rt ttt rt - PowerPoint PPT Presentation

●❡♥❡r✐❝❛❧❧② ✐♥s❡❝✉r❡ ▼✐❧❞❧② ✐♥s❡❝✉r❡ ▼♦st s❡❝✉r❡ ✈❛r✐❛♥t ▼❆❈ P❛❞❞✐♥❣ ♦r❛❝❧❡ ❈✐♣❤❡rt❡①t ✐♥t❡❣r✐t② ❛tt❛❝❦ ●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ • ●❡♥❡r✐❝ ❝♦♥str✉❝t✐♦♥s ❢♦r ❆❊✿ • ❊♥❝ ✰ ▼❆❈ ❂ ❆❊ • ❇❡❧❧❛r❡ ❛♥❞ ◆❛♠♣r❡♠♣r❡ ✭✷✵✵✵✮✿ ✸ ❜❛s✐❝ ❛♣♣r♦❛❝❤❡s ❊✫▼ ▼t❊ ❊t▼ m m m Enc k MAC l MAC l Enc k Enc k MAC l c c c t t t • ❯s❡❞ ✐♥ ❙❙❍ • ❯s❡❞ ✐♥ ❚▲❙ • ❯s❡❞ ✐♥ ■P❙❡❝ ✶✶ ✴ ✺✼

▼✐❧❞❧② ✐♥s❡❝✉r❡ ▼♦st s❡❝✉r❡ ✈❛r✐❛♥t P❛❞❞✐♥❣ ♦r❛❝❧❡ ❈✐♣❤❡rt❡①t ✐♥t❡❣r✐t② ❛tt❛❝❦ ●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ • ●❡♥❡r✐❝ ❝♦♥str✉❝t✐♦♥s ❢♦r ❆❊✿ • ❊♥❝ ✰ ▼❆❈ ❂ ❆❊ • ❇❡❧❧❛r❡ ❛♥❞ ◆❛♠♣r❡♠♣r❡ ✭✷✵✵✵✮✿ ✸ ❜❛s✐❝ ❛♣♣r♦❛❝❤❡s ❊✫▼ ▼t❊ ❊t▼ m m m Enc k MAC l MAC l Enc k Enc k MAC l c c c t t t • ❯s❡❞ ✐♥ ❙❙❍ • ❯s❡❞ ✐♥ ❚▲❙ • ❯s❡❞ ✐♥ ■P❙❡❝ • ●❡♥❡r✐❝❛❧❧② ✐♥s❡❝✉r❡ • ▼❆❈ L ( m ) = m � t ✶✶ ✴ ✺✼

▼♦st s❡❝✉r❡ ✈❛r✐❛♥t ❈✐♣❤❡rt❡①t ✐♥t❡❣r✐t② ●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ • ●❡♥❡r✐❝ ❝♦♥str✉❝t✐♦♥s ❢♦r ❆❊✿ • ❊♥❝ ✰ ▼❆❈ ❂ ❆❊ • ❇❡❧❧❛r❡ ❛♥❞ ◆❛♠♣r❡♠♣r❡ ✭✷✵✵✵✮✿ ✸ ❜❛s✐❝ ❛♣♣r♦❛❝❤❡s ❊✫▼ ▼t❊ ❊t▼ m m m Enc k MAC l MAC l Enc k Enc k MAC l c c c t t t • ❯s❡❞ ✐♥ ❙❙❍ • ❯s❡❞ ✐♥ ❚▲❙ • ❯s❡❞ ✐♥ ■P❙❡❝ • ●❡♥❡r✐❝❛❧❧② ✐♥s❡❝✉r❡ • ▼✐❧❞❧② ✐♥s❡❝✉r❡ • ▼❆❈ L ( m ) = m � t • P❛❞❞✐♥❣ ♦r❛❝❧❡ ❛tt❛❝❦ ✶✶ ✴ ✺✼

●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ • ●❡♥❡r✐❝ ❝♦♥str✉❝t✐♦♥s ❢♦r ❆❊✿ • ❊♥❝ ✰ ▼❆❈ ❂ ❆❊ • ❇❡❧❧❛r❡ ❛♥❞ ◆❛♠♣r❡♠♣r❡ ✭✷✵✵✵✮✿ ✸ ❜❛s✐❝ ❛♣♣r♦❛❝❤❡s ❊✫▼ ▼t❊ ❊t▼ m m m Enc k MAC l MAC l Enc k Enc k MAC l c c c t t t • ❯s❡❞ ✐♥ ❙❙❍ • ❯s❡❞ ✐♥ ❚▲❙ • ❯s❡❞ ✐♥ ■P❙❡❝ • ●❡♥❡r✐❝❛❧❧② ✐♥s❡❝✉r❡ • ▼✐❧❞❧② ✐♥s❡❝✉r❡ • ▼♦st s❡❝✉r❡ ✈❛r✐❛♥t • ▼❆❈ L ( m ) = m � t • P❛❞❞✐♥❣ ♦r❛❝❧❡ • ❈✐♣❤❡rt❡①t ✐♥t❡❣r✐t② ❛tt❛❝❦ ✶✶ ✴ ✺✼

P❛r❛❧❧❡❧✐③❛❜❧❡ ❊✈❛❧✉❛t❡s ♦♥❧② ✭♥♦ ✮ Pr♦✈❛❜❧② s❡❝✉r❡ ✭✐❢ ✐s P❘P✮ ❱❡r② ❡✣❝✐❡♥t ✐♥ ❍❲ ❘❡❛s♦♥❛❜❧② ❡✣❝✐❡♥t ✐♥ ❙❲ ❲❤❛t ❤❛♣♣❡♥s ✐❢ ♥♦♥❝❡ ✐s r❡✲✉s❡❞❄ ●❈▼ ❢♦r 96 ✲❜✐t ♥♦♥❝❡ N • ▼❝●r❡✇ ❛♥❞ ❱✐❡❣❛ ✭✷✵✵✹✮ N � 1 N � 2 N � 3 N � ( m + 1) • ❊t▼ ❞❡s✐❣♥ • ❲✐❞❡❧② ✉s❡❞ ✭❚▲❙✦✮ E K E K E K E K • P❛t❡♥t✲❢r❡❡ M 1 M 2 M m ENC C 1 C 2 C m A GHASH L MAC T ✶✷ ✴ ✺✼

