rs rt r t
play

rs - PowerPoint PPT Presentation

Dec 22, 2022 •123 likes •1.89k views

rs rt rt rt rst

  1. ❚❲❊❆❑❊❨ ❜❧❡♥❞✐♥❣ ❬❏◆P✶✹❪ ✐s ♠♦r❡ ❛❞✈❛♥❝❡❞ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❇❧❡♥❞✐♥❣ t✇❡❛❦ ❛♥❞ ❦❡② ✇♦r❦s✳ ✳ ✳ • ✳ ✳ ✳ ❜✉t✿ ❝❛r❡❢✉❧ ✇✐t❤ r❡❧❛t❡❞✲❦❡② ❛tt❛❝❦s✦ • ❋♦r ⊕ ✲♠✐①✐♥❣✱ ❦❡② ❝❛♥ ❜❡ r❡❝♦✈❡r❡❞ ✐♥ 2 κ/ 2 ❡✈❛❧✉❛t✐♦♥s • ❙❝❤❡♠❡ ✐s ✐♥s❡❝✉r❡ ✐❢ E ✐s ❊✈❡♥✲▼❛♥s♦✉r ✶✵ ✴ ✹✽

  2. ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❇❧❡♥❞✐♥❣ t✇❡❛❦ ❛♥❞ ❦❡② ✇♦r❦s✳ ✳ ✳ • ✳ ✳ ✳ ❜✉t✿ ❝❛r❡❢✉❧ ✇✐t❤ r❡❧❛t❡❞✲❦❡② ❛tt❛❝❦s✦ • ❋♦r ⊕ ✲♠✐①✐♥❣✱ ❦❡② ❝❛♥ ❜❡ r❡❝♦✈❡r❡❞ ✐♥ 2 κ/ 2 ❡✈❛❧✉❛t✐♦♥s • ❙❝❤❡♠❡ ✐s ✐♥s❡❝✉r❡ ✐❢ E ✐s ❊✈❡♥✲▼❛♥s♦✉r • ❚❲❊❆❑❊❨ ❜❧❡♥❞✐♥❣ ❬❏◆P✶✹❪ ✐s ♠♦r❡ ❛❞✈❛♥❝❡❞ ✶✵ ✴ ✹✽

  3. ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ ✶✶ ✴ ✹✽

  4. ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) ✶✶ ✴ ✹✽

  5. ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h ✶✶ ✴ ✹✽

  6. ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h • ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ � E − 1 k ✶✶ ✴ ✹✽

  7. ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h • ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ � E − 1 k • � E − 1 k ( t, c ) ⊕ � E − 1 k ( t ⊕ C, c ) = h ⊗ C ✶✶ ✴ ✹✽

  8. ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t h ⊗ t m c E • ❙✐♠♣❧❡ ❜❧❡♥❞✐♥❣ ♦❢ t✇❡❛❦ ❛♥❞ st❛t❡ ❞♦❡s ♥♦t ✇♦r❦ • � E k ( t, m ) = � E k ( t ⊕ C, m ⊕ C ) • ❙♦♠❡ s❡❝r❡❝② r❡q✉✐r❡❞✿ h • ❙t✐❧❧ ❞♦❡s ♥♦t ✇♦r❦ ✐❢ ❛❞✈❡rs❛r② ❤❛s ❛❝❝❡ss t♦ � E − 1 k • � E − 1 k ( t, c ) ⊕ � E − 1 k ( t ⊕ C, c ) = h ⊗ C • ❚✇♦✲s✐❞❡❞ ♠❛s❦✐♥❣ ♥❡❝❡ss❛r② ✶✶ ✴ ✹✽

  9. ▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k h ⊗ t h ⊗ t m c E • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ ✶✷ ✴ ✹✽

  10. ▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k f ( t ) f ( t ) m c E • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f ✶✷ ✴ ✹✽

  11. ▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ k f 1 ( t ) f 2 ( t ) m c E • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f • ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s f 1 , f 2 ✶✷ ✴ ✹✽

  12. ▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs ❢♦❧❧♦✇ ♠❛s❦✲ ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ f 1 ( t ) f 2 ( t ) P m c • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f • ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s f 1 , f 2 • ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ E ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ✶✷ ✴ ✹✽

  13. ■♥t✉✐t✐♦♥✿ ❉❡s✐❣♥ f 1 ( t ) f 2 ( t ) ▼❛❥♦r✐t② ♦❢ t✇❡❛❦❛❜❧❡ ❜❧♦❝❦❝✐♣❤❡rs P m c ❢♦❧❧♦✇ ♠❛s❦✲ E k /P ✲♠❛s❦ ♣r✐♥❝✐♣❧❡ • ❚✇♦✲s✐❞❡❞ s❡❝r❡t ♠❛s❦✐♥❣ s❡❡♠s t♦ ✇♦r❦ • ❈❛♥ ✇❡ ❣❡♥❡r❛❧✐③❡❄ • ●❡♥❡r❛❧✐③✐♥❣ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥ f • ❱❛r✐❛t✐♦♥ ✐♥ ♠❛s❦✐♥❣❄ ❉❡♣❡♥❞s ♦♥ ❢✉♥❝t✐♦♥s f 1 , f 2 • ❘❡❧❡❛s✐♥❣ s❡❝r❡❝② ✐♥ E ❄ ❯s✉❛❧❧② ♥♦ ♣r♦❜❧❡♠ ✶✷ ✴ ✹✽

  14. ❙t❡♣ ✶✿ ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s ♥❡❡❞ ❛t ♠♦st❄ ❙t❡♣ ✶✿ ❇♦✐❧s ❞♦✇♥ t♦ ✜♥❞✐♥❣ ❣❡♥❡r✐❝ ❛tt❛❝❦s ❙t❡♣ ✷✿ ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s ♥❡❡❞ ❛t ❧❡❛st❄ ❙t❡♣ ✷✿ ❇♦✐❧s ❞♦✇♥ t♦ ♣r♦✈❛❜❧❡ s❡❝✉r✐t② ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • � E k s❤♦✉❧❞ ✏❧♦♦❦ ❧✐❦❡✑ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❈♦♥s✐❞❡r ❛❞✈❡rs❛r② D t❤❛t ♠❛❦❡s q ❡✈❛❧✉❛t✐♦♥s ♦❢ � E k ✶✸ ✴ ✹✽

  15. ❙t❡♣ ✷✿ ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s ♥❡❡❞ ❛t ❧❡❛st❄ ❙t❡♣ ✷✿ ❇♦✐❧s ❞♦✇♥ t♦ ♣r♦✈❛❜❧❡ s❡❝✉r✐t② ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • � E k s❤♦✉❧❞ ✏❧♦♦❦ ❧✐❦❡✑ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❈♦♥s✐❞❡r ❛❞✈❡rs❛r② D t❤❛t ♠❛❦❡s q ❡✈❛❧✉❛t✐♦♥s ♦❢ � E k • ❙t❡♣ ✶✿ • ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s D ♥❡❡❞ ❛t ♠♦st❄ ❙t❡♣ ✶✿ • ❇♦✐❧s ❞♦✇♥ t♦ ✜♥❞✐♥❣ ❣❡♥❡r✐❝ ❛tt❛❝❦s ✶✸ ✴ ✹✽

  16. ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • � E k s❤♦✉❧❞ ✏❧♦♦❦ ❧✐❦❡✑ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥ ❢♦r ❡✈❡r② t • ❈♦♥s✐❞❡r ❛❞✈❡rs❛r② D t❤❛t ♠❛❦❡s q ❡✈❛❧✉❛t✐♦♥s ♦❢ � E k • ❙t❡♣ ✶✿ • ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s D ♥❡❡❞ ❛t ♠♦st❄ ❙t❡♣ ✶✿ • ❇♦✐❧s ❞♦✇♥ t♦ ✜♥❞✐♥❣ ❣❡♥❡r✐❝ ❛tt❛❝❦s • ❙t❡♣ ✷✿ • ❍♦✇ ♠❛♥② ❡✈❛❧✉❛t✐♦♥s ❞♦❡s D ♥❡❡❞ ❛t ❧❡❛st❄ ❙t❡♣ ✷✿ • ❇♦✐❧s ❞♦✇♥ t♦ ♣r♦✈❛❜❧❡ s❡❝✉r✐t② ✶✸ ✴ ✹✽

  17. ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ✱ ✿ ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ ①♦r❡❞ t♦ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c ✶✹ ✴ ✹✽

  18. ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ ①♦r❡❞ t♦ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) ✶✹ ✴ ✹✽

  19. ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ ①♦r❡❞ t♦ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s ✶✹ ✴ ✹✽

