ t♦ ❙❝❤❡♠❡ ❝♦♥t❛✐♥s ❛ ❝✐r❝❧❡ ■❢ ❖♥❡ r❡❞✉♥❞❛♥t ❡q✉❛t✐♦♥✱ ♥♦ ❝♦♥tr❛❞✐❝t✐♦♥ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✸ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 3 λ 2 P c ⊕ P a = λ 3 P c • ❆ss✉♠❡ λ i � = 0 ❛♥❞ λ i � = λ j ✶✶ ✴ ✷✸

  25. ■❢ ❖♥❡ r❡❞✉♥❞❛♥t ❡q✉❛t✐♦♥✱ ♥♦ ❝♦♥tr❛❞✐❝t✐♦♥ ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✸ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 3 λ 2 P c ⊕ P a = λ 3 P c • ❆ss✉♠❡ λ i � = 0 ❛♥❞ λ i � = λ j ■❢ λ 1 ⊕ λ 2 ⊕ λ 3 � = 0 • ❈♦♥tr❛❞✐❝t✐♦♥✿ ❡q✉❛t✐♦♥s s✉♠ t♦ 0 = λ 1 ⊕ λ 2 ⊕ λ 3 • ❙❝❤❡♠❡ ❝♦♥t❛✐♥s ❛ ❝✐r❝❧❡ ✶✶ ✴ ✷✸

  26. ▼✐rr♦r ❚❤❡♦r②✿ ❚♦② ❊①❛♠♣❧❡ ✸ λ 1 • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s✿ P a P b P a ⊕ P b = λ 1 P b ⊕ P c = λ 2 λ 3 λ 2 P c ⊕ P a = λ 3 P c • ❆ss✉♠❡ λ i � = 0 ❛♥❞ λ i � = λ j ■❢ λ 1 ⊕ λ 2 ⊕ λ 3 � = 0 • ❈♦♥tr❛❞✐❝t✐♦♥✿ ❡q✉❛t✐♦♥s s✉♠ t♦ 0 = λ 1 ⊕ λ 2 ⊕ λ 3 • ❙❝❤❡♠❡ ❝♦♥t❛✐♥s ❛ ❝✐r❝❧❡ ■❢ λ 1 ⊕ λ 2 ⊕ λ 3 = 0 • ❖♥❡ r❡❞✉♥❞❛♥t ❡q✉❛t✐♦♥✱ ♥♦ ❝♦♥tr❛❞✐❝t✐♦♥ ✶✶ ✴ ✷✸

  27. ▼✐rr♦r ❚❤❡♦r②✿ ❚✇♦ Pr♦❜❧❡♠❛t✐❝ ❈❛s❡s ❈✐r❝❧❡ ❉❡❣❡♥❡r❛❝② λ 1 P b 1 P b 1 = P a 2 P a 1 = P a 2 P a 8 λ 2 λ 1 P b 2 = P a 3 λ 2 λ 1 ⊕ λ 2 ⊕ · · · ⊕ λ 7 λ 3 P b 2 = P b 3 P a 3 = P a 4 P a 1 = P b 5 λ 3 P b 7 = P b 8 P b 3 = P a 4 λ 7 λ 5 λ 4 λ 4 P b 4 = P a 5 P b 4 = P a 5 λ 5 λ 6 P b 6 = P b 7 P b 5 = P a 6 ✶✷ ✴ ✷✸

  28. ▼✐rr♦r ❚❤❡♦r②✿ ▼❛✐♥ ❘❡s✉❧t ❙②st❡♠ ♦❢ ❊q✉❛t✐♦♥s • r ❞✐st✐♥❝t ✉♥❦♥♦✇♥s P = { P 1 , . . . , P r } • ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s P a i ⊕ P b i = λ i • ❙✉r❥❡❝t✐♦♥ ϕ : { a 1 , b 1 , . . . , a q , b q } → { 1 , . . . , r } ▼❛✐♥ ❘❡s✉❧t ■❢ t❤❡ s②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ✐s ❝✐r❝❧❡✲❢r❡❡ ❛♥❞ ♥♦♥✲❞❡❣❡♥❡r❛t❡✱ t❤❡ ♥✉♠❜❡r ♦❢ s♦❧✉t✐♦♥s t♦ P s✉❝❤ t❤❛t P a � = P b ❢♦r ❛❧❧ ❞✐st✐♥❝t a, b ∈ { 1 , . . . , r } ✐s ❛t ❧❡❛st (2 n ) r 2 nq ♣r♦✈✐❞❡❞ t❤❡ ♠❛①✐♠✉♠ tr❡❡ s✐③❡ ξ s❛t✐s✜❡s ( ξ − 1) 2 · r ≤ 2 n / 67 ✶✸ ✴ ✷✸

  29. ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ■♥♣✉ts t♦ ❛r❡ ❛❧❧ ❞✐st✐♥❝t✿ ✉♥❦♥♦✇♥s ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P p 0 �· p y x 1 �· ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } ✶✹ ✴ ✷✸

  30. ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ■♥♣✉ts t♦ ❛r❡ ❛❧❧ ❞✐st✐♥❝t✿ ✉♥❦♥♦✇♥s ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P p 0 �· p y x 1 �· ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p (0 � x i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p (1 � x i ) =: P b i ✶✹ ✴ ✷✸

  31. ■♥♣✉ts t♦ ❛r❡ ❛❧❧ ❞✐st✐♥❝t✿ ✉♥❦♥♦✇♥s ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P p 0 �· p y x 1 �· ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p (0 � x i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p (1 � x i ) =: P b i • ❙②st❡♠ ♦❢ q ❡q✉❛t✐♦♥s P a i ⊕ P b i = y i ✶✹ ✴ ✷✸

  32. ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P p 0 �· p y x 1 �· ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p (0 � x i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p (1 � x i ) =: P b i • ❙②st❡♠ ♦❢ q ❡q✉❛t✐♦♥s P a i ⊕ P b i = y i • ■♥♣✉ts t♦ p ❛r❡ ❛❧❧ ❞✐st✐♥❝t✿ 2 q ✉♥❦♥♦✇♥s ✶✹ ✴ ✷✸

  33. ■❢ ✿ ❛t ❧❡❛st s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s ❆♣♣❧②✐♥❣ ▼✐rr♦r ❚❤❡♦r② ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ♣r♦✈✐❞❡❞ t❤❛t ❢♦r ❛❧❧ ▼❛①✐♠✉♠ tr❡❡ s✐③❡ ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P P a 1 P a 2 P a q y q y 1 y 2 · · · P b q P b 1 P b 2 ✶✺ ✴ ✷✸

  34. ■❢ ✿ ❛t ❧❡❛st s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P P a 1 P a 2 P a q y q y 1 y 2 · · · P b q P b 1 P b 2 ❆♣♣❧②✐♥❣ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ♣r♦✈✐❞❡❞ t❤❛t y i � = 0 ❢♦r ❛❧❧ i • ▼❛①✐♠✉♠ tr❡❡ s✐③❡ 2 ✶✺ ✴ ✷✸