❲❤❛t ❤❛♣♣❡♥s ✐❢ ♥♦♥❝❡ ✐s r❡✲✉s❡❞❄ ●❈▼ ❢♦r 96 ✲❜✐t ♥♦♥❝❡ N • ▼❝●r❡✇ ❛♥❞ ❱✐❡❣❛ ✭✷✵✵✹✮ N � 1 N � 2 N � 3 N � ( m + 1) • ❊t▼ ❞❡s✐❣♥ • ❲✐❞❡❧② ✉s❡❞ ✭❚▲❙✦✮ E K E K E K E K • P❛t❡♥t✲❢r❡❡ M 1 M 2 M m ENC • P❛r❛❧❧❡❧✐③❛❜❧❡ C 1 C 2 C m • ❊✈❛❧✉❛t❡s E ♦♥❧② ✭♥♦ E − 1 ✮ • Pr♦✈❛❜❧② s❡❝✉r❡ A GHASH L ✭✐❢ E ✐s P❘P✮ MAC • ❱❡r② ❡✣❝✐❡♥t ✐♥ ❍❲ T • ❘❡❛s♦♥❛❜❧② ❡✣❝✐❡♥t ✐♥ ❙❲ ✶✷ ✴ ✺✼

●❈▼ ❢♦r 96 ✲❜✐t ♥♦♥❝❡ N • ▼❝●r❡✇ ❛♥❞ ❱✐❡❣❛ ✭✷✵✵✹✮ N � 1 N � 2 N � 3 N � ( m + 1) • ❊t▼ ❞❡s✐❣♥ • ❲✐❞❡❧② ✉s❡❞ ✭❚▲❙✦✮ E K E K E K E K • P❛t❡♥t✲❢r❡❡ M 1 M 2 M m ENC • P❛r❛❧❧❡❧✐③❛❜❧❡ C 1 C 2 C m • ❊✈❛❧✉❛t❡s E ♦♥❧② ✭♥♦ E − 1 ✮ • Pr♦✈❛❜❧② s❡❝✉r❡ A GHASH L ✭✐❢ E ✐s P❘P✮ MAC • ❱❡r② ❡✣❝✐❡♥t ✐♥ ❍❲ T • ❘❡❛s♦♥❛❜❧② ❡✣❝✐❡♥t ✐♥ ❙❲ ❲❤❛t ❤❛♣♣❡♥s ✐❢ ♥♦♥❝❡ ✐s r❡✲✉s❡❞❄ ✶✷ ✴ ✺✼

■♥❤❡r✐ts ●❈▼ ❢❡❛t✉r❡s ❙❡❝✉r❡ ❛❣❛✐♥st ♥♦♥❝❡✲r❡✉s❡ Pr♦♦❢✿ ■✇❛t❛ ❛♥❞ ❙❡✉r✐♥ ✭✷✵✶✼✮ ●❈▼✲❙■❱ T +0 T +1 T +( m − 1) N • ●✉❡r♦♥ ❛♥❞ ▲✐♥❞❡❧❧ ✭✷✵✶✺✮ KeyGen E k E K E K E K • ▼t❊ ❞❡s✐❣♥ • ❖♥❣♦✐♥❣ st❛♥❞❛r❞✐③❛t✐♦♥ C 1 C 2 C m ENC ( K, L ) ✭■❊❚❋ ❘❋❈✮ KEY M 1 M 2 M m • P❛t❡♥t✲❢r❡❡ A GHASH L N E K MAC T ✶✸ ✴ ✺✼

●❈▼✲❙■❱ T +0 T +1 T +( m − 1) N • ●✉❡r♦♥ ❛♥❞ ▲✐♥❞❡❧❧ ✭✷✵✶✺✮ KeyGen E k E K E K E K • ▼t❊ ❞❡s✐❣♥ • ❖♥❣♦✐♥❣ st❛♥❞❛r❞✐③❛t✐♦♥ C 1 C 2 C m ENC ( K, L ) ✭■❊❚❋ ❘❋❈✮ KEY M 1 M 2 M m • P❛t❡♥t✲❢r❡❡ A GHASH L • ■♥❤❡r✐ts ●❈▼ ❢❡❛t✉r❡s • ❙❡❝✉r❡ ❛❣❛✐♥st ♥♦♥❝❡✲r❡✉s❡ N • Pr♦♦❢✿ ■✇❛t❛ ❛♥❞ ❙❡✉r✐♥ E K MAC ✭✷✵✶✼✮ T ✶✸ ✴ ✺✼

❖✉t❧✐♥❡ ●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ ▲✐♥❦ ❲✐t❤ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ ◆♦♥❝❡✲❘❡✉s❡ ❈♦♥❝❧✉s✐♦♥ ✶✹ ✴ ✺✼

❚✇❡❛❦✿ ✢❡①✐❜✐❧✐t② t♦ t❤❡ ❝✐♣❤❡r ❊❛❝❤ t✇❡❛❦ ❣✐✈❡s ❞✐✛❡r❡♥t ♣❡r♠✉t❛t✐♦♥ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs k m c E ✶✺ ✴ ✺✼

❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs k � m c E t • ❚✇❡❛❦✿ ✢❡①✐❜✐❧✐t② t♦ t❤❡ ❝✐♣❤❡r • ❊❛❝❤ t✇❡❛❦ ❣✐✈❡s ❞✐✛❡r❡♥t ♣❡r♠✉t❛t✐♦♥ ✶✺ ✴ ✺✼

tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡r ❙❡❝✉r✐t② � E k � π IC tweakable blockcipher random tweakable permutation distinguisher D • � E k s❤♦✉❧❞ ❧♦♦❦ ❧✐❦❡ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❉✐✛❡r❡♥t t✇❡❛❦s − → ♣s❡✉❞♦✲✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s ✶✻ ✴ ✺✼

❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡r ❙❡❝✉r✐t② � E k π � IC tweakable blockcipher random tweakable permutation distinguisher D • � E k s❤♦✉❧❞ ❧♦♦❦ ❧✐❦❡ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❉✐✛❡r❡♥t t✇❡❛❦s − → ♣s❡✉❞♦✲✐♥❞❡♣❡♥❞❡♥t ♣❡r♠✉t❛t✐♦♥s • D tr✐❡s t♦ ❞❡t❡r♠✐♥❡ ✇❤✐❝❤ ♦r❛❝❧❡ ✐t ❝♦♠♠✉♥✐❝❛t❡s ✇✐t❤ � �� π − 1 = 1 � � E k , � � E − 1 Adv stprp D � π, � ( D ) = � Pr D = 1 − Pr � k � E ✶✻ ✴ ✺✼