  20. ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s • ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ C ①♦r❡❞ t♦ m, m ′ ✶✹ ✴ ✹✽

  21. ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❋♦r ❛♥② t✇♦ q✉❡r✐❡s ( t, m, c ) ✱ ( t ′ , m ′ , c ′ ) ✿ m ⊕ f 1 ( t ) = m ′ ⊕ f 1 ( t ′ ) = ⇒ c ⊕ f 2 ( t ) = c ′ ⊕ f 2 ( t ′ ) • ❯♥❧✐❦❡❧② t♦ ❤❛♣♣❡♥ ❢♦r r❛♥❞♦♠ ❢❛♠✐❧② ♦❢ ♣❡r♠✉t❛t✐♦♥s • ■♠♣❧✐❝❛t✐♦♥ st✐❧❧ ❤♦❧❞s ✇✐t❤ ❞✐✛❡r❡♥❝❡ C ①♦r❡❞ t♦ m, m ′ ❙❝❤❡♠❡ ❝❛♥ ❜❡ ❜r♦❦❡♥ ✐♥ ≈ 2 n/ 2 ❡✈❛❧✉❛t✐♦♥s ✶✹ ✴ ✹✽

  22. ❚②♣✐❝❛❧ ❛♣♣r♦❛❝❤✿ ❈♦♥s✐❞❡r ❛♥② tr❛♥s❝r✐♣t ❛♥ ❛❞✈❡rs❛r② ♠❛② s❡❡ ▼♦st ✬s s❤♦✉❧❞ ❜❡ ❡q✉❛❧❧② ❧✐❦❡❧② ✐♥ ❜♦t❤ ✇♦r❧❞s ❖❞❞ ♦♥❡s s❤♦✉❧❞ ❤❛♣♣❡♥ ✇✐t❤ ✈❡r② s♠❛❧❧ ♣r♦❜❛❜✐❧✐t② ❆❧❧ ❝♦♥str✉❝t✐♦♥s ♦❢ t❤✐s ❦✐♥❞✿ s❡❝✉r❡ ✉♣ t♦ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❚❤❡ ❢✉♥ st❛rts ❤❡r❡✦ • ▼♦r❡ t❡❝❤♥✐❝❛❧ ❛♥❞ ♦❢t❡♥ ♠♦r❡ ✐♥✈♦❧✈❡❞ ✶✺ ✴ ✹✽

  23. ❆❧❧ ❝♦♥str✉❝t✐♦♥s ♦❢ t❤✐s ❦✐♥❞✿ s❡❝✉r❡ ✉♣ t♦ ❡✈❛❧✉❛t✐♦♥s ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❚❤❡ ❢✉♥ st❛rts ❤❡r❡✦ • ▼♦r❡ t❡❝❤♥✐❝❛❧ ❛♥❞ ♦❢t❡♥ ♠♦r❡ ✐♥✈♦❧✈❡❞ • ❚②♣✐❝❛❧ ❛♣♣r♦❛❝❤✿ • ❈♦♥s✐❞❡r ❛♥② tr❛♥s❝r✐♣t τ ❛♥ ❛❞✈❡rs❛r② ♠❛② s❡❡ • ▼♦st τ ✬s s❤♦✉❧❞ ❜❡ ❡q✉❛❧❧② ❧✐❦❡❧② ✐♥ ❜♦t❤ ✇♦r❧❞s • ❖❞❞ ♦♥❡s s❤♦✉❧❞ ❤❛♣♣❡♥ ✇✐t❤ ✈❡r② s♠❛❧❧ ♣r♦❜❛❜✐❧✐t② ✶✺ ✴ ✹✽

  24. ■♥t✉✐t✐♦♥✿ ❆♥❛❧②s✐s f 1 ( t ) f 2 ( t ) E k /P m c • ❚❤❡ ❢✉♥ st❛rts ❤❡r❡✦ • ▼♦r❡ t❡❝❤♥✐❝❛❧ ❛♥❞ ♦❢t❡♥ ♠♦r❡ ✐♥✈♦❧✈❡❞ • ❚②♣✐❝❛❧ ❛♣♣r♦❛❝❤✿ • ❈♦♥s✐❞❡r ❛♥② tr❛♥s❝r✐♣t τ ❛♥ ❛❞✈❡rs❛r② ♠❛② s❡❡ • ▼♦st τ ✬s s❤♦✉❧❞ ❜❡ ❡q✉❛❧❧② ❧✐❦❡❧② ✐♥ ❜♦t❤ ✇♦r❧❞s • ❖❞❞ ♦♥❡s s❤♦✉❧❞ ❤❛♣♣❡♥ ✇✐t❤ ✈❡r② s♠❛❧❧ ♣r♦❜❛❜✐❧✐t② ❆❧❧ ❝♦♥str✉❝t✐♦♥s ♦❢ t❤✐s ❦✐♥❞✿ s❡❝✉r❡ ✉♣ t♦ ≈ 2 n/ 2 ❡✈❛❧✉❛t✐♦♥s ✶✺ ✴ ✹✽

  25. ❖✉t❧✐♥❡ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ • ■♠♣r♦✈❡❞ ❆tt❛❝❦ • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ ❈♦♥❝❧✉s✐♦♥ ✶✻ ✴ ✹✽

  26. t②♣✐❝❛❧❧② ✶✷✽ ❜✐ts ♠✉❝❤ ❧❛r❣❡r✿ ✷✺✻✲✶✻✵✵ ❜✐ts ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ ❇❧♦❝❦❝✐♣❤❡r✲❇❛s❡❞✳ ♣P❡r♠✉t❛t✐♦♥✲❇❛s❡❞✳♣ tweak-based mask tweak-based mask m E k c m P c ✶✼ ✴ ✹✽

  27. ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ ❇❧♦❝❦❝✐♣❤❡r✲❇❛s❡❞✳ ♣P❡r♠✉t❛t✐♦♥✲❇❛s❡❞✳♣ tweak-based mask tweak-based mask m E k c m P c t②♣✐❝❛❧❧② ✶✷✽ ❜✐ts ♠✉❝❤ ❧❛r❣❡r✿ ✷✺✻✲✶✻✵✵ ❜✐ts ✶✼ ✴ ✹✽

  28. ❖r✐❣✐♥❛❧ ❈♦♥str✉❝t✐♦♥s • LRW 1 ❛♥❞ LRW 2 ❜② ▲✐s❦♦✈ ❡t ❛❧✳ ❬▲❘❲✵✷❪ ✿ h ( t ) t m E k E k c m E k c • h ✐s ❳❖❘✲✉♥✐✈❡rs❛❧ ❤❛s❤ • ❊✳❣✳✱ h ( t ) = h ⊗ t ❢♦r n ✲❜✐t ✏❦❡②✑ h ✶✽ ✴ ✹✽

  29. ❯s❡❞ ✐♥ ❖❈❇✷ ❛♥❞ ✶✹ ❈❆❊❙❆❘ ❝❛♥❞✐❞❛t❡s P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ ✈❛r✐❛♥ts ✐♥ ▼✐♥❛❧♣❤❡r ❛♥❞ Prøst ✭❣❡♥❡r❛❧✐③❡❞ ❜② ❈♦❣❧✐❛t✐ ❡t ❛❧✳ ❬❈▲❙✶✺❪ ✮ P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✭❳❊❳✮ • XEX ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✿ 2 α 3 β 7 γ · E k ( N ) E k m c • ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ ✶✾ ✴ ✹✽

  30. P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ ✈❛r✐❛♥ts ✐♥ ▼✐♥❛❧♣❤❡r ❛♥❞ Prøst ✭❣❡♥❡r❛❧✐③❡❞ ❜② ❈♦❣❧✐❛t✐ ❡t ❛❧✳ ❬❈▲❙✶✺❪ ✮ P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✭❳❊❳✮ • XEX ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✿ 2 α 3 β 7 γ · E k ( N ) E k m c • ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ • ❯s❡❞ ✐♥ ❖❈❇✷ ❛♥❞ ± ✶✹ ❈❆❊❙❆❘ ❝❛♥❞✐❞❛t❡s ✶✾ ✴ ✹✽

  31. P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✭❳❊❳✮ • XEX ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✿ 2 α 3 β 7 γ · ( k � N ⊕ P ( k � N )) 2 α 3 β 7 γ · E k ( N ) E k P m c m c • ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ • ❯s❡❞ ✐♥ ❖❈❇✷ ❛♥❞ ± ✶✹ ❈❆❊❙❆❘ ❝❛♥❞✐❞❛t❡s • P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ ✈❛r✐❛♥ts ✐♥ ▼✐♥❛❧♣❤❡r ❛♥❞ Prøst ✭❣❡♥❡r❛❧✐③❡❞ ❜② ❈♦❣❧✐❛t✐ ❡t ❛❧✳ ❬❈▲❙✶✺❪ ✮ ✶✾ ✴ ✹✽