  35. ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P P a 1 P a 2 P a q y q y 1 y 2 · · · P b q P b 1 P b 2 ❆♣♣❧②✐♥❣ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ♣r♦✈✐❞❡❞ t❤❛t y i � = 0 ❢♦r ❛❧❧ i • ▼❛①✐♠✉♠ tr❡❡ s✐③❡ 2 • ■❢ 2 q ≤ 2 n / 67 ✿ ❛t ❧❡❛st (2 n ) 2 q s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s 2 nq ✶✺ ✴ ✷✸

  36. ❣✐✈❡s ❋♦r ❛♥② ❣♦♦❞ tr❛♥s❝r✐♣t✿ ❣✐✈❡s ❇❛❞ tr❛♥s❝r✐♣t✿ ✐❢ ❢♦r s♦♠❡ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P ❍✲❈♦❡✣❝✐❡♥t ❚❡❝❤♥✐q✉❡ ❬P❛t✾✶✱P❛t✵✽✱❈❙✶✹❪ ▲❡t ε ≥ 0 ❜❡ s✉❝❤ t❤❛t ❢♦r ❛❧❧ ❣♦♦❞ tr❛♥s❝r✐♣ts τ ✿ Pr [ XoP ❣✐✈❡s τ ] ≥ 1 − ε Pr [ f ❣✐✈❡s τ ] ❚❤❡♥✱ Adv prf XoP ( q ) ≤ ε + Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] ✶✻ ✴ ✷✸

  37. ❣✐✈❡s ❋♦r ❛♥② ❣♦♦❞ tr❛♥s❝r✐♣t✿ ❣✐✈❡s ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P ❍✲❈♦❡✣❝✐❡♥t ❚❡❝❤♥✐q✉❡ ❬P❛t✾✶✱P❛t✵✽✱❈❙✶✹❪ ▲❡t ε ≥ 0 ❜❡ s✉❝❤ t❤❛t ❢♦r ❛❧❧ ❣♦♦❞ tr❛♥s❝r✐♣ts τ ✿ Pr [ XoP ❣✐✈❡s τ ] ≥ 1 − ε Pr [ f ❣✐✈❡s τ ] ❚❤❡♥✱ Adv prf XoP ( q ) ≤ ε + Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] • ❇❛❞ tr❛♥s❝r✐♣t✿ ✐❢ y i = 0 ❢♦r s♦♠❡ i • Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] = q/ 2 n ✶✻ ✴ ✷✸

  38. ❣✐✈❡s ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P ❍✲❈♦❡✣❝✐❡♥t ❚❡❝❤♥✐q✉❡ ❬P❛t✾✶✱P❛t✵✽✱❈❙✶✹❪ ▲❡t ε ≥ 0 ❜❡ s✉❝❤ t❤❛t ❢♦r ❛❧❧ ❣♦♦❞ tr❛♥s❝r✐♣ts τ ✿ Pr [ XoP ❣✐✈❡s τ ] ≥ 1 − ε Pr [ f ❣✐✈❡s τ ] ❚❤❡♥✱ Adv prf XoP ( q ) ≤ ε + Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] • ❇❛❞ tr❛♥s❝r✐♣t✿ ✐❢ y i = 0 ❢♦r s♦♠❡ i • Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] = q/ 2 n • ❋♦r ❛♥② ❣♦♦❞ tr❛♥s❝r✐♣t✿ • Pr [ XoP ❣✐✈❡s τ ] ≥ (2 n ) 2 q 1 · 2 nq (2 n ) 2 q ✶✻ ✴ ✷✸

  39. ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P ❍✲❈♦❡✣❝✐❡♥t ❚❡❝❤♥✐q✉❡ ❬P❛t✾✶✱P❛t✵✽✱❈❙✶✹❪ ▲❡t ε ≥ 0 ❜❡ s✉❝❤ t❤❛t ❢♦r ❛❧❧ ❣♦♦❞ tr❛♥s❝r✐♣ts τ ✿ Pr [ XoP ❣✐✈❡s τ ] ≥ 1 − ε Pr [ f ❣✐✈❡s τ ] ❚❤❡♥✱ Adv prf XoP ( q ) ≤ ε + Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] • ❇❛❞ tr❛♥s❝r✐♣t✿ ✐❢ y i = 0 ❢♦r s♦♠❡ i • Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] = q/ 2 n • ❋♦r ❛♥② ❣♦♦❞ tr❛♥s❝r✐♣t✿ • Pr [ XoP ❣✐✈❡s τ ] ≥ (2 n ) 2 q 1 · 2 nq (2 n ) 2 q 1 • Pr [ f ❣✐✈❡s τ ] = 2 nq ✶✻ ✴ ✷✸

  40. ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P ❍✲❈♦❡✣❝✐❡♥t ❚❡❝❤♥✐q✉❡ ❬P❛t✾✶✱P❛t✵✽✱❈❙✶✹❪ ▲❡t ε ≥ 0 ❜❡ s✉❝❤ t❤❛t ❢♦r ❛❧❧ ❣♦♦❞ tr❛♥s❝r✐♣ts τ ✿ Pr [ XoP ❣✐✈❡s τ ] ≥ 1 − ε Pr [ f ❣✐✈❡s τ ] ❚❤❡♥✱ Adv prf XoP ( q ) ≤ ε + Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] • ❇❛❞ tr❛♥s❝r✐♣t✿ ✐❢ y i = 0 ❢♦r s♦♠❡ i • Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] = q/ 2 n • ❋♦r ❛♥② ❣♦♦❞ tr❛♥s❝r✐♣t✿ � • Pr [ XoP ❣✐✈❡s τ ] ≥ (2 n ) 2 q 1 · ε = 0 2 nq (2 n ) 2 q 1 • Pr [ f ❣✐✈❡s τ ] = 2 nq ✶✻ ✴ ✷✸

  41. ▼✐rr♦r ❚❤❡♦r② ❆♣♣❧✐❡❞ t♦ ❳♦P ❍✲❈♦❡✣❝✐❡♥t ❚❡❝❤♥✐q✉❡ ❬P❛t✾✶✱P❛t✵✽✱❈❙✶✹❪ ▲❡t ε ≥ 0 ❜❡ s✉❝❤ t❤❛t ❢♦r ❛❧❧ ❣♦♦❞ tr❛♥s❝r✐♣ts τ ✿ Pr [ XoP ❣✐✈❡s τ ] ≥ 1 − ε Pr [ f ❣✐✈❡s τ ] ❚❤❡♥✱ Adv prf XoP ( q ) ≤ ε + Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] • ❇❛❞ tr❛♥s❝r✐♣t✿ ✐❢ y i = 0 ❢♦r s♦♠❡ i • Pr [ ❜❛❞ tr❛♥s❝r✐♣t ❢♦r f ] = q/ 2 n • ❋♦r ❛♥② ❣♦♦❞ tr❛♥s❝r✐♣t✿ � • Pr [ XoP ❣✐✈❡s τ ] ≥ (2 n ) 2 q 1 · ε = 0 2 nq (2 n ) 2 q 1 • Pr [ f ❣✐✈❡s τ ] = 2 nq Adv prf XoP ( q ) ≤ q/ 2 n ✶✻ ✴ ✷✸