✐♥ ❈❆❊❙❆❘ ❑■❆❙❯✱ ❈❇❆✱ ❈❖❇❘❆✱ ✐❋❡❡❞✱ Prøst✱ ❏♦❧t✐❦ ✱ ▼❛r❜❧❡✱ ❖▼❉ ✱ P❖❊❚ ✱ ▼✐♥❛❧♣❤❡r ❙❈❘❊❆▼ ✱ ❙❍❊▲▲ ✱ ❆❊❩ ✱ ❈❖P❆ ✴ ❉❡♦①②s ❊▲♠❉ ✱ ❖❈❇ ✱ ❖❚❘ ✜rst r♦✉♥❞✱ s❡❝♦♥❞ r♦✉♥❞ ✱ t❤✐r❞ r♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡r ❉❡s✐❣♥s � � E E � E P E t ❉❡❞✐❝❛t❡❞ ❇❧♦❝❦❝✐♣❤❡r✲❇❛s❡❞ P❡r♠✉t❛t✐♦♥✲❇❛s❡❞ ✶✼ ✴ ✺✼

❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡r ❉❡s✐❣♥s ✐♥ ❈❆❊❙❆❘ � � E E � E P E t ❉❡❞✐❝❛t❡❞ ❇❧♦❝❦❝✐♣❤❡r✲❇❛s❡❞ P❡r♠✉t❛t✐♦♥✲❇❛s❡❞ ❑■❆❙❯✱ ❈❇❆✱ ❈❖❇❘❆✱ ✐❋❡❡❞✱ Prøst✱ ❏♦❧t✐❦ ✱ ▼❛r❜❧❡✱ ❖▼❉ ✱ P❖❊❚ ✱ ▼✐♥❛❧♣❤❡r ❙❈❘❊❆▼ ✱ ❙❍❊▲▲ ✱ ❆❊❩ ✱ ❈❖P❆ ✴ ❉❡♦①②s ❊▲♠❉ ✱ ❖❈❇ ✱ ❖❚❘ ✜rst r♦✉♥❞✱ s❡❝♦♥❞ r♦✉♥❞ ✱ t❤✐r❞ r♦✉♥❞ ✶✼ ✴ ✺✼

■♥t❡r♥❛❧❧② ❜❛s❡❞ ♦♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚✇❡❛❦ ✐s ✉♥✐q✉❡ ❢♦r ❡✈❡r② ❡✈❛❧✉❛t✐♦♥ ❉✐✛❡r❡♥t ❜❧♦❝❦s ❛❧✇❛②s tr❛♥s❢♦r♠❡❞ ✉♥❞❡r ❞✐✛❡r❡♥t t✇❡❛❦ ❚r✐❛♥❣❧❡ ✐♥❡q✉❛❧✐t②✿ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✶✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa ˜ ˜ ˜ ˜ ˜ ˜ ˜ E E E E E E E k k k k k k k C 1 C 2 C d T • ●❡♥❡r❛❧✐③❡❞ ❖❈❇ ❜② ❘♦❣❛✇❛② ❡t ❛❧✳ ❬❘❇❇❑✵✶✱❘♦❣✵✹✱❑❘✶✶❪ ✶✽ ✴ ✺✼

❚r✐❛♥❣❧❡ ✐♥❡q✉❛❧✐t②✿ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✶✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa ˜ ˜ ˜ ˜ ˜ ˜ ˜ E E E E E E E k k k k k k k C 1 C 2 C d T • ●❡♥❡r❛❧✐③❡❞ ❖❈❇ ❜② ❘♦❣❛✇❛② ❡t ❛❧✳ ❬❘❇❇❑✵✶✱❘♦❣✵✹✱❑❘✶✶❪ • ■♥t❡r♥❛❧❧② ❜❛s❡❞ ♦♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r � E • ❚✇❡❛❦ ( N, tweak ) ✐s ✉♥✐q✉❡ ❢♦r ❡✈❡r② ❡✈❛❧✉❛t✐♦♥ • ❉✐✛❡r❡♥t ❜❧♦❝❦s ❛❧✇❛②s tr❛♥s❢♦r♠❡❞ ✉♥❞❡r ❞✐✛❡r❡♥t t✇❡❛❦ ✶✽ ✴ ✺✼

❚r✐❛♥❣❧❡ ✐♥❡q✉❛❧✐t②✿ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✶✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa ˜ ˜ ˜ ˜ ˜ ˜ ˜ E E E E E E E k k k k k k k C 1 C 2 C d T • ●❡♥❡r❛❧✐③❡❞ ❖❈❇ ❜② ❘♦❣❛✇❛② ❡t ❛❧✳ ❬❘❇❇❑✵✶✱❘♦❣✵✹✱❑❘✶✶❪ • ■♥t❡r♥❛❧❧② ❜❛s❡❞ ♦♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r � E • ❚✇❡❛❦ ( N, tweak ) ✐s ✉♥✐q✉❡ ❢♦r ❡✈❡r② ❡✈❛❧✉❛t✐♦♥ • ❉✐✛❡r❡♥t ❜❧♦❝❦s ❛❧✇❛②s tr❛♥s❢♦r♠❡❞ ✉♥❞❡r ❞✐✛❡r❡♥t t✇❡❛❦ Adv ae E k ] ( σ ) AE [ � ✶✽ ✴ ✺✼

❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✶✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ ˜ π π ˜ ˜ π C 1 C 2 C d T • ●❡♥❡r❛❧✐③❡❞ ❖❈❇ ❜② ❘♦❣❛✇❛② ❡t ❛❧✳ ❬❘❇❇❑✵✶✱❘♦❣✵✹✱❑❘✶✶❪ • ■♥t❡r♥❛❧❧② ❜❛s❡❞ ♦♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r � E • ❚✇❡❛❦ ( N, tweak ) ✐s ✉♥✐q✉❡ ❢♦r ❡✈❡r② ❡✈❛❧✉❛t✐♦♥ • ❉✐✛❡r❡♥t ❜❧♦❝❦s ❛❧✇❛②s tr❛♥s❢♦r♠❡❞ ✉♥❞❡r ❞✐✛❡r❡♥t t✇❡❛❦ • ❚r✐❛♥❣❧❡ ✐♥❡q✉❛❧✐t②✿ Adv ae E k ] ( σ ) ≤ Adv ae π ] ( σ ) AE [ � AE [ � ✶✽ ✴ ✺✼

❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✶✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ ˜ π π ˜ π ˜ ˜ π C 1 C 2 C d T • ●❡♥❡r❛❧✐③❡❞ ❖❈❇ ❜② ❘♦❣❛✇❛② ❡t ❛❧✳ ❬❘❇❇❑✵✶✱❘♦❣✵✹✱❑❘✶✶❪ • ■♥t❡r♥❛❧❧② ❜❛s❡❞ ♦♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r � E • ❚✇❡❛❦ ( N, tweak ) ✐s ✉♥✐q✉❡ ❢♦r ❡✈❡r② ❡✈❛❧✉❛t✐♦♥ • ❉✐✛❡r❡♥t ❜❧♦❝❦s ❛❧✇❛②s tr❛♥s❢♦r♠❡❞ ✉♥❞❡r ❞✐✛❡r❡♥t t✇❡❛❦ • ❚r✐❛♥❣❧❡ ✐♥❡q✉❛❧✐t②✿ π ] ( σ ) + Adv stprp Adv ae E k ] ( σ ) ≤ Adv ae ( σ ) AE [ � AE [ � � E ✶✽ ✴ ✺✼

❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st ❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss t✇❡❛❦ ✉♥✐q✉❡♥❡ss ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ ˜ π π ˜ π ˜ C 1 C 2 C d T ✶✾ ✴ ✺✼

❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st ❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ ˜ π π ˜ ˜ π C 1 C 2 C d T • ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss ⇒ t✇❡❛❦ ✉♥✐q✉❡♥❡ss ✶✾ ✴ ✺✼

❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st ❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ π ˜ π ˜ ˜ π C 1 C 2 C d T • ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss ⇒ t✇❡❛❦ ✉♥✐q✉❡♥❡ss • ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ AE [ � π ] = $ ✶✾ ✴ ✺✼

❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ ❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ π ˜ π ˜ ˜ π C 1 C 2 C d T • ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss ⇒ t✇❡❛❦ ✉♥✐q✉❡♥❡ss • ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ AE [ � π ] = $ • ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ ✶✾ ✴ ✺✼

❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ ˜ π π ˜ ˜ π C 1 C 2 C d T • ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss ⇒ t✇❡❛❦ ✉♥✐q✉❡♥❡ss • ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ AE [ � π ] = $ • ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ • ❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st 1 / (2 n − 1) ✶✾ ✴ ✺✼

❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ ❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ ˜ π π ˜ ˜ π C 1 C 2 C d T • ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss ⇒ t✇❡❛❦ ✉♥✐q✉❡♥❡ss • ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ AE [ � π ] = $ • ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ • ❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st 1 / (2 n − 1) π ] ( σ ) ≤ 1 / (2 n − 1) Adv ae AE [ � ✶✾ ✴ ✺✼

❊①❛♠♣❧❡ ❯s❡ ✐♥ ❖❈❇① ✭✷✴✷✮ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t A1 N, t A2 N, t M ⊕ N, t M1 N, t M2 N, t Md N, t Aa π ˜ π ˜ π ˜ π ˜ ˜ π π ˜ ˜ π C 1 C 2 C d ❞❡s✐❣♥ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡r ❚♦ ❞♦✿ T • ◆♦♥❝❡ ✉♥✐q✉❡♥❡ss ⇒ t✇❡❛❦ ✉♥✐q✉❡♥❡ss • ❊♥❝r②♣t✐♦♥ ❝❛❧❧s ❜❡❤❛✈❡ ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥s✿ AE [ � π ] = $ • ❆✉t❤❡♥t✐❝❛t✐♦♥ ❜❡❤❛✈❡s ❧✐❦❡ r❛♥❞♦♠ ❢✉♥❝t✐♦♥ • ❚❛❣ ❢♦r❣❡❞ ✇✐t❤ ♣r♦❜❛❜✐❧✐t② ❛t ♠♦st 1 / (2 n − 1) π ] ( σ ) ≤ 1 / (2 n − 1) Adv ae AE [ � ✶✾ ✴ ✺✼

❉❡❞✐❝❛t❡❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❍❛st② P✉❞❞✐♥❣ ❈✐♣❤❡r ❬❙❝❤✾✽❪ • ❆❊❙ s✉❜♠✐ss✐♦♥✱ ✏✜rst t✇❡❛❦❛❜❧❡ ❝✐♣❤❡r✑ • ▼❡r❝② ❬❈r♦✵✶❪ • ❉✐s❦ ❡♥❝r②♣t✐♦♥ • ❚❤r❡❡✜s❤ ❬❋▲❙✰✵✼❪ • ❙❍❆✲✸ s✉❜♠✐ss✐♦♥ ❙❦❡✐♥ • ❚❲❊❆❑❊❨ ❢r❛♠❡✇♦r❦ ❬❏◆P✶✹❪ • ❋♦✉r ❈❆❊❙❆❘ s✉❜♠✐ss✐♦♥s • ❙❑■◆◆❨ ✫ ▼❆◆❚■❙ ✷✵ ✴ ✺✼

❙❡❝✉r✐t② ♠❡❛s✉r❡❞ t❤r♦✉❣❤ ❝r②♣t❛♥❛❧②s✐s ❖✉r ❢♦❝✉s✿ ♠♦❞✉❧❛r ❞❡s✐❣♥ ❚❲❊❆❑❊❨ ❋r❛♠❡✇♦r❦ • ❚❲❊❆❑❊❨ ❜② ❏❡❛♥ ❡t ❛❧✳ ❬❏◆P✶✹❪ ✿ ( k, t ) h h h · · · · · · g g g g f f f m c · · · · · · • f ✿ r♦✉♥❞ ❢✉♥❝t✐♦♥ • g ✿ s✉❜❦❡② ❝♦♠♣✉t❛t✐♦♥ • h ✿ tr❛♥s❢♦r♠❛t✐♦♥ ♦❢ ( k, t ) ✷✶ ✴ ✺✼

❚❲❊❆❑❊❨ ❋r❛♠❡✇♦r❦ • ❚❲❊❆❑❊❨ ❜② ❏❡❛♥ ❡t ❛❧✳ ❬❏◆P✶✹❪ ✿ ( k, t ) h h h · · · · · · g g g g f f f m c · · · · · · • f ✿ r♦✉♥❞ ❢✉♥❝t✐♦♥ • g ✿ s✉❜❦❡② ❝♦♠♣✉t❛t✐♦♥ • h ✿ tr❛♥s❢♦r♠❛t✐♦♥ ♦❢ ( k, t ) • ❙❡❝✉r✐t② ♠❡❛s✉r❡❞ t❤r♦✉❣❤ ❝r②♣t❛♥❛❧②s✐s • ❖✉r ❢♦❝✉s✿ ♠♦❞✉❧❛r ❞❡s✐❣♥ ✷✶ ✴ ✺✼

❖✉t❧✐♥❡ ●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ ▲✐♥❦ ❲✐t❤ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ◆♦♥❝❡✲❘❡✉s❡ ❈♦♥❝❧✉s✐♦♥ ✷✷ ✴ ✺✼