  32. ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d N, t M ⊕ N, t A1 N, t A2 N, t M1 N, t M2 N, t Md N, t Aa ˜ ˜ ˜ ˜ ˜ ˜ ˜ E E E E E E E k k k k k k k C 1 C 2 C d L = E k ( N ) T ✷✵ ✴ ✹✽

  33. ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d L = E k ( N ) T ✷✵ ✴ ✹✽

  34. ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d L = E k ( N ) T ✷✵ ✴ ✹✽

  35. ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d L = E k ( N ) T ✷✵ ✴ ✹✽

  36. ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d L = E k ( N ) T ✷✵ ✴ ✹✽

  37. ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d L = E k ( N ) T ✷✵ ✴ ✹✽

  38. P♦✇❡r✐♥❣✲❯♣ ▼❛s❦✐♥❣ ✐♥ ❖❈❇✷✲▲✐❦❡ ❈♦♥str✉❝t✐♦♥ A 1 A 2 A a ⊕ M i M 1 M 2 M d 2 · 3 2 L 2 2 3 2 L 2 a 3 2 L 2 d 3 L 2 2 L 2 d L 2 L E k E k E k E k E k E k E k 2 2 L 2 d L 2 L C 1 C 2 C d L = E k ( N ) T • ❯♣❞❛t❡ ♦❢ ♠❛s❦✿ • ❙❤✐❢t ❛♥❞ ❝♦♥❞✐t✐♦♥❛❧ ❳❖❘ • ❱❛r✐❛❜❧❡ t✐♠❡ ❝♦♠♣✉t❛t✐♦♥ • ❊①♣❡♥s✐✈❡ ♦♥ ❝❡rt❛✐♥ ♣❧❛t❢♦r♠s ✷✵ ✴ ✹✽

  39. ❙✐♥❣❧❡ ❳❖❘ ▲♦❣❛r✐t❤♠✐❝ ❛♠♦✉♥t ♦❢ ✜❡❧❞ ❞♦✉❜❧✐♥❣s ✭♣r❡❝♦♠♣✉t❡❞✮ ▼♦r❡ ❡✣❝✐❡♥t t❤❛♥ ♣♦✇❡r✐♥❣✲✉♣ ❬❑❘✶✶❪ ●r❛② ❈♦❞❡ ▼❛s❦✐♥❣ • ❖❈❇✶ ❛♥❞ ❖❈❇✸ ✉s❡ ●r❛② ❈♦❞❡s✿ � � α ⊕ ( α ≫ 1) · E k ( N ) E k m c • ( α, N ) ✐s t✇❡❛❦ • ❯♣❞❛t✐♥❣✿ G ( α ) = G ( α − 1) ⊕ 2 ntz ( α ) ✷✶ ✴ ✹✽

  40. ●r❛② ❈♦❞❡ ▼❛s❦✐♥❣ • ❖❈❇✶ ❛♥❞ ❖❈❇✸ ✉s❡ ●r❛② ❈♦❞❡s✿ � � α ⊕ ( α ≫ 1) · E k ( N ) E k m c • ( α, N ) ✐s t✇❡❛❦ • ❯♣❞❛t✐♥❣✿ G ( α ) = G ( α − 1) ⊕ 2 ntz ( α ) • ❙✐♥❣❧❡ ❳❖❘ • ▲♦❣❛r✐t❤♠✐❝ ❛♠♦✉♥t ♦❢ ✜❡❧❞ ❞♦✉❜❧✐♥❣s ✭♣r❡❝♦♠♣✉t❡❞✮ • ▼♦r❡ ❡✣❝✐❡♥t t❤❛♥ ♣♦✇❡r✐♥❣✲✉♣ ❬❑❘✶✶❪ ✷✶ ✴ ✹✽

  41. ❖✉t❧✐♥❡ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ • ■♠♣r♦✈❡❞ ❆tt❛❝❦ • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ ❈♦♥❝❧✉s✐♦♥ ✷✷ ✴ ✹✽

  42. ❈♦♠❜✐♥❡s ❛❞✈❛♥t❛❣❡s ♦❢✿ P♦✇❡r✐♥❣✲✉♣ ♠❛s❦✐♥❣ ❲♦r❞✲❜❛s❡❞ ▲❋❙❘s ❙✐♠♣❧❡r✱ ❝♦♥st❛♥t✲t✐♠❡ ✭❜② ❞❡❢❛✉❧t✮✱ ♠♦r❡ ❡✣❝✐❡♥t ▼❛s❦❡❞ ❊✈❡♥✲▼❛♥s♦✉r ✭ MEM ✮ • MEM ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ ✿ ϕ γ 2 ◦ ϕ β 1 ◦ ϕ α 0 ◦ P ( N � k ) P m c • ϕ i ❛r❡ ✜①❡❞ ▲❋❙❘s✱ ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ ✷✸ ✴ ✹✽

  43. ❙✐♠♣❧❡r✱ ❝♦♥st❛♥t✲t✐♠❡ ✭❜② ❞❡❢❛✉❧t✮✱ ♠♦r❡ ❡✣❝✐❡♥t ▼❛s❦❡❞ ❊✈❡♥✲▼❛♥s♦✉r ✭ MEM ✮ • MEM ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ ✿ ϕ γ 2 ◦ ϕ β 1 ◦ ϕ α 0 ◦ P ( N � k ) P m c • ϕ i ❛r❡ ✜①❡❞ ▲❋❙❘s✱ ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ • ❈♦♠❜✐♥❡s ❛❞✈❛♥t❛❣❡s ♦❢✿ • P♦✇❡r✐♥❣✲✉♣ ♠❛s❦✐♥❣ • ❲♦r❞✲❜❛s❡❞ ▲❋❙❘s ✷✸ ✴ ✹✽

  44. ▼❛s❦❡❞ ❊✈❡♥✲▼❛♥s♦✉r ✭ MEM ✮ • MEM ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ ✿ ϕ γ 2 ◦ ϕ β 1 ◦ ϕ α 0 ◦ P ( N � k ) P m c • ϕ i ❛r❡ ✜①❡❞ ▲❋❙❘s✱ ( α, β, γ, N ) ✐s t✇❡❛❦ ✭s✐♠♣❧✐✜❡❞✮ • ❈♦♠❜✐♥❡s ❛❞✈❛♥t❛❣❡s ♦❢✿ • P♦✇❡r✐♥❣✲✉♣ ♠❛s❦✐♥❣ • ❲♦r❞✲❜❛s❡❞ ▲❋❙❘s • ❙✐♠♣❧❡r✱ ❝♦♥st❛♥t✲t✐♠❡ ✭❜② ❞❡❢❛✉❧t✮✱ ♠♦r❡ ❡✣❝✐❡♥t ✷✸ ✴ ✹✽

  45. ❙❛♠♣❧❡ ▲❋❙❘s ✭st❛t❡ s✐③❡ ❛s ✇♦r❞s ♦❢ ❜✐ts✮✿ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ❲♦r❦ ❡①❝❡♣t✐♦♥❛❧❧② ✇❡❧❧ ❢♦r ❆❘❳ ♣r✐♠✐t✐✈❡s MEM ✿ ❉❡s✐❣♥ ❈♦♥s✐❞❡r❛t✐♦♥s • P❛rt✐❝✉❧❛r❧② s✉✐t❡❞ ❢♦r ❧❛r❣❡ st❛t❡s ✭♣❡r♠✉t❛t✐♦♥s✮ • ▲♦✇ ♦♣❡r❛t✐♦♥ ❝♦✉♥ts ❜② ❝❧❡✈❡r ❝❤♦✐❝❡ ♦❢ ▲❋❙❘ ✷✹ ✴ ✹✽