  42. ❳♦r ♦❢ ♣❡r♠✉t❛t✐♦♥s ✐♥ t❤❡ ♠✐❞❞❧❡ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ✬s ❛❧❧ ✉♥✐q✉❡✱ ✬s ♠❛② ❝♦❧❧✐❞❡ ❊❉▼ x p 1 p 2 y x ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } ✶✼ ✴ ✷✸

  43. ❳♦r ♦❢ ♣❡r♠✉t❛t✐♦♥s ✐♥ t❤❡ ♠✐❞❞❧❡ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ✬s ❛❧❧ ✉♥✐q✉❡✱ ✬s ♠❛② ❝♦❧❧✐❞❡ ❊❉▼ x p 1 p 2 y x ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } ✶✼ ✴ ✷✸

  44. ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ✬s ❛❧❧ ✉♥✐q✉❡✱ ✬s ♠❛② ❝♦❧❧✐❞❡ ❊❉▼ x p 1 p 2 y x ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❳♦r ♦❢ ♣❡r♠✉t❛t✐♦♥s ✐♥ t❤❡ ♠✐❞❞❧❡ ✶✼ ✴ ✷✸

  45. ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ✬s ❛❧❧ ✉♥✐q✉❡✱ ✬s ♠❛② ❝♦❧❧✐❞❡ ❊❉▼ x p 1 p 2 y x ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❳♦r ♦❢ ♣❡r♠✉t❛t✐♦♥s ✐♥ t❤❡ ♠✐❞❞❧❡ • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p 1 ( x i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ y i �→ p − 1 2 ( y i ) =: P b i ✶✼ ✴ ✷✸

  46. ✬s ❛❧❧ ✉♥✐q✉❡✱ ✬s ♠❛② ❝♦❧❧✐❞❡ ❊❉▼ x p 1 p 2 y x ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❳♦r ♦❢ ♣❡r♠✉t❛t✐♦♥s ✐♥ t❤❡ ♠✐❞❞❧❡ • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p 1 ( x i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ y i �→ p − 1 2 ( y i ) =: P b i • ❙②st❡♠ ♦❢ q ❡q✉❛t✐♦♥s P a i ⊕ P b i = x i ✶✼ ✴ ✷✸

  47. ❊❉▼ x p 1 p 2 y x ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( x 1 , y 1 ) , . . . , ( x q , y q ) } • ❳♦r ♦❢ ♣❡r♠✉t❛t✐♦♥s ✐♥ t❤❡ ♠✐❞❞❧❡ • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ x i �→ p 1 ( x i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ y i �→ p − 1 2 ( y i ) =: P b i • ❙②st❡♠ ♦❢ q ❡q✉❛t✐♦♥s P a i ⊕ P b i = x i • x i ✬s ❛❧❧ ✉♥✐q✉❡✱ y i ✬s ♠❛② ❝♦❧❧✐❞❡ ✶✼ ✴ ✷✸

  48. ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ❛s ❢♦r ❛❧❧ ▼❛① tr❡❡ s✐③❡ ✿ ♣r♦✈✐❞❡❞ ♥♦ ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ ■❢ ✿ ❛t ❧❡❛st s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s ❍✲❝♦❡✣❝✐❡♥t t❡❝❤♥✐q✉❡✿ ❝♦✈❡rs ✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② ❊❉▼ P a ξ 1+ P a q ✕ ξs + P a 1 1 1 x q ✕ ξ s + x ξ 1 + x 1 1 1 P a 2 P a ξ 1+ P a q ✕ ξs + x q ✕ ξ s + x ξ 1 + x 2 2 2 2 2 P b 1 P b 2 · · · P b s ξ 2 x ξ 1 + x q x ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ✶✽ ✴ ✷✸

  49. ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ❛s ❢♦r ❛❧❧ ▼❛① tr❡❡ s✐③❡ ✿ ♣r♦✈✐❞❡❞ ♥♦ ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ ■❢ ✿ ❛t ❧❡❛st s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s ❍✲❝♦❡✣❝✐❡♥t t❡❝❤♥✐q✉❡✿ ❊❉▼ P a ξ 1+ P a q ✕ ξs + P a 1 1 1 x q ✕ ξ s + x ξ 1 + x 1 1 1 P a 2 P a ξ 1+ P a q ✕ ξs + x q ✕ ξ s + x ξ 1 + x 2 2 2 2 2 P b 1 P b 2 · · · P b s ξ 2 x ξ 1 + x q x ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ❝♦✈❡rs ✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② ✶✽ ✴ ✷✸

  50. ■❢ ✿ ❛t ❧❡❛st s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s ❍✲❝♦❡✣❝✐❡♥t t❡❝❤♥✐q✉❡✿ ❊❉▼ P a ξ 1+ P a q ✕ ξs + P a 1 1 1 x q ✕ ξ s + x ξ 1 + x 1 1 1 P a 2 P a ξ 1+ P a q ✕ ξs + x q ✕ ξ s + x ξ 1 + x 2 2 2 2 2 P b 1 P b 2 · · · P b s ξ 2 x ξ 1 + x q x ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ❝♦✈❡rs ✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p 1 • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ❛s x i � = x j ❢♦r ❛❧❧ i � = j • ▼❛① tr❡❡ s✐③❡ ξ + 1 ✿ ♣r♦✈✐❞❡❞ ♥♦ ( ξ + 1) ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ ✶✽ ✴ ✷✸

  51. ❍✲❝♦❡✣❝✐❡♥t t❡❝❤♥✐q✉❡✿ ❊❉▼ P a ξ 1+ P a q ✕ ξs + P a 1 1 1 x q ✕ ξ s + x ξ 1 + x 1 1 1 P a 2 P a ξ 1+ P a q ✕ ξs + x q ✕ ξ s + x ξ 1 + x 2 2 2 2 2 P b 1 P b 2 · · · P b s ξ 2 x ξ 1 + x q x ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ❝♦✈❡rs ✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p 1 • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ❛s x i � = x j ❢♦r ❛❧❧ i � = j • ▼❛① tr❡❡ s✐③❡ ξ + 1 ✿ ♣r♦✈✐❞❡❞ ♥♦ ( ξ + 1) ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ • ■❢ ξ 2 q ≤ 2 n / 67 ✿ ❛t ❧❡❛st (2 n ) s · (2 n − 1) q s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s 2 nq ✶✽ ✴ ✷✸