❜❧❡♥❞ ✐t ✇✐t❤ t❤❡ ❦❡② ❜❧❡♥❞ ✐t ✇✐t❤ t❤❡ st❛t❡ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t ? m c E • ❈♦♥s✐❞❡r ❛ ❜❧♦❝❦❝✐♣❤❡r E ✇✐t❤ κ ✲❜✐t ❦❡② ❛♥❞ n ✲❜✐t st❛t❡ ❍♦✇ t♦ ♠✐♥❣❧❡ t❤❡ t✇❡❛❦ ✐♥t♦ t❤❡ ❡✈❛❧✉❛t✐♦♥❄ ✷✸ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t ? m c E • ❈♦♥s✐❞❡r ❛ ❜❧♦❝❦❝✐♣❤❡r E ✇✐t❤ κ ✲❜✐t ❦❡② ❛♥❞ n ✲❜✐t st❛t❡ ❍♦✇ t♦ ♠✐♥❣❧❡ t❤❡ t✇❡❛❦ ✐♥t♦ t❤❡ ❡✈❛❧✉❛t✐♦♥❄ − − − − − − ← ← ❜❧❡♥❞ ✐t ✇✐t❤ t❤❡ ❦❡② ❜❧❡♥❞ ✐t ✇✐t❤ t❤❡ st❛t❡ ✷✸ ✴ ✺✼

❋♦r ✲♠✐①✐♥❣✱ ❦❡② ❝❛♥ ❜❡ r❡❝♦✈❡r❡❞ ✐♥ ❡✈❛❧✉❛t✐♦♥s ❙❝❤❡♠❡ ✐s ✐♥s❡❝✉r❡ ✐❢ ✐s ❊✈❡♥✲▼❛♥s♦✉r ❚❲❊❆❑❊❨ ❜❧❡♥❞✐♥❣ ❬❏◆P✶✹❪ ✐s ♠♦r❡ ❛❞✈❛♥❝❡❞ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❇❧❡♥❞✐♥❣ t✇❡❛❦ ❛♥❞ ❦❡② ✇♦r❦s✳ ✳ ✳ • ✳ ✳ ✳ ❜✉t✿ ❝❛r❡❢✉❧ ✇✐t❤ r❡❧❛t❡❞✲❦❡② ❛tt❛❝❦s✦ ✷✹ ✴ ✺✼

❚❲❊❆❑❊❨ ❜❧❡♥❞✐♥❣ ❬❏◆P✶✹❪ ✐s ♠♦r❡ ❛❞✈❛♥❝❡❞ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❇❧❡♥❞✐♥❣ t✇❡❛❦ ❛♥❞ ❦❡② ✇♦r❦s✳ ✳ ✳ • ✳ ✳ ✳ ❜✉t✿ ❝❛r❡❢✉❧ ✇✐t❤ r❡❧❛t❡❞✲❦❡② ❛tt❛❝❦s✦ • ❋♦r ⊕ ✲♠✐①✐♥❣✱ ❦❡② ❝❛♥ ❜❡ r❡❝♦✈❡r❡❞ ✐♥ 2 κ/ 2 ❡✈❛❧✉❛t✐♦♥s • ❙❝❤❡♠❡ ✐s ✐♥s❡❝✉r❡ ✐❢ E ✐s ❊✈❡♥✲▼❛♥s♦✉r ✷✹ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❇❧❡♥❞✐♥❣ t✇❡❛❦ ❛♥❞ ❦❡② ✇♦r❦s✳ ✳ ✳ • ✳ ✳ ✳ ❜✉t✿ ❝❛r❡❢✉❧ ✇✐t❤ r❡❧❛t❡❞✲❦❡② ❛tt❛❝❦s✦ • ❋♦r ⊕ ✲♠✐①✐♥❣✱ ❦❡② ❝❛♥ ❜❡ r❡❝♦✈❡r❡❞ ✐♥ 2 κ/ 2 ❡✈❛❧✉❛t✐♦♥s • ❙❝❤❡♠❡ ✐s ✐♥s❡❝✉r❡ ✐❢ E ✐s ❊✈❡♥✲▼❛♥s♦✉r • ❚❲❊❆❑❊❨ ❜❧❡♥❞✐♥❣ ❬❏◆P✶✹❪ ✐s ♠♦r❡ ❛❞✈❛♥❝❡❞ ✷✹ ✴ ✺✼

❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ ✷✺ ✴ ✺✼

❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) ✷✺ ✴ ✺✼

❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h ✷✺ ✴ ✺✼

❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h • ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ � E − 1 k ✷✺ ✴ ✺✼

❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h • ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ � E − 1 k • � k ( t, c ) ⊕ � E − 1 E − 1 k ( t ⊕ C, c ) = h ⊗ C ✷✺ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h • ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ � E − 1 k • � k ( t, c ) ⊕ � E − 1 E − 1 k ( t ⊕ C, c ) = h ⊗ C • ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ✷✺ ✴ ✺✼

▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t h ⊗ t m c E • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ ✷✻ ✴ ✺✼

▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k f ( t ) f ( t ) m c E • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f ✷✻ ✴ ✺✼

▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k f 1 ( t ) f 2 ( t ) m c E • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f • ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s f 1 , f 2 ✷✻ ✴ ✺✼

▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ f 1 ( t ) f 2 ( t ) P m c • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f • ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s f 1 , f 2 • ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ E ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ✷✻ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ f 1 ( t ) f 2 ( t ) ▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs P m c ❢♦❧❧♦✇ ♠❛s❦✲ E k /P ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f • ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s f 1 , f 2 • ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ E ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ✷✻ ✴ ✺✼

❙t❡♣ ✶✿ ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s ♥❡❡❞ ❛t ♠♦st❄ ❙t❡♣ ✶✿ ❇♦✐❧s ❞♦✇♥ t♦ ✜♥❞✐♥❣ ❣❡♥❡r✐❝ ❛tt❛❝❦s ❙t❡♣ ✷✿ ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s ♥❡❡❞ ❛t ❧❡❛st❄ ❙t❡♣ ✷✿ ❇♦✐❧s ❞♦✇♥ t♦ ♣r♦✈❛❜❧❡ s❡❝✉r✐t② ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • � E k s❤♦✉❧❞ ✏❧♦♦❦ ❧✐❦❡✑ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❈♦♥s✐❞❡r ❛❞✈❡rs❛r② D t❤❛t ♠❛❦❡s q ❡✈❛❧✉❛t✐♦♥s ♦❢ � E k ✷✼ ✴ ✺✼