  46. ❲♦r❦ ❡①❝❡♣t✐♦♥❛❧❧② ✇❡❧❧ ❢♦r ❆❘❳ ♣r✐♠✐t✐✈❡s MEM ✿ ❉❡s✐❣♥ ❈♦♥s✐❞❡r❛t✐♦♥s • P❛rt✐❝✉❧❛r❧② s✉✐t❡❞ ❢♦r ❧❛r❣❡ st❛t❡s ✭♣❡r♠✉t❛t✐♦♥s✮ • ▲♦✇ ♦♣❡r❛t✐♦♥ ❝♦✉♥ts ❜② ❝❧❡✈❡r ❝❤♦✐❝❡ ♦❢ ▲❋❙❘ • ❙❛♠♣❧❡ ▲❋❙❘s ✭st❛t❡ s✐③❡ b ❛s n ✇♦r❞s ♦❢ w ❜✐ts✮✿ b w n ϕ 128 8 16 ( x 1 , . . . , x 15 , ( x 0 ≪ 1) ⊕ ( x 9 ≫ 1) ⊕ ( x 10 ≪ 1)) 128 32 4 ( x 1 , . . . , x 3 , ( x 0 ≪ 5) ⊕ x 1 ⊕ ( x 1 ≪ 13)) 128 64 2 ( x 1 , ( x 0 ≪ 11) ⊕ x 1 ⊕ ( x 1 ≪ 13)) 256 64 4 ( x 1 , . . . , x 3 , ( x 0 ≪ 3) ⊕ ( x 3 ≫ 5)) 512 32 16 ( x 1 , . . . , x 15 , ( x 0 ≪ 5) ⊕ ( x 3 ≫ 7)) 512 64 8 ( x 1 , . . . , x 7 , ( x 0 ≪ 29) ⊕ ( x 1 ≪ 9)) 1024 64 16 ( x 1 , . . . , x 15 , ( x 0 ≪ 53) ⊕ ( x 5 ≪ 13)) 1600 32 50 ( x 1 , . . . , x 49 , ( x 0 ≪ 3) ⊕ ( x 23 ≫ 3)) ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✷✹ ✴ ✹✽

  47. MEM ✿ ❉❡s✐❣♥ ❈♦♥s✐❞❡r❛t✐♦♥s • P❛rt✐❝✉❧❛r❧② s✉✐t❡❞ ❢♦r ❧❛r❣❡ st❛t❡s ✭♣❡r♠✉t❛t✐♦♥s✮ • ▲♦✇ ♦♣❡r❛t✐♦♥ ❝♦✉♥ts ❜② ❝❧❡✈❡r ❝❤♦✐❝❡ ♦❢ ▲❋❙❘ • ❙❛♠♣❧❡ ▲❋❙❘s ✭st❛t❡ s✐③❡ b ❛s n ✇♦r❞s ♦❢ w ❜✐ts✮✿ b w n ϕ 128 8 16 ( x 1 , . . . , x 15 , ( x 0 ≪ 1) ⊕ ( x 9 ≫ 1) ⊕ ( x 10 ≪ 1)) 128 32 4 ( x 1 , . . . , x 3 , ( x 0 ≪ 5) ⊕ x 1 ⊕ ( x 1 ≪ 13)) 128 64 2 ( x 1 , ( x 0 ≪ 11) ⊕ x 1 ⊕ ( x 1 ≪ 13)) 256 64 4 ( x 1 , . . . , x 3 , ( x 0 ≪ 3) ⊕ ( x 3 ≫ 5)) 512 32 16 ( x 1 , . . . , x 15 , ( x 0 ≪ 5) ⊕ ( x 3 ≫ 7)) 512 64 8 ( x 1 , . . . , x 7 , ( x 0 ≪ 29) ⊕ ( x 1 ≪ 9)) 1024 64 16 ( x 1 , . . . , x 15 , ( x 0 ≪ 53) ⊕ ( x 5 ≪ 13)) 1600 32 50 ( x 1 , . . . , x 49 , ( x 0 ≪ 3) ⊕ ( x 23 ≫ 3)) ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ ✳ • ❲♦r❦ ❡①❝❡♣t✐♦♥❛❧❧② ✇❡❧❧ ❢♦r ❆❘❳ ♣r✐♠✐t✐✈❡s ✷✹ ✴ ✹✽

  48. ✻✹ ✶✷✽ ✷✺✻ ✺✶✷ ✶✵✷✹ s♦❧✈❡❞ ❜② r❡s✉❧ts ✐♠♣❧✐❝✐t❧② ✉s❡❞✱ ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ❡✳❣✳✱ ❜② Prøst ✭✷✵✶✹✮ s♦❧✈❡❞ ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ MEM ✿ ❯♥✐q✉❡♥❡ss ♦❢ ▼❛s❦✐♥❣ • ■♥t✉✐t✐✈❡❧②✱ ♠❛s❦✐♥❣ ❣♦❡s ✇❡❧❧ ❛s ❧♦♥❣ ❛s ϕ γ 2 ◦ ϕ β 0 � = ϕ γ ′ 2 ◦ ϕ β ′ 1 ◦ ϕ α ′ 1 ◦ ϕ α 0 ❢♦r ❛♥② ( α, β, γ ) � = ( α ′ , β ′ , γ ′ ) • ❈❤❛❧❧❡♥❣❡✿ s❡t ♣r♦♣❡r ❞♦♠❛✐♥ ❢♦r ( α, β, γ ) • ❘❡q✉✐r❡s ❝♦♠♣✉t❛t✐♦♥ ♦❢ ❞✐s❝r❡t❡ ❧♦❣❛r✐t❤♠s ✷✺ ✴ ✹✽

  49. s♦❧✈❡❞ ❜② r❡s✉❧ts ✐♠♣❧✐❝✐t❧② ✉s❡❞✱ ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ❡✳❣✳✱ ❜② Prøst ✭✷✵✶✹✮ s♦❧✈❡❞ ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ MEM ✿ ❯♥✐q✉❡♥❡ss ♦❢ ▼❛s❦✐♥❣ • ■♥t✉✐t✐✈❡❧②✱ ♠❛s❦✐♥❣ ❣♦❡s ✇❡❧❧ ❛s ❧♦♥❣ ❛s ϕ γ 2 ◦ ϕ β 0 � = ϕ γ ′ 2 ◦ ϕ β ′ 1 ◦ ϕ α ′ 1 ◦ ϕ α 0 ❢♦r ❛♥② ( α, β, γ ) � = ( α ′ , β ′ , γ ′ ) • ❈❤❛❧❧❡♥❣❡✿ s❡t ♣r♦♣❡r ❞♦♠❛✐♥ ❢♦r ( α, β, γ ) • ❘❡q✉✐r❡s ❝♦♠♣✉t❛t✐♦♥ ♦❢ ❞✐s❝r❡t❡ ❧♦❣❛r✐t❤♠s ✻✹ ✶✷✽ ✷✺✻ ✺✶✷ ✶✵✷✹ ✷✺ ✴ ✹✽

  50. r❡s✉❧ts ✐♠♣❧✐❝✐t❧② ✉s❡❞✱ ❡✳❣✳✱ ❜② Prøst ✭✷✵✶✹✮ s♦❧✈❡❞ ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ MEM ✿ ❯♥✐q✉❡♥❡ss ♦❢ ▼❛s❦✐♥❣ • ■♥t✉✐t✐✈❡❧②✱ ♠❛s❦✐♥❣ ❣♦❡s ✇❡❧❧ ❛s ❧♦♥❣ ❛s ϕ γ 2 ◦ ϕ β 0 � = ϕ γ ′ 2 ◦ ϕ β ′ 1 ◦ ϕ α ′ 1 ◦ ϕ α 0 ❢♦r ❛♥② ( α, β, γ ) � = ( α ′ , β ′ , γ ′ ) • ❈❤❛❧❧❡♥❣❡✿ s❡t ♣r♦♣❡r ❞♦♠❛✐♥ ❢♦r ( α, β, γ ) • ❘❡q✉✐r❡s ❝♦♠♣✉t❛t✐♦♥ ♦❢ ❞✐s❝r❡t❡ ❧♦❣❛r✐t❤♠s ✻✹ ✶✷✽ ✷✺✻ ✺✶✷ ✶✵✷✹ � �� � s♦❧✈❡❞ ❜② ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ✷✺ ✴ ✹✽