  52. ❊❉▼ P a ξ 1+ P a q ✕ ξs + P a 1 1 1 x q ✕ ξ s + x ξ 1 + x 1 1 1 P a 2 P a ξ 1+ P a q ✕ ξs + x q ✕ ξ s + x ξ 1 + x 2 2 2 2 2 P b 1 P b 2 · · · P b s ξ 2 x ξ 1 + x q x ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ❝♦✈❡rs ✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p 1 • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ❛s x i � = x j ❢♦r ❛❧❧ i � = j • ▼❛① tr❡❡ s✐③❡ ξ + 1 ✿ ♣r♦✈✐❞❡❞ ♥♦ ( ξ + 1) ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ • ■❢ ξ 2 q ≤ 2 n / 67 ✿ ❛t ❧❡❛st (2 n ) s · (2 n − 1) q s♦❧✉t✐♦♥s t♦ ✉♥❦♥♦✇♥s 2 nq � q EDM ( q ) ≤ q/ 2 n + • ❍✲❝♦❡✣❝✐❡♥t t❡❝❤♥✐q✉❡✿ Adv prf � / 2 nξ ξ +1 ✶✽ ✴ ✷✸

  53. ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ❊①tr❛ ✐ss✉❡✿ ♠❛② ❝♦❧❧✐❞❡ ❊❲❈❉▼ ν p 1 p 2 ν t h ( m ) ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( ν 1 , m 1 , t 1 ) , . . . , ( ν q , m q , t q ) } ✶✾ ✴ ✷✸

  54. ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ❙②st❡♠ ♦❢ ❡q✉❛t✐♦♥s ❊①tr❛ ✐ss✉❡✿ ♠❛② ❝♦❧❧✐❞❡ ❊❲❈❉▼ ν p 1 p 2 ν t h ( m ) ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( ν 1 , m 1 , t 1 ) , . . . , ( ν q , m q , t q ) } ✶✾ ✴ ✷✸

  55. ❊①tr❛ ✐ss✉❡✿ ♠❛② ❝♦❧❧✐❞❡ ❊❲❈❉▼ ν p 1 p 2 ν t h ( m ) ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( ν 1 , m 1 , t 1 ) , . . . , ( ν q , m q , t q ) } • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ν i �→ p 1 ( ν i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ t i �→ p − 1 2 ( t i ) =: P b i • ❙②st❡♠ ♦❢ q ❡q✉❛t✐♦♥s P a i ⊕ P b i = ν i ⊕ h ( m i ) ✶✾ ✴ ✷✸

  56. ❊❲❈❉▼ ν p 1 p 2 ν t h ( m ) ●❡♥❡r❛❧ ❙❡tt✐♥❣ • ❆❞✈❡rs❛r② ❣❡ts tr❛♥s❝r✐♣t τ = { ( ν 1 , m 1 , t 1 ) , . . . , ( ν q , m q , t q ) } • ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ ν i �→ p 1 ( ν i ) =: P a i ❛♥❞ ❊❛❝❤ t✉♣❧❡ ❝♦rr❡s♣♦♥❞s t♦ t i �→ p − 1 2 ( t i ) =: P b i • ❙②st❡♠ ♦❢ q ❡q✉❛t✐♦♥s P a i ⊕ P b i = ν i ⊕ h ( m i ) • ❊①tr❛ ✐ss✉❡✿ ν i ⊕ h ( m i ) ♠❛② ❝♦❧❧✐❞❡ ✶✾ ✴ ✷✸

  57. ■❢ ✿ ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ♣r♦✈✐❞❡❞ ✐♥ ❛❧❧ tr❡❡s ▼❛① tr❡❡ s✐③❡ ✿ ♣r♦✈✐❞❡❞ ♥♦ ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ ❊❲❈❉▼ P a ξ 1+ P a 1 P a q ✕ ξs + 1 ν ξ 1 + 1 ν ν 1 ⊕ h ( m 1 ) q ✕ ξ 1 ⊕ h ( m ξ 1 + + s 1 ⊕ h ( m ν q ✕ ξ s + q ✕ ξ ν ξ 1 + 1 ) ν 2 + P a ξ 1+ P a q ✕ ξs + 2 ⊕ h ( m s ) P a 2 ⊕ h 2 ⊕ h ( m ξ 1 + 1 ( m 2 ) 2 2 ) 2 q ✕ ξ s 2 ) + P b 1 P b 2 · · · P b s ) ν ξ 1 ⊕ h ( m ξ 1 ) ξ 2 + ) m ξ 1 m ( q h ( h ⊕ ⊕ ν ξ 2 q + ν ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ✷✵ ✴ ✷✸

  58. ■❢ ✿ ❊❲❈❉▼ P a ξ 1+ P a 1 P a q ✕ ξs + 1 ν ξ 1 + 1 ν ν 1 ⊕ h ( m 1 ) q ✕ ξ 1 ⊕ h ( m ξ 1 + + s 1 ⊕ h ( m ν q ✕ ξ s + q ✕ ξ ν ξ 1 + 1 ) ν 2 + P a ξ 1+ P a q ✕ ξs + 2 ⊕ h ( m s ) P a 2 ⊕ h 2 ⊕ h ( m ξ 1 + 1 ( m 2 ) 2 2 ) 2 q ✕ ξ s 2 ) + P b 1 P b 2 · · · P b s ) ν ξ 1 ⊕ h ( m ξ 1 ) ξ 2 + ) m ξ 1 m ( q h ( h ⊕ ⊕ ν ξ 2 q + ν ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p 1 • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ♣r♦✈✐❞❡❞ ν i ⊕ h ( m i ) � = ν j ⊕ h ( m j ) ✐♥ ❛❧❧ tr❡❡s • ▼❛① tr❡❡ s✐③❡ ξ + 1 ✿ ♣r♦✈✐❞❡❞ ♥♦ ( ξ + 1) ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ ✷✵ ✴ ✷✸

  59. ❊❲❈❉▼ P a ξ 1+ P a 1 P a q ✕ ξs + 1 ν ξ 1 + 1 ν ν 1 ⊕ h ( m 1 ) q ✕ ξ 1 ⊕ h ( m ξ 1 + + s 1 ⊕ h ( m ν q ✕ ξ s + q ✕ ξ ν ξ 1 + 1 ) ν 2 + P a ξ 1+ P a q ✕ ξs + 2 ⊕ h ( m s ) P a 2 ⊕ h 2 ⊕ h ( m ξ 1 + 1 ( m 2 ) 2 2 ) 2 q ✕ ξ s 2 ) + P b 1 P b 2 · · · P b s ) ν ξ 1 ⊕ h ( m ξ 1 ) ξ 2 + ) m ξ 1 m ( q h ( h ⊕ ⊕ ν ξ 2 q + ν ξ 1 P a ξ 1 P a ξ 1+ P a q ξ 2 ❆♣♣❧②✐♥❣ ❘❡❧❛①❡❞ ▼✐rr♦r ❚❤❡♦r② • ❈✐r❝❧❡✲❢r❡❡✿ ♥♦ ❝♦❧❧✐s✐♦♥s ✐♥ ✐♥♣✉ts t♦ p 1 • ◆♦♥✲❞❡❣❡♥❡r❛t❡✿ ♣r♦✈✐❞❡❞ ν i ⊕ h ( m i ) � = ν j ⊕ h ( m j ) ✐♥ ❛❧❧ tr❡❡s • ▼❛① tr❡❡ s✐③❡ ξ + 1 ✿ ♣r♦✈✐❞❡❞ ♥♦ ( ξ + 1) ✲❢♦❧❞ ❝♦❧❧✐s✐♦♥ � q EWCDM ( q ) ≤ q/ 2 n + ǫ/ 2 n + • ■❢ ξ 2 q ≤ 2 n / 67 ✿ Adv prf � q / 2 nξ � � 2 ξ +1 ✷✵ ✴ ✷✸