❙t❡♣ ✷✿ ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s ♥❡❡❞ ❛t ❧❡❛st❄ ❙t❡♣ ✷✿ ❇♦✐❧s ❞♦✇♥ t♦ ♣r♦✈❛❜❧❡ s❡❝✉r✐t② ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • � E k s❤♦✉❧❞ ✏❧♦♦❦ ❧✐❦❡✑ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❈♦♥s✐❞❡r ❛❞✈❡rs❛r② D t❤❛t ♠❛❦❡s q ❡✈❛❧✉❛t✐♦♥s ♦❢ � E k • ❙t❡♣ ✶✿ • ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s D ♥❡❡❞ ❛t ♠♦st❄ ❙t❡♣ ✶✿ • ❇♦✐❧s ❞♦✇♥ t♦ ✜♥❞✐♥❣ ❣❡♥❡r✐❝ ❛tt❛❝❦s ✷✼ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • � E k s❤♦✉❧❞ ✏❧♦♦❦ ❧✐❦❡✑ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❈♦♥s✐❞❡r ❛❞✈❡rs❛r② D t❤❛t ♠❛❦❡s q ❡✈❛❧✉❛t✐♦♥s ♦❢ � E k • ❙t❡♣ ✶✿ • ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s D ♥❡❡❞ ❛t ♠♦st❄ ❙t❡♣ ✶✿ • ❇♦✐❧s ❞♦✇♥ t♦ ✜♥❞✐♥❣ ❣❡♥❡r✐❝ ❛tt❛❝❦s • ❙t❡♣ ✷✿ • ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s D ♥❡❡❞ ❛t ❧❡❛st❄ ❙t❡♣ ✷✿ • ❇♦✐❧s ❞♦✇♥ t♦ ♣r♦✈❛❜❧❡ s❡❝✉r✐t② ✷✼ ✴ ✺✼

❋♦r ❛♥② t✇♦ q✉❡r✐❡s ✱ ✿ ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ ①♦r❡❞ t♦ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c ✷✽ ✴ ✺✼

❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ ①♦r❡❞ t♦ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) ✷✽ ✴ ✺✼

■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ ①♦r❡❞ t♦ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s ✷✽ ✴ ✺✼

❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s • ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ C ①♦r❡❞ t♦ m, m ′ ✷✽ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s • ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ C ①♦r❡❞ t♦ m, m ′ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ≈ 2 n/ 2 ❡✈❛❧✉❛t✐♦♥s ✷✽ ✴ ✺✼

❚②♣✐❝❛❧ ❛♣♣r♦❛❝❤✿ ❈♦♥s✐❞❡r ❛♥② tr❛♥s❝r✐♣t ❛♥ ❛❞✈❡rs❛r② ♠❛② s❡❡ ▼♦st ✬s s❤♦✉❧❞ ❜❡ ❡q✉❛❧❧② ❧✐❦❡❧② ✐♥ ❜♦t❤ ✇♦r❧❞s ❖❞❞ ♦♥❡s s❤♦✉❧❞ ❤❛♣♣❡♥ ✇✐t❤ ✈❡r② s♠❛❧❧ ♣r♦❜❛❜✐❧✐t② ❆❧❧ ❝♦♥str✉❝t✐♦♥s ✐♥ t❤✐s ♣r❡s❡♥t❛t✐♦♥✿ s❡❝✉r❡ ✉♣ t♦ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❚❤❡ ❢✉♥ st❛rts ❤❡r❡✦ • ▼♦r❡ t❡❝❤♥✐❝❛❧ ❛♥❞ ♦❢t❡♥ ♠♦r❡ ✐♥✈♦❧✈❡❞ ✷✾ ✴ ✺✼

❆❧❧ ❝♦♥str✉❝t✐♦♥s ✐♥ t❤✐s ♣r❡s❡♥t❛t✐♦♥✿ s❡❝✉r❡ ✉♣ t♦ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❚❤❡ ❢✉♥ st❛rts ❤❡r❡✦ • ▼♦r❡ t❡❝❤♥✐❝❛❧ ❛♥❞ ♦❢t❡♥ ♠♦r❡ ✐♥✈♦❧✈❡❞ • ❚②♣✐❝❛❧ ❛♣♣r♦❛❝❤✿ • ❈♦♥s✐❞❡r ❛♥② tr❛♥s❝r✐♣t τ ❛♥ ❛❞✈❡rs❛r② ♠❛② s❡❡ • ▼♦st τ ✬s s❤♦✉❧❞ ❜❡ ❡q✉❛❧❧② ❧✐❦❡❧② ✐♥ ❜♦t❤ ✇♦r❧❞s • ❖❞❞ ♦♥❡s s❤♦✉❧❞ ❤❛♣♣❡♥ ✇✐t❤ ✈❡r② s♠❛❧❧ ♣r♦❜❛❜✐❧✐t② ✷✾ ✴ ✺✼

■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❚❤❡ ❢✉♥ st❛rts ❤❡r❡✦ • ▼♦r❡ t❡❝❤♥✐❝❛❧ ❛♥❞ ♦❢t❡♥ ♠♦r❡ ✐♥✈♦❧✈❡❞ • ❚②♣✐❝❛❧ ❛♣♣r♦❛❝❤✿ • ❈♦♥s✐❞❡r ❛♥② tr❛♥s❝r✐♣t τ ❛♥ ❛❞✈❡rs❛r② ♠❛② s❡❡ • ▼♦st τ ✬s s❤♦✉❧❞ ❜❡ ❡q✉❛❧❧② ❧✐❦❡❧② ✐♥ ❜♦t❤ ✇♦r❧❞s • ❖❞❞ ♦♥❡s s❤♦✉❧❞ ❤❛♣♣❡♥ ✇✐t❤ ✈❡r② s♠❛❧❧ ♣r♦❜❛❜✐❧✐t② ❆❧❧ ❝♦♥str✉❝t✐♦♥s ✐♥ t❤✐s ♣r❡s❡♥t❛t✐♦♥✿ s❡❝✉r❡ ✉♣ t♦ ≈ 2 n/ 2 ❡✈❛❧✉❛t✐♦♥s ✷✾ ✴ ✺✼

❖✉t❧✐♥❡ ●❡♥❡r✐❝ ❈♦♠♣♦s✐t✐♦♥ ▲✐♥❦ ❲✐t❤ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ◆♦♥❝❡✲❘❡✉s❡ ❈♦♥❝❧✉s✐♦♥ ✸✵ ✴ ✺✼

t②♣✐❝❛❧❧② ✶✷✽ ❜✐ts ♠✉❝❤ ❧❛r❣❡r✿ ✷✺✻✲✶✻✵✵ ❜✐ts ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ ❇❧♦❝❦❝✐♣❤❡r✲❇❛s❡❞✳ ♣P❡r♠✉t❛t✐♦♥✲❇❛s❡❞✳♣ tweak-based mask tweak-based mask m E k c m P c ✸✶ ✴ ✺✼

❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ ❇❧♦❝❦❝✐♣❤❡r✲❇❛s❡❞✳ ♣P❡r♠✉t❛t✐♦♥✲❇❛s❡❞✳♣ tweak-based mask tweak-based mask m E k c m P c t②♣✐❝❛❧❧② ✶✷✽ ❜✐ts ♠✉❝❤ ❧❛r❣❡r✿ ✷✺✻✲✶✻✵✵ ❜✐ts ✸✶ ✴ ✺✼