  51. s♦❧✈❡❞ ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ MEM ✿ ❯♥✐q✉❡♥❡ss ♦❢ ▼❛s❦✐♥❣ • ■♥t✉✐t✐✈❡❧②✱ ♠❛s❦✐♥❣ ❣♦❡s ✇❡❧❧ ❛s ❧♦♥❣ ❛s ϕ γ 2 ◦ ϕ β 0 � = ϕ γ ′ 2 ◦ ϕ β ′ 1 ◦ ϕ α ′ 1 ◦ ϕ α 0 ❢♦r ❛♥② ( α, β, γ ) � = ( α ′ , β ′ , γ ′ ) • ❈❤❛❧❧❡♥❣❡✿ s❡t ♣r♦♣❡r ❞♦♠❛✐♥ ❢♦r ( α, β, γ ) • ❘❡q✉✐r❡s ❝♦♠♣✉t❛t✐♦♥ ♦❢ ❞✐s❝r❡t❡ ❧♦❣❛r✐t❤♠s ✻✹ ✶✷✽ ✷✺✻ ✺✶✷ ✶✵✷✹ � �� � � �� � s♦❧✈❡❞ ❜② r❡s✉❧ts ✐♠♣❧✐❝✐t❧② ✉s❡❞✱ ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ❡✳❣✳✱ ❜② Prøst ✭✷✵✶✹✮ ✷✺ ✴ ✹✽

  52. MEM ✿ ❯♥✐q✉❡♥❡ss ♦❢ ▼❛s❦✐♥❣ • ■♥t✉✐t✐✈❡❧②✱ ♠❛s❦✐♥❣ ❣♦❡s ✇❡❧❧ ❛s ❧♦♥❣ ❛s ϕ γ 2 ◦ ϕ β 0 � = ϕ γ ′ 2 ◦ ϕ β ′ 1 ◦ ϕ α ′ 1 ◦ ϕ α 0 ❢♦r ❛♥② ( α, β, γ ) � = ( α ′ , β ′ , γ ′ ) • ❈❤❛❧❧❡♥❣❡✿ s❡t ♣r♦♣❡r ❞♦♠❛✐♥ ❢♦r ( α, β, γ ) • ❘❡q✉✐r❡s ❝♦♠♣✉t❛t✐♦♥ ♦❢ ❞✐s❝r❡t❡ ❧♦❣❛r✐t❤♠s ✻✹ ✶✷✽ ✷✺✻ ✺✶✷ ✶✵✷✹ � �� � � �� � s♦❧✈❡❞ ❜② r❡s✉❧ts ✐♠♣❧✐❝✐t❧② ✉s❡❞✱ ❘♦❣❛✇❛② ❬❘♦❣✵✹❪ ❡✳❣✳✱ ❜② Prøst ✭✷✵✶✹✮ � �� � s♦❧✈❡❞ ❜② ●r❛♥❣❡r ❡t ❛❧✳ ❬●❏▼◆✶✻❪ ✷✺ ✴ ✹✽

  53. ❆♣♣❧✐❝❛t✐♦♥ t♦ ❆❊✿ ❖PP A 0 A 1 A a –1 ⊕ M i M 0 M 1 M d –1 ϕ 0 ( L ) ϕ 1 ( L ) ϕ a –1 ( L ) ϕ 2 ◦ ϕ 2 1 ◦ ϕ d –1 ( L ) ϕ 2 ◦ ϕ 0 ( L ) ϕ 2 ◦ ϕ 1 ( L ) ϕ 2 ◦ ϕ d –1 ( L ) P P P P P P P ϕ 0 ( L ) ϕ 1 ( L ) ϕ a –1 ( L ) ϕ 2 ◦ ϕ 2 1 ◦ ϕ d –1 ( L ) ϕ 2 ◦ ϕ 0 ( L ) ϕ 2 ◦ ϕ 1 ( L ) ϕ 2 ◦ ϕ d –1 ( L ) C 1 C 2 C d L = P ( N � k ) T ϕ 1 = ϕ ⊕ id , ϕ 2 = ϕ 2 ⊕ ϕ ⊕ id • ❖✛s❡t P✉❜❧✐❝ P❡r♠✉t❛t✐♦♥ ✭❖PP✮ • ●❡♥❡r❛❧✐③❛t✐♦♥ ♦❢ ❖❈❇✸✿ • P❡r♠✉t❛t✐♦♥✲❜❛s❡❞ • ▼♦r❡ ❡✣❝✐❡♥t ▼❊▼ ♠❛s❦✐♥❣ • ❙❡❝✉r✐t② ❛❣❛✐♥st ♥♦♥❝❡✲r❡s♣❡❝t✐♥❣ ❛❞✈❡rs❛r✐❡s • ✵✳✺✺ ❝♣❜ ✇✐t❤ r❡❞✉❝❡❞✲r♦✉♥❞ ❇▲❆❑❊✷❜ ✷✻ ✴ ✹✽

  54. ❆♣♣❧✐❝❛t✐♦♥ t♦ ❆❊✿ ▼❘❖ T � 0 T � d –1 A 0 A a –1 M 0 M d –1 | A |�| M | ϕ 0 ( L ) ϕ a –1 ( L ) ϕ 1 ◦ ϕ 0 ( L ) ϕ 1 ◦ ϕ d –1 ( L ) ϕ 2 ( L ) ϕ 2 ( L ) P P P P P P ϕ 0 ( L ) ϕ a –1 ( L ) ϕ 1 ◦ ϕ 0 ( L ) ϕ 1 ◦ ϕ d –1 ( L ) ϕ 2 ( L ) ⊕ M 0 ϕ 2 ( L ) ⊕ M d –1 ϕ 2 1 ( L ) C 1 C d L = P ( N � k ) P ϕ 1 = ϕ ⊕ id , ϕ 2 = ϕ 2 ⊕ ϕ ⊕ id ϕ 2 1 ( L ) T • ▼✐s✉s❡✲❘❡s✐st❛♥t ❖PP ✭▼❘❖✮ • ❋✉❧❧② ♥♦♥❝❡✲♠✐s✉s❡ r❡s✐st❛♥t ✈❡rs✐♦♥ ♦❢ ❖PP • ✶✳✵✻ ❝♣❜ ✇✐t❤ r❡❞✉❝❡❞✲r♦✉♥❞ ❇▲❆❑❊✷❜ ✷✼ ✴ ✹✽

  55. ❖✉t❧✐♥❡ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ • ■♠♣r♦✈❡❞ ❆tt❛❝❦ • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ ❈♦♥❝❧✉s✐♦♥ ✷✽ ✴ ✹✽

  56. ■❢ ✐s ❧❛r❣❡ ❡♥♦✉❣❤ ♥♦ ♣r♦❜❧❡♠ ■❢ ✐s s♠❛❧❧ ✏❜❡②♦♥❞ ❜✐rt❤❞❛② ❜♦✉♥❞✑ s♦❧✉t✐♦♥s ❚✇❡❛❦✲r❡❦❡②✐♥❣ ❬▼✐♥✵✾✱▼❡♥✶✺✱❲●❩✰✶✻✱❏▲▼✰✶✼✱▲▲✶✽❪ ❈❛s❝❛❞✐♥❣ ✭♥♦✇✮ ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs f 1 ( t ) f 2 ( t ) E k /P m c • ✏❇✐rt❤❞❛② ❜♦✉♥❞✑ 2 n/ 2 s❡❝✉r✐t② ❛t ❜❡st • ❖✈❡r❧②✐♥❣ ♠♦❞❡s ✐♥❤❡r✐t s❡❝✉r✐t② ❜♦✉♥❞ ✷✾ ✴ ✹✽

  57. ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs f 1 ( t ) f 2 ( t ) E k /P m c • ✏❇✐rt❤❞❛② ❜♦✉♥❞✑ 2 n/ 2 s❡❝✉r✐t② ❛t ❜❡st • ❖✈❡r❧②✐♥❣ ♠♦❞❡s ✐♥❤❡r✐t s❡❝✉r✐t② ❜♦✉♥❞ • ■❢ n ✐s ❧❛r❣❡ ❡♥♦✉❣❤ − → ♥♦ ♣r♦❜❧❡♠ • ■❢ n ✐s s♠❛❧❧ − → ✏❜❡②♦♥❞ ❜✐rt❤❞❛② ❜♦✉♥❞✑ s♦❧✉t✐♦♥s • ❚✇❡❛❦✲r❡❦❡②✐♥❣ ❬▼✐♥✵✾✱▼❡♥✶✺✱❲●❩✰✶✻✱❏▲▼✰✶✼✱▲▲✶✽❪ • ❈❛s❝❛❞✐♥❣ ✭♥♦✇✮ ✷✾ ✴ ✹✽