  60. ✐❞❡♥t✐❝❛❧ ❡q✉✐✈❛❧❡♥t ✐s ❛t ❧❡❛st ❛s s❡❝✉r❡ ❛s ■❢ ✿ ❊❉▼❉ p 1 p 2 y x ✷✶ ✴ ✷✸

  61. ❡q✉✐✈❛❧❡♥t ✐s ❛t ❧❡❛st ❛s s❡❝✉r❡ ❛s ■❢ ✿ ❊❉▼❉ p 1 p 1 p 2 y p 1 p 2 y x x ✐❞❡♥t✐❝❛❧ ✷✶ ✴ ✷✸

  62. ✐s ❛t ❧❡❛st ❛s s❡❝✉r❡ ❛s ■❢ ✿ ❊❉▼❉ p 1 p 1 p 1 p 2 y p 1 p 2 y p 3 y x x x ✐❞❡♥t✐❝❛❧ ❡q✉✐✈❛❧❡♥t ✷✶ ✴ ✷✸

  63. ❊❉▼❉ p 1 p 1 p 1 p 2 y p 1 p 2 y p 3 y x x x ✐❞❡♥t✐❝❛❧ ❡q✉✐✈❛❧❡♥t • EDMD ✐s ❛t ❧❡❛st ❛s s❡❝✉r❡ ❛s XoP • ■❢ q ≤ 2 n / 67 ✿ Adv prf EDMD ( D ) ≤ q/ 2 n ✷✶ ✴ ✷✸

  64. ❊❉▼❉ ✐♥❞❡♣❡♥❞❡♥t✿ ❝❛s❝❛❞✐♥❣ ❤❛s ❧✐♠✐t❡❞ ✐♥✢✉❡♥❝❡ ❙❧✐❞✐♥❣ ✐ss✉❡s ✐❢ ❈♦♥❥❡❝t✉r❡✿ ♦♣t✐♠❛❧ s❡❝✉r✐t② ❙✐♥❣❧❡✲❑❡② ❱❛r✐❛♥ts❄ ❊✭❲❈✮❉▼ p 1 p 2 y x h ( m ) • ✏❳♦P ✐♥ t❤❡ ♠✐❞❞❧❡✑ r❡❧✐❡s ♦♥ ✐♥✈❡rt✐♥❣ p 2 • ❚r✐❝❦ ❢❛✐❧s ✐❢ p 1 = p 2 ✷✷ ✴ ✷✸

  65. ❈♦♥❥❡❝t✉r❡✿ ♦♣t✐♠❛❧ s❡❝✉r✐t② ❙✐♥❣❧❡✲❑❡② ❱❛r✐❛♥ts❄ ❊✭❲❈✮❉▼ ❊❉▼❉ p 1 p 2 y p 1 p 2 y x x h ( m ) • ✏❳♦P ✐♥ t❤❡ ♠✐❞❞❧❡✑ • p 1 , p 2 ✐♥❞❡♣❡♥❞❡♥t✿ r❡❧✐❡s ♦♥ ✐♥✈❡rt✐♥❣ p 2 ❝❛s❝❛❞✐♥❣ ❤❛s ❧✐♠✐t❡❞ ✐♥✢✉❡♥❝❡ • ❚r✐❝❦ ❢❛✐❧s ✐❢ p 1 = p 2 • ❙❧✐❞✐♥❣ ✐ss✉❡s ✐❢ p 1 = p 2 ✷✷ ✴ ✷✸

  66. ❙✐♥❣❧❡✲❑❡② ❱❛r✐❛♥ts❄ ❊✭❲❈✮❉▼ ❊❉▼❉ p 1 p 2 y p 1 p 2 y x x h ( m ) • ✏❳♦P ✐♥ t❤❡ ♠✐❞❞❧❡✑ • p 1 , p 2 ✐♥❞❡♣❡♥❞❡♥t✿ r❡❧✐❡s ♦♥ ✐♥✈❡rt✐♥❣ p 2 ❝❛s❝❛❞✐♥❣ ❤❛s ❧✐♠✐t❡❞ ✐♥✢✉❡♥❝❡ • ❚r✐❝❦ ❢❛✐❧s ✐❢ p 1 = p 2 • ❙❧✐❞✐♥❣ ✐ss✉❡s ✐❢ p 1 = p 2 ❈♦♥❥❡❝t✉r❡✿ ♦♣t✐♠❛❧ 2 n s❡❝✉r✐t② ✷✷ ✴ ✷✸

  67. ❖♣❡♥ ◗✉❡st✐♦♥s ❙✐♥❣❧❡✲❦❡② ✈❛r✐❛♥ts❄ ❉✉❛❧ ♦❢ ❊❲❈❉▼❄ ❋✉rt❤❡r ❛♣♣❧✐❝❛t✐♦♥s ❚❤❛♥❦ ②♦✉ ❢♦r ②♦✉r ❛tt❡♥t✐♦♥✦ ❈♦♥❝❧✉s✐♦♥ ▼✐rr♦r ❚❤❡♦r② • P♦✇❡r❢✉❧ ❜✉t ✉♥❞❡r❡st✐♠❛t❡❞ t❡❝❤♥✐q✉❡ • ■♠♣❧✐❡s ✭❛❧♠♦st✮ ♦♣t✐♠❛❧ s❡❝✉r✐t② ♦❢ ❊✭❲❈✮❉▼ • ■♠♣❧✐❡s ♦♣t✐♠❛❧ s❡❝✉r✐t② ♦❢ ❊❉▼❉ ✷✸ ✴ ✷✸

  68. ❈♦♥❝❧✉s✐♦♥ ▼✐rr♦r ❚❤❡♦r② • P♦✇❡r❢✉❧ ❜✉t ✉♥❞❡r❡st✐♠❛t❡❞ t❡❝❤♥✐q✉❡ • ■♠♣❧✐❡s ✭❛❧♠♦st✮ ♦♣t✐♠❛❧ s❡❝✉r✐t② ♦❢ ❊✭❲❈✮❉▼ • ■♠♣❧✐❡s ♦♣t✐♠❛❧ s❡❝✉r✐t② ♦❢ ❊❉▼❉ ❖♣❡♥ ◗✉❡st✐♦♥s • ❙✐♥❣❧❡✲❦❡② ✈❛r✐❛♥ts❄ • ❉✉❛❧ ♦❢ ❊❲❈❉▼❄ • ❋✉rt❤❡r ❛♣♣❧✐❝❛t✐♦♥s ❚❤❛♥❦ ②♦✉ ❢♦r ②♦✉r ❛tt❡♥t✐♦♥✦ ✷✸ ✴ ✷✸