❖r✐❣✐♥❛❧ ❈♦♥str✉❝t✐♦♥s • LRW 1 ❛♥❞ LRW 2 ❜② ▲✐s❦♦✈ ❡t ❛❧✳ ❬▲❘❲✵✷❪ ✿ h ( t ) t m E k E k c m E k c • h ✐s ❳❖❘✲✉♥✐✈❡rs❛❧ ❤❛s❤ • ❊✳❣✳✱ h ( t ) = h ⊗ t ❢♦r n ✲❜✐t ✏❦❡②✑ h ✸✷ ✴ ✺✼

❯s❡❞ ✐♥ ❖❈❇✷ ❛♥❞ ✶✹ ❈❆❊❙❆❘ ❝❛♥❞✐❞❛t❡s P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ ✈❛r✐❛♥ts ✐♥ ▼✐♥❛❧♣❤❡r ❛♥❞ Prøst ✭❣❡♥❡r❛❧✐③❡❞ ❜② ❈♦❣❧✐❛t✐ ❡t ❛❧✳ ❬❈▲❙✶✺❪ ✮ P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✭❳❊❳✮ • XEX ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✿ 2 α 3 β 7 γ · E k ( N ) E k m c • ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ ✸✸ ✴ ✺✼

P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ ✈❛r✐❛♥ts ✐♥ ▼✐♥❛❧♣❤❡r ❛♥❞ Prøst ✭❣❡♥❡r❛❧✐③❡❞ ❜② ❈♦❣❧✐❛t✐ ❡t ❛❧✳ ❬❈▲❙✶✺❪ ✮ P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✭❳❊❳✮ • XEX ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✿ 2 α 3 β 7 γ · E k ( N ) E k m c • ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ • ❯s❡❞ ✐♥ ❖❈❇✷ ❛♥❞ ± ✶✹ ❈❆❊❙❆❘ ❝❛♥❞✐❞❛t❡s ✸✸ ✴ ✺✼

P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✭❳❊❳✮ • XEX ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✿ 2 α 3 β 7 γ · ( k � N ⊕ P ( k � N )) 2 α 3 β 7 γ · E k ( N ) E k P m c m c • ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ • ❯s❡❞ ✐♥ ❖❈❇✷ ❛♥❞ ± ✶✹ ❈❆❊❙❆❘ ❝❛♥❞✐❞❛t❡s • P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ ✈❛r✐❛♥ts ✐♥ ▼✐♥❛❧♣❤❡r ❛♥❞ Prøst ✭❣❡♥❡r❛❧✐③❡❞ ❜② ❈♦❣❧✐❛t✐ ❡t ❛❧✳ ❬❈▲❙✶✺❪ ✮ ✸✸ ✴ ✺✼

❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t M ⊕ N, t A1 N, t A2 N, t M1 N, t M2 N, t Md N, t Aa ˜ ˜ ˜ ˜ ˜ ˜ ˜ E E E E E E E k k k k k k k C 1 C 2 C d T L = E k ( N ) ✸✹ ✴ ✺✼

❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d T L = E k ( N ) ✸✹ ✴ ✺✼

P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d T L = E k ( N ) • ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ • ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ • ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ • ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s ✸✹ ✴ ✺✼

■♥t❡r♠❡③③♦✿ ❲❤② ❙t❛rt ❛t 2 · E k ( N ) ❄ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d T L = E k ( N ) • ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ • ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ • ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ • ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s ✸✺ ✴ ✺✼

❉✐st✐♥❣✉✐s❤❡r ❝❛♥ ♠❛❦❡ ✐♥✈❡rs❡ q✉❡r✐❡s P✉tt✐♥❣ ❣✐✈❡s ❉✐st✐♥❣✉✐s❤❡r ❦♥♦✇s s♦ ❧❡❛r♥s ✏s✉❜❦❡②✑ ■♥t❡r♠❡③③♦✿ ❲❤② ❙t❛rt ❛t 2 · E k ( N ) ❄ • ❙✉♣♣♦s❡ ✇❡ ✇♦✉❧❞ ♠❛s❦ ✇✐t❤ E k ( N ) ✿ E k ( N ) m E k c ✸✻ ✴ ✺✼

P✉tt✐♥❣ ❣✐✈❡s ❉✐st✐♥❣✉✐s❤❡r ❦♥♦✇s s♦ ❧❡❛r♥s ✏s✉❜❦❡②✑ ■♥t❡r♠❡③③♦✿ ❲❤② ❙t❛rt ❛t 2 · E k ( N ) ❄ • ❙✉♣♣♦s❡ ✇❡ ✇♦✉❧❞ ♠❛s❦ ✇✐t❤ E k ( N ) ✿ E k ( N ) E − 1 m c k • ❉✐st✐♥❣✉✐s❤❡r ❝❛♥ ♠❛❦❡ ✐♥✈❡rs❡ q✉❡r✐❡s ✸✻ ✴ ✺✼

❉✐st✐♥❣✉✐s❤❡r ❦♥♦✇s s♦ ❧❡❛r♥s ✏s✉❜❦❡②✑ ■♥t❡r♠❡③③♦✿ ❲❤② ❙t❛rt ❛t 2 · E k ( N ) ❄ • ❙✉♣♣♦s❡ ✇❡ ✇♦✉❧❞ ♠❛s❦ ✇✐t❤ E k ( N ) ✿ E k ( N ) E − 1 N ⊕ E k ( N ) 0 k • ❉✐st✐♥❣✉✐s❤❡r ❝❛♥ ♠❛❦❡ ✐♥✈❡rs❡ q✉❡r✐❡s • P✉tt✐♥❣ c = 0 ❣✐✈❡s m = N ⊕ E k ( N ) ✸✻ ✴ ✺✼

■♥t❡r♠❡③③♦✿ ❲❤② ❙t❛rt ❛t 2 · E k ( N ) ❄ • ❙✉♣♣♦s❡ ✇❡ ✇♦✉❧❞ ♠❛s❦ ✇✐t❤ E k ( N ) ✿ E k ( N ) E − 1 N ⊕ E k ( N ) 0 k • ❉✐st✐♥❣✉✐s❤❡r ❝❛♥ ♠❛❦❡ ✐♥✈❡rs❡ q✉❡r✐❡s • P✉tt✐♥❣ c = 0 ❣✐✈❡s m = N ⊕ E k ( N ) • ❉✐st✐♥❣✉✐s❤❡r ❦♥♦✇s N s♦ ❧❡❛r♥s ✏s✉❜❦❡②✑ E k ( N ) ✸✻ ✴ ✺✼