  58. ✿ s❡❝✉r❡ ✉♣ t♦ q✉❡r✐❡s ❬▲❙❚✶✷✱Pr♦✶✹❪ ❡✈❡♥✿ s❡❝✉r❡ ✉♣ t♦ q✉❡r✐❡s ❬▲❙✶✸❪ ❇❡st ❛tt❛❝❦✿ q✉❡r✐❡s ❈❛s❝❛❞✐♥❣ LRW 2 ✬s h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h ρ − 1 ( t ) ⊕ h ρ ( t ) h ρ ( t ) m E k 1 E k 2 E k ρ c · · · · · · • LRW 2 [ ρ ] ✿ ❝♦♥❝❛t❡♥❛t✐♦♥ ♦❢ ρ LRW 2 ✬s ✏❈❛s❝❛❞❡❞ LRW 2 ✑ • k 1 , . . . , k ρ ❛♥❞ h 1 , . . . , h ρ ✐♥❞❡♣❡♥❞❡♥t ❂ LRW 2 [2] ✸✵ ✴ ✹✽

  59. ❈❛s❝❛❞✐♥❣ LRW 2 ✬s h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h ρ − 1 ( t ) ⊕ h ρ ( t ) h ρ ( t ) m E k 1 E k 2 E k ρ c · · · · · · • LRW 2 [ ρ ] ✿ ❝♦♥❝❛t❡♥❛t✐♦♥ ♦❢ ρ LRW 2 ✬s ✏❈❛s❝❛❞❡❞ LRW 2 ✑ • k 1 , . . . , k ρ ❛♥❞ h 1 , . . . , h ρ ✐♥❞❡♣❡♥❞❡♥t ❂ LRW 2 [2] • ρ = 2 ✿ s❡❝✉r❡ ✉♣ t♦ 2 2 n/ 3 q✉❡r✐❡s ❬▲❙❚✶✷✱Pr♦✶✹❪ • ρ ≥ 2 ❡✈❡♥✿ s❡❝✉r❡ ✉♣ t♦ 2 ρn/ ( ρ +2) q✉❡r✐❡s ❬▲❙✶✸❪ • ❇❡st ❛tt❛❝❦✿ 2 n q✉❡r✐❡s ✸✵ ✴ ✹✽

  60. ✿ s❡❝✉r❡ ✉♣ t♦ q✉❡r✐❡s ❬❈▲❙✶✺❪ ❡✈❡♥✿ s❡❝✉r❡ ✉♣ t♦ q✉❡r✐❡s ❬❈▲❙✶✺❪ ❇❡st ❛tt❛❝❦✿ q✉❡r✐❡s ❬❇❑▲✰✶✷❪ ❈❛s❝❛❞✐♥❣ ❚❊▼✬s h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h ρ − 1 ( t ) ⊕ h ρ ( t ) h ρ ( t ) m P 1 P 2 P ρ c · · · · · · • TEM [ ρ ] ✿ ❝♦♥❝❛t❡♥❛t✐♦♥ ♦❢ ρ TEM ✬s • P 1 , . . . , P ρ ❛♥❞ h 1 , . . . , h ρ ✐♥❞❡♣❡♥❞❡♥t ✸✶ ✴ ✹✽

  61. ❈❛s❝❛❞✐♥❣ ❚❊▼✬s h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h ρ − 1 ( t ) ⊕ h ρ ( t ) h ρ ( t ) m P 1 P 2 P ρ c · · · · · · • TEM [ ρ ] ✿ ❝♦♥❝❛t❡♥❛t✐♦♥ ♦❢ ρ TEM ✬s • P 1 , . . . , P ρ ❛♥❞ h 1 , . . . , h ρ ✐♥❞❡♣❡♥❞❡♥t • ρ = 2 ✿ s❡❝✉r❡ ✉♣ t♦ 2 2 n/ 3 q✉❡r✐❡s ❬❈▲❙✶✺❪ • ρ ≥ 2 ❡✈❡♥✿ s❡❝✉r❡ ✉♣ t♦ 2 ρn/ ( ρ +2) q✉❡r✐❡s ❬❈▲❙✶✺❪ • ❇❡st ❛tt❛❝❦✿ 2 ρn/ ( ρ +1) q✉❡r✐❡s ❬❇❑▲✰✶✷❪ ✸✶ ✴ ✹✽

  62. ■♠♣r♦✈❡❞ ✐♥ ❬▼❡♥✶✽❪ n/ 2 2 n/ 3 3 n/ 4 5 n/ 6 n ❙t❛t❡ ♦❢ t❤❡ ❆rt LRW 2 [1] LRW 2 [2] ❣❛♣ LRW 2 [3] ❣❛♣ LRW 2 [4] ❣❛♣ LRW 2 [5] ❣❛♣ LRW 2 [6] ❣❛♣ LRW 2 [7] ❣❛♣ LRW 2 [8] ❣❛♣ LRW 2 [9] ❣❛♣ ❣❛♣ LRW 2 [10] ❣❛♣ LRW 2 [11] n/ 2 2 n/ 3 3 n/ 4 5 n/ 6 n TEM [1] TEM [2] TEM [3] ❣❛♣ TEM [4] ❣❛♣ TEM [5] ❣❛♣ ❣❛♣ TEM [6] TEM [7] ❣❛♣ TEM [8] ❣❛♣ TEM [9] ❣❛♣ TEM [10] ❣❛♣ ❣❛♣ TEM [11] ✸✷ ✴ ✹✽

  63. n/ 2 2 n/ 3 3 n/ 4 5 n/ 6 n ❙t❛t❡ ♦❢ t❤❡ ❆rt LRW 2 [1] LRW 2 [2] ❣❛♣ → LRW 2 [3] ❣❛♣ − LRW 2 [4] ❣❛♣ − LRW 2 [5] ❣❛♣ LRW 2 [6] ❣❛♣ ■♠♣r♦✈❡❞ LRW 2 [7] ❣❛♣ ✐♥ ❬▼❡♥✶✽❪ LRW 2 [8] ❣❛♣ LRW 2 [9] ❣❛♣ ❣❛♣ LRW 2 [10] ❣❛♣ LRW 2 [11] n/ 2 2 n/ 3 3 n/ 4 5 n/ 6 n TEM [1] TEM [2] TEM [3] ❣❛♣ TEM [4] ❣❛♣ TEM [5] ❣❛♣ ❣❛♣ TEM [6] TEM [7] ❣❛♣ TEM [8] ❣❛♣ TEM [9] ❣❛♣ TEM [10] ❣❛♣ ❣❛♣ TEM [11] ✸✷ ✴ ✹✽

  64. ❖✉t❧✐♥❡ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ • ■♠♣r♦✈❡❞ ❆tt❛❝❦ • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ ❈♦♥❝❧✉s✐♦♥ ✸✸ ✴ ✹✽

  65. ✐♠♣r♦✈❡❞ ❜♦✉♥❞ ✭❝♦♥❞✐t✐♦♥❛❧❧②✮ ✐♠♣r♦✈❡❞ ❛tt❛❝❦ ✭❣❡♥❡r❛❧✐③❡❞ ❝♦♥str✉❝t✐♦♥✮ ❝❛rr✐❡s ♦✈❡r t♦ ✕ ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h 2 ( t ) m E k 1 E k 2 c n/ 2 2 n/ 3 3 n/ 4 n ❣❛♣ ✸✹ ✴ ✹✽

  66. ✐♠♣r♦✈❡❞ ❜♦✉♥❞ ✭❝♦♥❞✐t✐♦♥❛❧❧②✮ ❝❛rr✐❡s ♦✈❡r t♦ ✕ ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h 2 ( t ) m E k 1 E k 2 c n/ 2 2 n/ 3 3 n/ 4 n ❣❛♣ ✐♠♣r♦✈❡❞ ❛tt❛❝❦ ✭❣❡♥❡r❛❧✐③❡❞ ❝♦♥str✉❝t✐♦♥✮ ✸✹ ✴ ✹✽

  67. ❝❛rr✐❡s ♦✈❡r t♦ ✕ ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h 2 ( t ) m E k 1 E k 2 c n/ 2 2 n/ 3 3 n/ 4 n ✐♠♣r♦✈❡❞ ❜♦✉♥❞ ✭❝♦♥❞✐t✐♦♥❛❧❧②✮ ✐♠♣r♦✈❡❞ ❛tt❛❝❦ ✭❣❡♥❡r❛❧✐③❡❞ ❝♦♥str✉❝t✐♦♥✮ ✸✹ ✴ ✹✽

  68. ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h 2 ( t ) m E k 1 E k 2 c n/ 2 2 n/ 3 3 n/ 4 n ✐♠♣r♦✈❡❞ ❜♦✉♥❞ ✭❝♦♥❞✐t✐♦♥❛❧❧②✮ ✐♠♣r♦✈❡❞ ❛tt❛❝❦ ✭❣❡♥❡r❛❧✐③❡❞ ❝♦♥str✉❝t✐♦♥✮ ❝❛rr✐❡s ♦✈❡r t♦ LRW 2 [3] ✕ LRW 2 [5] ✸✹ ✴ ✹✽