  69. ❙✉♣♣♦rt✐♥❣ ❙❧✐❞❡s ❙❯PP❖❘❚■◆● ❙▲■❉❊❙ ✷✹ ✴ ✷✸

  70. ❉✐st✐♥❣✉✐s❤❡r ❤❛s q✉❡r② ❛❝❝❡ss t♦ ❡✐t❤❡r ♦r tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ IC E k p blockcipher random permutation • ❚✇♦ ♦r❛❝❧❡s✿ E k ✭❢♦r s❡❝r❡t r❛♥❞♦♠ ❦❡② k ✮ ❛♥❞ p ✷✺ ✴ ✷✸

  71. tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ IC E k p blockcipher random permutation distinguisher D • ❚✇♦ ♦r❛❝❧❡s✿ E k ✭❢♦r s❡❝r❡t r❛♥❞♦♠ ❦❡② k ✮ ❛♥❞ p • ❉✐st✐♥❣✉✐s❤❡r D ❤❛s q✉❡r② ❛❝❝❡ss t♦ ❡✐t❤❡r E k ♦r p ✷✺ ✴ ✷✸

  72. Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ IC E k p blockcipher random permutation distinguisher D • ❚✇♦ ♦r❛❝❧❡s✿ E k ✭❢♦r s❡❝r❡t r❛♥❞♦♠ ❦❡② k ✮ ❛♥❞ p • ❉✐st✐♥❣✉✐s❤❡r D ❤❛s q✉❡r② ❛❝❝❡ss t♦ ❡✐t❤❡r E k ♦r p • D tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ ✷✺ ✴ ✷✸

  73. Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ IC E k p blockcipher random permutation distinguisher D • ❚✇♦ ♦r❛❝❧❡s✿ E k ✭❢♦r s❡❝r❡t r❛♥❞♦♠ ❦❡② k ✮ ❛♥❞ p • ❉✐st✐♥❣✉✐s❤❡r D ❤❛s q✉❡r② ❛❝❝❡ss t♦ ❡✐t❤❡r E k ♦r p • D tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ − Pr [ D p = 1] Adv prp D E k = 1 � � � � E ( D ) = � Pr � ✷✺ ✴ ✷✸

  74. Ps❡✉❞♦r❛♥❞♦♠ ❋✉♥❝t✐♦♥ IC F k f one-way function random function distinguisher D • ❚✇♦ ♦r❛❝❧❡s✿ F k ✭❢♦r s❡❝r❡t r❛♥❞♦♠ ❦❡② k ✮ ❛♥❞ f • ❉✐st✐♥❣✉✐s❤❡r D ❤❛s q✉❡r② ❛❝❝❡ss t♦ ❡✐t❤❡r F k ♦r f • D tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ � � D f = 1 �� Adv prf D F k = 1 � � F ( D ) = − Pr � Pr � � � ✷✻ ✴ ✷✸

  75. ❙❡❝✉r✐t② ❜♦✉♥❞✿ ❈❚❘ ✐s s❡❝✉r❡ ❛s ❧♦♥❣ ❛s✿ ✐s ❛ s❡❝✉r❡ P❘P ◆✉♠❜❡r ♦❢ ❡♥❝r②♣t❡❞ ❜❧♦❝❦s ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · E k E k E k m 1 m 2 m ℓ c 1 c 2 c ℓ ✷✼ ✴ ✷✸

  76. ❈❚❘ ✐s s❡❝✉r❡ ❛s ❧♦♥❣ ❛s✿ ✐s ❛ s❡❝✉r❡ P❘P ◆✉♠❜❡r ♦❢ ❡♥❝r②♣t❡❞ ❜❧♦❝❦s ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · E k E k E k m 1 m 2 m ℓ c 1 c 2 c ℓ • ❙❡❝✉r✐t② ❜♦✉♥❞✿ � σ � Adv cpa CTR [ E ] ( σ ) ≤ Adv prp / 2 n E ( σ ) + 2 ✷✼ ✴ ✷✸

  77. ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · E k E k E k m 1 m 2 m ℓ c 1 c 2 c ℓ • ❙❡❝✉r✐t② ❜♦✉♥❞✿ � σ � Adv cpa CTR [ E ] ( σ ) ≤ Adv prp / 2 n E ( σ ) + 2 • ❈❚❘ [ E ] ✐s s❡❝✉r❡ ❛s ❧♦♥❣ ❛s✿ • E k ✐s ❛ s❡❝✉r❡ P❘P • ◆✉♠❜❡r ♦❢ ❡♥❝r②♣t❡❞ ❜❧♦❝❦s σ ≪ 2 n/ 2 ✷✼ ✴ ✷✸

  78. ❉✐st✐♥❣✉✐s❤✐♥❣ ❛tt❛❝❦ ✐♥ ❜❧♦❝❦s✿ ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · E k E k E k m 1 m 2 m ℓ c 1 c 2 c ℓ • m i ⊕ c i ✐s ❞✐st✐♥❝t ❢♦r ❛❧❧ σ ❜❧♦❝❦s • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ str✐♥❣ ✷✽ ✴ ✷✸

  79. ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ P❡r♠✉t❛t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · E k E k E k m 1 m 2 m ℓ c 1 c 2 c ℓ • m i ⊕ c i ✐s ❞✐st✐♥❝t ❢♦r ❛❧❧ σ ❜❧♦❝❦s • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ str✐♥❣ • ❉✐st✐♥❣✉✐s❤✐♥❣ ❛tt❛❝❦ ✐♥ σ ≈ 2 n/ 2 ❜❧♦❝❦s✿ � σ � / 2 n � Adv cpa CTR [ E ] ( σ ) 2 ✷✽ ✴ ✷✸

  80. ❙❡❝✉r✐t② ❜♦✉♥❞✿ ❈❚❘ ✐s s❡❝✉r❡ ❛s ❧♦♥❣ ❛s ✐s ❛ s❡❝✉r❡ P❘❋ ❇✐rt❤❞❛② ❜♦✉♥❞ s❡❝✉r✐t② ❧♦ss ❞✐s❛♣♣❡❛r❡❞ ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ ❋✉♥❝t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · F k F k F k m 1 m 2 m ℓ c 1 c 2 c ℓ ✷✾ ✴ ✷✸

  81. ❈❚❘ ✐s s❡❝✉r❡ ❛s ❧♦♥❣ ❛s ✐s ❛ s❡❝✉r❡ P❘❋ ❇✐rt❤❞❛② ❜♦✉♥❞ s❡❝✉r✐t② ❧♦ss ❞✐s❛♣♣❡❛r❡❞ ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ ❋✉♥❝t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · F k F k F k m 1 m 2 m ℓ c 1 c 2 c ℓ • ❙❡❝✉r✐t② ❜♦✉♥❞✿ Adv cpa CTR [ F ] ( σ ) ≤ Adv prf F ( σ ) ✷✾ ✴ ✷✸