❙✐♥❣❧❡ ❳❖❘ ▲♦❣❛r✐t❤♠✐❝ ❛♠♦✉♥t ♦❢ ✜❡❧❞ ❞♦✉❜❧✐♥❣s ✭♣r❡❝♦♠♣✉t❡❞✮ ▼♦r❡ ❡✣❝✐❡♥t t❤❛♥ ♣♦✇❡r✐♥❣✲✉♣ ❬❑❘✶✶❪ ●r❛② ❈♦❞❡ ▼❛s❦✐♥❣ • ❖❈❇✶ ❛♥❞ ❖❈❇✸ ✉s❡ ●r❛② ❈♦❞❡s✿ � � α ⊕ ( α ≫ 1) · E k ( N ) E k m c • ( α, N ) ✐s t✇❡❛❦ • ❯♣❞❛t✐♥❣✿ G ( α ) = G ( α − 1) ⊕ 2 ntz ( α ) ✸✼ ✴ ✺✼

●r❛② ❈♦❞❡ ▼❛s❦✐♥❣ • ❖❈❇✶ ❛♥❞ ❖❈❇✸ ✉s❡ ●r❛② ❈♦❞❡s✿ � � α ⊕ ( α ≫ 1) · E k ( N ) E k m c • ( α, N ) ✐s t✇❡❛❦ • ❯♣❞❛t✐♥❣✿ G ( α ) = G ( α − 1) ⊕ 2 ntz ( α ) • ❙✐♥❣❧❡ ❳❖❘ • ▲♦❣❛r✐t❤♠✐❝ ❛♠♦✉♥t ♦❢ ✜❡❧❞ ❞♦✉❜❧✐♥❣s ✭♣r❡❝♦♠♣✉t❡❞✮ • ▼♦r❡ ❡✣❝✐❡♥t t❤❛♥ ♣♦✇❡r✐♥❣✲✉♣ ❬❑❘✶✶❪ ✸✼ ✴ ✺✼

rt ttt rt - PowerPoint PPT Presentation

rt ttt rt s rt rst trs

NSI & SDN Guy Roberts, DANTE GLIF Chicago, October 12th, 2012 NSI v 2.0 Plugest

Fairness-Aware Scheduling on Single-ISA Heterogeneous Multi-Cores Kenzo Van Craeynest + Shoaib

Van Hove Limit for Infinitely Extended Open Quantum Systems David Taj Physics Dept., University

Van der Waerden spaces and their relatives Jana Flakov Department of Mathematics University

Elections, Computer Security, and Electronic Voting CS161 4/19/2010 David Wagner #1 #2 #3

aks249 Parallel Metropolis-Hastings-Walker Sampling for LDA Xanda Schofield Topic :

R. (lele) Tripiccione Dipartimento di Fisica, Universita' di Ferrara

Seminar: Entwicklungsprozess von Software-Produktlinien Review Process Sandro Schulze WiSE

Helen Basturkmen University of Auckland, New Zealand Todays talk An EAP/ESP Teacher Education

LUCA PACIOLI 1447 TO 1517 THE FATHER OF ACCOUNTING DEREK STONE BA FCA FRSA FORMELY SENIOR

Facts and Conjectures about Factorizations of Fibonacci and Lucas Numbers Je ff Lagarias ,

INTRODUCTION TO ACCOUNTING Session 01 Session Outline Definition of Accounting History

EVOLUTION OF ACCOUNTING Merchants & Governments have been using accounting for keeping

ACCT 101: Bookkeeping, accruals, and adjusting Session 2 Richard M. Crowley 1 Frontmatter 2 .

Central bank digital currency is evolution, not revolution also across borders Morten Bech

OUTLINE In this study, we are going to look at the following: 1. Brief history of Book-keeping

Prs s t sr s

Three Steps Forward Two Steps Back Innovation and implementation of e-assessment in high stakes

Market changes and digitalisation as path to true sustainability SMART - Sustainable Market

functional thinking applying the philosophy of functional programming to system design &

Trust-Related Activities: Internet Certification Authorities Revocation and SSL

Architecture Framework for Software Safety Havva Gulay GURBUZ Nagehan PALA ER Bedir

Lecture6.1: Whatwewillnot betalkingabout Optimization and Computational Linear Algebra for Data

The FCCs Wireless Infrastructure Notice of Proposed Rulemaking Process and Procedure Tribal

rt ttt rt - PowerPoint PPT Presentation

rt ttt rt s rt rst trs

NSI &amp; SDN Guy Roberts, DANTE GLIF Chicago, October 12th, 2012 NSI v 2.0 Plugest

Fairness-Aware Scheduling on Single-ISA Heterogeneous Multi-Cores Kenzo Van Craeynest + Shoaib

Van Hove Limit for Infinitely Extended Open Quantum Systems David Taj Physics Dept., University

Van der Waerden spaces and their relatives Jana Flakov Department of Mathematics University

Elections, Computer Security, and Electronic Voting CS161 4/19/2010 David Wagner #1 #2 #3

aks249 Parallel Metropolis-Hastings-Walker Sampling for LDA Xanda Schofield Topic :

R. (lele) Tripiccione Dipartimento di Fisica, Universita' di Ferrara

Seminar: Entwicklungsprozess von Software-Produktlinien Review Process Sandro Schulze WiSE

Helen Basturkmen University of Auckland, New Zealand Todays talk An EAP/ESP Teacher Education

LUCA PACIOLI 1447 TO 1517 THE FATHER OF ACCOUNTING DEREK STONE BA FCA FRSA FORMELY SENIOR

Facts and Conjectures about Factorizations of Fibonacci and Lucas Numbers Je ff Lagarias ,

INTRODUCTION TO ACCOUNTING Session 01 Session Outline Definition of Accounting History

EVOLUTION OF ACCOUNTING Merchants &amp; Governments have been using accounting for keeping

ACCT 101: Bookkeeping, accruals, and adjusting Session 2 Richard M. Crowley 1 Frontmatter 2 .

Central bank digital currency is evolution, not revolution also across borders Morten Bech

OUTLINE In this study, we are going to look at the following: 1. Brief history of Book-keeping

Prs s t sr s

Three Steps Forward Two Steps Back Innovation and implementation of e-assessment in high stakes

Market changes and digitalisation as path to true sustainability SMART - Sustainable Market

functional thinking applying the philosophy of functional programming to system design &amp;

Trust-Related Activities: Internet Certification Authorities Revocation and SSL

Architecture Framework for Software Safety Havva Gulay GURBUZ Nagehan PALA ER Bedir

Lecture6.1: Whatwewillnot betalkingabout Optimization and Computational Linear Algebra for Data

The FCCs Wireless Infrastructure Notice of Proposed Rulemaking Process and Procedure Tribal

NSI & SDN Guy Roberts, DANTE GLIF Chicago, October 12th, 2012 NSI v 2.0 Plugest

EVOLUTION OF ACCOUNTING Merchants & Governments have been using accounting for keeping

functional thinking applying the philosophy of functional programming to system design &