  69. ❖✉t❧✐♥❡ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ • ■♠♣r♦✈❡❞ ❆tt❛❝❦ • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ ❈♦♥❝❧✉s✐♦♥ ✸✺ ✴ ✹✽

  70. ●❡♥❡r✐❝ ❞✐st✐♥❣✉✐s❤✐♥❣ ❛tt❛❝❦ ✐♥ ❡✈❛❧✉❛t✐♦♥s ■♠♣r♦✈❡❞ ❆tt❛❝❦ • GCL ✭●❡♥❡r❛❧✐③❡❞ ❈❛s❝❛❞❡❞ LRW 2 ✮✿ f 1 ( t ) f 2 ( t ) f 3 ( t ) m E k 1 E k 2 c • f i ❛r❡ ❛r❜✐tr❛r② ❢✉♥❝t✐♦♥s • p i := E k i ❛r❡ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥s ✸✻ ✴ ✹✽

  71. ■♠♣r♦✈❡❞ ❆tt❛❝❦ • GCL ✭●❡♥❡r❛❧✐③❡❞ ❈❛s❝❛❞❡❞ LRW 2 ✮✿ f 1 ( t ) f 2 ( t ) f 3 ( t ) m E k 1 E k 2 c • f i ❛r❡ ❛r❜✐tr❛r② ❢✉♥❝t✐♦♥s • p i := E k i ❛r❡ r❛♥❞♦♠ ♣❡r♠✉t❛t✐♦♥s ●❡♥❡r✐❝ ❞✐st✐♥❣✉✐s❤✐♥❣ ❛tt❛❝❦ ✐♥ 2 n 1 / 2 2 3 n/ 4 ❡✈❛❧✉❛t✐♦♥s ✸✻ ✴ ✹✽

  72. ❙✉♣♣♦s❡ ✐t ♠❛❦❡s q✉❡r✐❡s s✉❝❤ t❤❛t ◆❡❝❡ss❛r✐❧②✱ ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❉✐st✐♥❣✉✐s❤❡r D ♠❛❦❡s ✈❛r✐♦✉s q✉❡r✐❡s ❢♦r t✇♦ ❞✐✛❡r❡♥t t✇❡❛❦s✿ t ❛♥❞ t ′ m 1 p 1 p 2 c 1 f 1 ( t ) f 2 ( t ) f 3 ( t ) m 3 p 1 p 2 c 3 m ′ p 1 p 2 c ′ 2 2 f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ 4 4 ✸✼ ✴ ✹✽

  73. ◆❡❝❡ss❛r✐❧②✱ ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❉✐st✐♥❣✉✐s❤❡r D ♠❛❦❡s ✈❛r✐♦✉s q✉❡r✐❡s ❢♦r t✇♦ ❞✐✛❡r❡♥t t✇❡❛❦s✿ t ❛♥❞ t ′ • ❙✉♣♣♦s❡ ✐t ♠❛❦❡s 4 q✉❡r✐❡s s✉❝❤ t❤❛t m 1 p 1 p 2 c 1 m 1 ⊕ f 1 ( t ) = m ′ 2 ⊕ f 1 ( t ′ ) f 1 ( t ) f 2 ( t ) f 3 ( t ) c ′ 2 ⊕ f 3 ( t ′ ) = c 3 ⊕ f 3 ( t ) m 3 p 1 p 2 c 3 m 3 ⊕ f 1 ( t ) = m ′ 4 ⊕ f 1 ( t ′ ) m ′ p 1 p 2 c ′ 2 2 f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ 4 4 ✸✼ ✴ ✹✽

  74. ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❉✐st✐♥❣✉✐s❤❡r D ♠❛❦❡s ✈❛r✐♦✉s q✉❡r✐❡s ❢♦r t✇♦ ❞✐✛❡r❡♥t t✇❡❛❦s✿ t ❛♥❞ t ′ • ❙✉♣♣♦s❡ ✐t ♠❛❦❡s 4 q✉❡r✐❡s s✉❝❤ t❤❛t m 1 p 1 p 2 c 1 m 1 ⊕ f 1 ( t ) = m ′ 2 ⊕ f 1 ( t ′ ) f 1 ( t ) f 2 ( t ) f 3 ( t ) c ′ 2 ⊕ f 3 ( t ′ ) = c 3 ⊕ f 3 ( t ) m 3 p 1 p 2 c 3 m 3 ⊕ f 1 ( t ) = m ′ 4 ⊕ f 1 ( t ′ ) • ◆❡❝❡ss❛r✐❧②✱ m ′ p 1 p 2 c ′ 2 2 c 1 ⊕ f 3 ( t ) = c ′ 4 ⊕ f 3 ( t ′ ) f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ 4 4 ✸✼ ✴ ✹✽

  75. ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❉✐st✐♥❣✉✐s❤❡r D ♠❛❦❡s ✈❛r✐♦✉s q✉❡r✐❡s ❢♦r t✇♦ ❞✐✛❡r❡♥t t✇❡❛❦s✿ t ❛♥❞ t ′ • ❙✉♣♣♦s❡ ✐t ♠❛❦❡s 4 q✉❡r✐❡s s✉❝❤ t❤❛t m 1 p 1 p 2 c 1 m 1 ⊕ f 1 ( t ) = m ′ 2 ⊕ f 1 ( t ′ ) f 1 ( t ) f 2 ( t ) f 3 ( t ) c ′ 2 ⊕ f 3 ( t ′ ) = c 3 ⊕ f 3 ( t ) m 3 p 1 p 2 c 3 m 3 ⊕ f 1 ( t ) = m ′ 4 ⊕ f 1 ( t ′ ) • ◆❡❝❡ss❛r✐❧②✱ m ′ p 1 p 2 c ′ 2 2 c 1 ⊕ f 3 ( t ) = c ′ 4 ⊕ f 3 ( t ′ ) f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ • ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ 4 4 m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = f 1 ( t ) ⊕ f 1 ( t ′ ) c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 = f 3 ( t ) ⊕ f 3 ( t ′ ) ✸✼ ✴ ✹✽

  76. ❇✉t ❞♦❡s ♥♦t ❦♥♦✇ ❈❤♦♦s❡ t❤❡ ✬s ❛♥❞ ✬s s✉❝❤ t❤❛t ❢♦r ❛♥② ✱ t❤❡r❡ ❛r❡ q✉❛❞r✉♣❧❡s s✉❝❤ t❤❛t ✭❝♦sts q✉❡r✐❡s ❢♦r ❜♦t❤ ❛♥❞ ✮ s♦❧✉t✐♦♥s t♦ ❄ ✐❢ ✱ ♦t❤❡r✇✐s❡ ❊①t❡♥❞ t❤❡ ♥✉♠❜❡r ♦❢ q✉❡r✐❡s ❜② ❢❛❝t♦r t♦ ❡❧✐♠✐♥❛t❡ ❢❛❧s❡ ♣♦s✐t✐✈❡s ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = f 1 ( t ) ⊕ f 1 ( t ′ ) c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 = f 3 ( t ) ⊕ f 3 ( t ′ ) m 1 p 1 p 2 c 1 f 1 ( t ) f 2 ( t ) f 3 ( t ) m 3 p 1 p 2 c 3 m ′ p 1 p 2 c ′ 2 2 f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ 4 4 ✸✽ ✴ ✹✽

  77. ❈❤♦♦s❡ t❤❡ ✬s ❛♥❞ ✬s s✉❝❤ t❤❛t ❢♦r ❛♥② ✱ t❤❡r❡ ❛r❡ q✉❛❞r✉♣❧❡s s✉❝❤ t❤❛t ✭❝♦sts q✉❡r✐❡s ❢♦r ❜♦t❤ ❛♥❞ ✮ s♦❧✉t✐♦♥s t♦ ❄ ✐❢ ✱ ♦t❤❡r✇✐s❡ ❊①t❡♥❞ t❤❡ ♥✉♠❜❡r ♦❢ q✉❡r✐❡s ❜② ❢❛❝t♦r t♦ ❡❧✐♠✐♥❛t❡ ❢❛❧s❡ ♣♦s✐t✐✈❡s ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = f 1 ( t ) ⊕ f 1 ( t ′ ) c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 = f 3 ( t ) ⊕ f 3 ( t ′ ) m 1 p 1 p 2 c 1 f 1 ( t ) f 2 ( t ) f 3 ( t ) • ❇✉t D ❞♦❡s ♥♦t ❦♥♦✇ f 1 ( t ) ⊕ f 1 ( t ′ ) m 3 p 1 p 2 c 3 m ′ p 1 p 2 c ′ 2 2 f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ 4 4 ✸✽ ✴ ✹✽