  82. ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ Ps❡✉❞♦r❛♥❞♦♠ ❋✉♥❝t✐♦♥ n + 1 n + 2 n + ℓ · · · · · · F k F k F k m 1 m 2 m ℓ c 1 c 2 c ℓ • ❙❡❝✉r✐t② ❜♦✉♥❞✿ Adv cpa CTR [ F ] ( σ ) ≤ Adv prf F ( σ ) • ❈❚❘ [ F ] ✐s s❡❝✉r❡ ❛s ❧♦♥❣ ❛s F k ✐s ❛ s❡❝✉r❡ P❘❋ • ❇✐rt❤❞❛② ❜♦✉♥❞ s❡❝✉r✐t② ❧♦ss ❞✐s❛♣♣❡❛r❡❞ ✷✾ ✴ ✷✸

  83. ❇❡②♦♥❞ ❜✐rt❤❞❛②✲❜♦✉♥❞ ❜✉t ✷① ❛s ❡①♣❡♥s✐✈❡ ❛s ❈❚❘ ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ ❳♦P 0 � n +1 1 � n +1 0 � n +2 1 � n +2 0 � n + ℓ 1 � n + ℓ E k E k · · · · · · E k E k E k E k m 1 m 2 m ℓ c 2 c ℓ c 1 • ❙❡❝✉r✐t② ❜♦✉♥❞✿ Adv cpa CTR [ XoP ] ( σ ) ≤ Adv prf XoP ( σ ) ✸✵ ✴ ✷✸

  84. ❇❡②♦♥❞ ❜✐rt❤❞❛②✲❜♦✉♥❞ ❜✉t ✷① ❛s ❡①♣❡♥s✐✈❡ ❛s ❈❚❘ ❈♦✉♥t❡r ▼♦❞❡ ❇❛s❡❞ ♦♥ ❳♦P 0 � n +1 1 � n +1 0 � n +2 1 � n +2 0 � n + ℓ 1 � n + ℓ E k E k · · · · · · E k E k E k E k m 1 m 2 m ℓ c 2 c ℓ c 1 • ❙❡❝✉r✐t② ❜♦✉♥❞✿ Adv cpa CTR [ XoP ] ( σ ) ≤ Adv prf XoP ( σ ) ≤ Adv prp E (2 σ ) + σ/ 2 n ✸✵ ✴ ✷✸

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cryptanalysis of AES-PRF and Its Dual Patrick Derbez 1 Tetsu Iwata 2 Ling Sun 3 , 4 Siwei Sun 5

Cryptanalysis of AES-PRF and Its Dual Patrick Derbez 1 Tetsu Iwata 2 Ling Sun 3 , 4 Siwei Sun 5

Motivation Preliminary Overview Attacks on AES-PRF Attacks on Dual-AES-PRF Conclusion Cryptanalysis of AES-PRF and Its Dual Patrick Derbez 1 Tetsu Iwata 2 Ling Sun 3 , 4 Siwei Sun 5 Yosuke Todo 6 Haoyang Wang 4 Meiqin Wang 3 1. Univ Rennes,

534 views • 25 slides
Spatiotemporal Pattern Extraction by Spectral Analysis of Vector-valued Observables Dimitris

Spatiotemporal Pattern Extraction by Spectral Analysis of Vector-valued Observables Dimitris

Spatiotemporal Pattern Extraction by Spectral Analysis of Vector-valued Observables Dimitris Giannakis Center for Atmosphere Ocean Science Courant Institute of Mathematical Sciences New York University Geometry and Topology of Data ICERM,

845 views • 25 slides
Elders in Public Housing: Elders in Public Housing: An opportunity for prevention An opportunity

Elders in Public Housing: Elders in Public Housing: An opportunity for prevention An opportunity

Elders in Public Housing: Elders in Public Housing: An opportunity for prevention An opportunity for prevention Judith A. Jones, DDS, MPH, DScD Judith A. Jones, DDS, MPH, DScD Professor and Chair Professor and Chair Department of General

280 views • 9 slides
Market Overview: Senior Dental Brenton Pyle, FSA, MAAA Consulting Actuary CSG Actuarial, LLC

Market Overview: Senior Dental Brenton Pyle, FSA, MAAA Consulting Actuary CSG Actuarial, LLC

Market Overview: Senior Dental Brenton Pyle, FSA, MAAA Consulting Actuary CSG Actuarial, LLC www.csgactuarial.com Dental Market: Overview Senior Dental Market Overview Need For Care Market Size Product Design Projections

345 views • 19 slides
rs

rs

rs rt rt rt rst

1.89k views • 175 slides
Possible Worlds, The Lewis Principle, and the Myth of a Large Ontology Edward N. Zalta CSLI,

Possible Worlds, The Lewis Principle, and the Myth of a Large Ontology Edward N. Zalta CSLI,

Context Object Theory Computational Models Full Models Smallest Model Observations Bibliography Possible Worlds, The Lewis Principle, and the Myth of a Large Ontology Edward N. Zalta CSLI, Stanford University zalta@stanford.edu

300 views • 26 slides
How to use Statas sem command with nonnormal data? A new nonnormality correction for the

How to use Statas sem command with nonnormal data? A new nonnormality correction for the

How to use Statas sem command with nonnormal data? A new nonnormality correction for the RMSEA, CFI and TLI Meeting of the German Stata Users Group at the Ludwig-Maximilians Universitt, 24th May, 2019 ? All models are false, but some are

696 views • 42 slides
Bayesian inference & Markov chain Monte Carlo Note 1: Many slides for this lecture were kindly

Bayesian inference & Markov chain Monte Carlo Note 1: Many slides for this lecture were kindly

Bayesian inference & Markov chain Monte Carlo Note 1: Many slides for this lecture were kindly provided by Paul Lewis and Mark Holder Note 2: Paul Lewis has written nice software for demonstrating Markov chain Monte Carlo idea. Software is

781 views • 62 slides
CMB and Kinetic Inductance Detectors Clarence Chang ANL & KICP MKIDs & Cosmology

CMB and Kinetic Inductance Detectors Clarence Chang ANL & KICP MKIDs & Cosmology

CMB and Kinetic Inductance Detectors Clarence Chang ANL & KICP MKIDs & Cosmology Workshop FNAL August 26-27, 2013 Outline Quick (and incomplete) overview of CMB science Key concepts for CMB technology Current &

570 views • 40 slides
Address Subcommittee Meeting August 14, 2019 11:00 am 12:30 pm Eastern US Department of

Address Subcommittee Meeting August 14, 2019 11:00 am 12:30 pm Eastern US Department of

Address Subcommittee Meeting August 14, 2019 11:00 am 12:30 pm Eastern US Department of Transportation Meeting Agenda 1. Welcome and Introductions/Roll Call 2. NAD Updates Steve Lewis 3. Address Content Subgroup Recommendations for the

681 views • 31 slides
NEW ZEALAND NEW ZEALAND NEW ZEALAND NEW ZEALAND AND THE WOODY ALLEN AND THE WOODY ALLEN AND

NEW ZEALAND NEW ZEALAND NEW ZEALAND NEW ZEALAND AND THE WOODY ALLEN AND THE WOODY ALLEN AND

NEW ZEALAND NEW ZEALAND NEW ZEALAND NEW ZEALAND AND THE WOODY ALLEN AND THE WOODY ALLEN AND THE WOODY ALLEN AND THE WOODY ALLEN SYNDROME SYNDROME SYNDROME SYNDROME by by SEBASTIAN EDWARDS SEBASTIAN EDWARDS University of California,

555 views • 22 slides
Shared Decision Making May 18, 2015 1:00 p.m. 2:30 p.m. ET Sponsored by: Agency for

Shared Decision Making May 18, 2015 1:00 p.m. 2:30 p.m. ET Sponsored by: Agency for

Overcoming Barriers To Shared Decision Making May 18, 2015 1:00 p.m. 2:30 p.m. ET Sponsored by: Agency for Healthcare Research and Quality (AHRQ) 1 Presenters and moderator disclosures The following presenters and moderator have no

938 views • 79 slides
QC-MDPC: A Timing Attack and a CCA2 KEM PQCrypto April 9, 2018 Edward Eaton 1 , Matthieu

QC-MDPC: A Timing Attack and a CCA2 KEM PQCrypto April 9, 2018 Edward Eaton 1 , Matthieu

QC-MDPC: A Timing Attack and a CCA2 KEM PQCrypto April 9, 2018 Edward Eaton 1 , Matthieu Lequesne 2,3 , Alex Parent 1 and Nicolas Sendrier 3 1 - ISARA Corporation, Waterloo, Canada 2 - Sorbonne Universit Paris, France 3 - Inria Paris,

1.05k views • 91 slides
A few thoughts on eee Chih-Hsiang Cheng, Bertrand Echenard, David Hitlin, Frank Porter

A few thoughts on eee Chih-Hsiang Cheng, Bertrand Echenard, David Hitlin, Frank Porter

A few thoughts on eee Chih-Hsiang Cheng, Bertrand Echenard, David Hitlin, Frank Porter California Institute of Technology Intensity frontier workshop Argonne April 2013 Probing Lorentz structure of New Physics Y. Okada et al. , PRD 61

325 views • 8 slides
802.1 Plenary July 2019 Vienna, Austria Closing Agenda John Messenger IEEE 802.1 Acting

802.1 Plenary July 2019 Vienna, Austria Closing Agenda John Messenger IEEE 802.1 Acting

802.1 Plenary July 2019 Vienna, Austria Closing Agenda John Messenger IEEE 802.1 Acting WG Chair JMessenger@advaoptical.com 802.1 plenary agenda Monday opening Thursday closing Call for Patents Call for Patents

1.36k views • 106 slides
DE1.3 - Electronics 1 TOPIC 1 Introducing the Module Prof Peter YK Cheung Dyson School of

DE1.3 - Electronics 1 TOPIC 1 Introducing the Module Prof Peter YK Cheung Dyson School of

Design Engineering Year 1 DE1.3 - Electronics 1 TOPIC 1 Introducing the Module Prof Peter YK Cheung Dyson School of Design Engineering Imperial College London URL: www.ee.ic.ac.uk/pcheung/teaching/DE1_EE/ E-mail: p.cheung@imperial.ac.uk

437 views • 6 slides
Model Theory of the Reflection Scheme Ali Enayat (+ Shahram Mohsenipour) Fifty Years of

Model Theory of the Reflection Scheme Ali Enayat (+ Shahram Mohsenipour) Fifty Years of

Model Theory of the Reflection Scheme Ali Enayat (+ Shahram Mohsenipour) Fifty Years of Generalized Quantifiers Warsaw, Banach Center, June 2007 The reflection principle for ZF : for any set theoretical formula ( x ) (possibly with

201 views • 19 slides
Wilkinsons Corrections and Role of Pseudoscalar Interactions in Neutron Beta Decays Andrey N.

Wilkinsons Corrections and Role of Pseudoscalar Interactions in Neutron Beta Decays Andrey N.

Wilkinsons Corrections and Role of Pseudoscalar Interactions in Neutron Beta Decays Andrey N. Ivanov TU Wien Atominstitut, Austria Amhest Center for Fundamental Interactions 17 May 2019 /USA A. N. Ivanov Current and Future Status of the

422 views • 15 slides
Coding and decoding with convolutional codes. The Viterbi Algorithm. J.-M. Brossier 2008 J.-M.

Coding and decoding with convolutional codes. The Viterbi Algorithm. J.-M. Brossier 2008 J.-M.

Convolutional encoding Finite State Machine Channel models The Viterbi algorithm Coding and decoding with convolutional codes. The Viterbi Algorithm. J.-M. Brossier 2008 J.-M. Brossier Coding and decoding with convolutional codes. The

1.37k views • 135 slides
M.Eng. PROGRAMME @ EEE presented by Goh Wei Jiuan Asst Director Graduate Research Programme

M.Eng. PROGRAMME @ EEE presented by Goh Wei Jiuan Asst Director Graduate Research Programme

M.Eng. PROGRAMME @ EEE presented by Goh Wei Jiuan Asst Director Graduate Research Programme Office School of Electrical and Electronic Engineering 17 Jan 2019 Welcome to School of EEE EEE Graduate PROGRAMMES Master of Engineering (M.Eng.)

660 views • 13 slides
First-class continuations call/cc, stack-passing CEK machines But first Assignment 2 e ::=

First-class continuations call/cc, stack-passing CEK machines But first Assignment 2 e ::=

First-class continuations call/cc, stack-passing CEK machines But first Assignment 2 e ::= (letrec* ([x e] ...) e) | (letrec ([x e] ...) e) | (case e case-clause ...) | (let* ([x e] ...) e) | (if e e e) | (let ([x e] ...) e) | (when e

971 views • 56 slides
Multimedia course CONTINUUM MECHANICS FOR ENGINEERS By Prof. Xavier Oliver Technical University

Multimedia course CONTINUUM MECHANICS FOR ENGINEERS By Prof. Xavier Oliver Technical University

Multimedia course CONTINUUM MECHANICS FOR ENGINEERS By Prof. Xavier Oliver Technical University of Catalonia (UPC/BarcelonaTech) International Center for Numerical Methods in Engineering (CIMNE) http://oliver.rmee.upc.edu/xo First edition May

931 views • 68 slides
Charged kaon identification system for the CMD3 detector

Charged kaon identification system for the CMD3 detector

Charged kaon identification system for the CMD3 detector

299 views • 7 slides
Phenomenological Perspective on (Charged-)LFV Processes Andr e de Gouv ea Northwestern

Phenomenological Perspective on (Charged-)LFV Processes Andr e de Gouv ea Northwestern

Andr e de Gouv ea Northwestern Phenomenological Perspective on (Charged-)LFV Processes Andr e de Gouv ea Northwestern University NuFlavor 2009 June 810, 2009, Coseners House, UK [session: interplay between neutrino masses

826 views • 34 slides

More recommend