  78. s♦❧✉t✐♦♥s t♦ ❄ ✐❢ ✱ ♦t❤❡r✇✐s❡ ❊①t❡♥❞ t❤❡ ♥✉♠❜❡r ♦❢ q✉❡r✐❡s ❜② ❢❛❝t♦r t♦ ❡❧✐♠✐♥❛t❡ ❢❛❧s❡ ♣♦s✐t✐✈❡s ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = f 1 ( t ) ⊕ f 1 ( t ′ ) c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 = f 3 ( t ) ⊕ f 3 ( t ′ ) m 1 p 1 p 2 c 1 f 1 ( t ) f 2 ( t ) f 3 ( t ) • ❇✉t D ❞♦❡s ♥♦t ❦♥♦✇ f 1 ( t ) ⊕ f 1 ( t ′ ) m 3 p 1 p 2 c 3 • ❈❤♦♦s❡ t❤❡ m i ✬s ❛♥❞ m ′ i ✬s s✉❝❤ t❤❛t ❢♦r ❛♥② d ✱ t❤❡r❡ ❛r❡ 2 n q✉❛❞r✉♣❧❡s s✉❝❤ t❤❛t m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = d m ′ p 1 p 2 c ′ 2 2 ✭❝♦sts 2 3 n/ 4 q✉❡r✐❡s ❢♦r ❜♦t❤ t ❛♥❞ t ′ ✮ f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) m ′ p 1 p 2 c ′ 4 4 ✸✽ ✴ ✹✽

  79. ❊①t❡♥❞ t❤❡ ♥✉♠❜❡r ♦❢ q✉❡r✐❡s ❜② ❢❛❝t♦r t♦ ❡❧✐♠✐♥❛t❡ ❢❛❧s❡ ♣♦s✐t✐✈❡s ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = f 1 ( t ) ⊕ f 1 ( t ′ ) c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 = f 3 ( t ) ⊕ f 3 ( t ′ ) m 1 p 1 p 2 c 1 f 1 ( t ) f 2 ( t ) f 3 ( t ) • ❇✉t D ❞♦❡s ♥♦t ❦♥♦✇ f 1 ( t ) ⊕ f 1 ( t ′ ) m 3 p 1 p 2 c 3 • ❈❤♦♦s❡ t❤❡ m i ✬s ❛♥❞ m ′ i ✬s s✉❝❤ t❤❛t ❢♦r ❛♥② d ✱ t❤❡r❡ ❛r❡ 2 n q✉❛❞r✉♣❧❡s s✉❝❤ t❤❛t m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = d m ′ p 1 p 2 c ′ 2 2 ✭❝♦sts 2 3 n/ 4 q✉❡r✐❡s ❢♦r ❜♦t❤ t ❛♥❞ t ′ ✮ f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) • E [ s♦❧✉t✐♦♥s t♦ c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 ] ❄ m ′ p 1 p 2 c ′ 2 ✐❢ d = f 1 ( t ) ⊕ f 1 ( t ′ ) ✱ 1 ♦t❤❡r✇✐s❡ 4 4 ✸✽ ✴ ✹✽

  80. ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❘❛t✐♦♥❛❧❡ • ❙t❛t❡❞ ❞✐✛❡r❡♥t❧②✿ m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = f 1 ( t ) ⊕ f 1 ( t ′ ) c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 = f 3 ( t ) ⊕ f 3 ( t ′ ) m 1 p 1 p 2 c 1 f 1 ( t ) f 2 ( t ) f 3 ( t ) • ❇✉t D ❞♦❡s ♥♦t ❦♥♦✇ f 1 ( t ) ⊕ f 1 ( t ′ ) m 3 p 1 p 2 c 3 • ❈❤♦♦s❡ t❤❡ m i ✬s ❛♥❞ m ′ i ✬s s✉❝❤ t❤❛t ❢♦r ❛♥② d ✱ t❤❡r❡ ❛r❡ 2 n q✉❛❞r✉♣❧❡s s✉❝❤ t❤❛t m 1 ⊕ m ′ 2 = m 3 ⊕ m ′ 4 = d m ′ p 1 p 2 c ′ 2 2 ✭❝♦sts 2 3 n/ 4 q✉❡r✐❡s ❢♦r ❜♦t❤ t ❛♥❞ t ′ ✮ f 1 ( t ′ ) f 2 ( t ′ ) f 3 ( t ′ ) • E [ s♦❧✉t✐♦♥s t♦ c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 ] ❄ m ′ p 1 p 2 c ′ 2 ✐❢ d = f 1 ( t ) ⊕ f 1 ( t ′ ) ✱ 1 ♦t❤❡r✇✐s❡ 4 4 • ❊①t❡♥❞ t❤❡ ♥✉♠❜❡r ♦❢ q✉❡r✐❡s ❜② ❢❛❝t♦r n 1 / 2 t♦ ❡❧✐♠✐♥❛t❡ ❢❛❧s❡ ♣♦s✐t✐✈❡s ✸✽ ✴ ✹✽

  81. ❊①♣❡r✐♠❡♥t❛❧ ❱❡r✐✜❝❛t✐♦♥ ❙♠❛❧❧✲s❝❛❧❡ ✐♠♣❧❡♠❡♥t❛t✐♦♥ ❢♦r ✐s t❤❡ ♥✉♠❜❡r ♦❢ ❤✐ts ✐♥ r❡❛❧ ✇♦r❧❞ ❢♦r ✐♥ ✐❞❡❛❧ ✇♦r❧❞ ❢♦r r❛♥❞♦♠ r❛♥❞♦♠ ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❱❡r✐✜❝❛t✐♦♥ ❚❤❡♦r❡t✐❝❛❧ ❱❡r✐✜❝❛t✐♦♥ • ❆ss✉♠✐♥❣ n ≥ 27 ✱ t❤❡ s✉❝❝❡ss ♣r♦❜❛❜✐❧✐t② ♦❢ D ✐s ❛t ❧❡❛st 1 / 2 � � � � π = 1 D � E k = 1 D � • ❆♥❛❧②s✐s ❝♦♥s✐sts ♦❢ ♣r♦♣❡r❧② ❜♦✉♥❞✐♥❣ Pr ❛♥❞ Pr ✸✾ ✴ ✹✽

  82. ■♠♣r♦✈❡❞ ❆tt❛❝❦✿ ❱❡r✐✜❝❛t✐♦♥ ❚❤❡♦r❡t✐❝❛❧ ❱❡r✐✜❝❛t✐♦♥ • ❆ss✉♠✐♥❣ n ≥ 27 ✱ t❤❡ s✉❝❝❡ss ♣r♦❜❛❜✐❧✐t② ♦❢ D ✐s ❛t ❧❡❛st 1 / 2 � � � � π = 1 D � E k = 1 D � • ❆♥❛❧②s✐s ❝♦♥s✐sts ♦❢ ♣r♦♣❡r❧② ❜♦✉♥❞✐♥❣ Pr ❛♥❞ Pr ❊①♣❡r✐♠❡♥t❛❧ ❱❡r✐✜❝❛t✐♦♥ • ❙♠❛❧❧✲s❝❛❧❡ ✐♠♣❧❡♠❡♥t❛t✐♦♥ ❢♦r n = 16 , 20 , 24 • N d ✐s t❤❡ ♥✉♠❜❡r ♦❢ ❤✐ts c ′ 2 ⊕ c 3 = c 1 ⊕ c ′ 4 N d ✐♥ r❡❛❧ ✇♦r❧❞ ❢♦r d = N d ✐♥ ✐❞❡❛❧ ✇♦r❧❞ ❢♦r d = n 1 / 2 ≈ f 1 ( t ) ⊕ f 1 ( t ′ ) f 1 ( t ) ⊕ f 1 ( t ′ ) n q r❛♥❞♦♠ r❛♥❞♦♠ 4 · 2 12 16 2 256 . 593750 129 . 781250 127 . 093750 127 . 375000 4 · 2 15 20 2 265 . 531250 133 . 312500 125 . 625000 128 . 750000 4 · 2 18 24 2 246 . 750000 131 . 375000 120 . 625000 129 . 875000 ✸✾ ✴ ✹✽

  83. ❖✉t❧✐♥❡ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs ❇❛s❡❞ ♦♥ ▼❛s❦✐♥❣ • ■♥t✉✐t✐♦♥ • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ■♠♣r♦✈❡❞ ❊✣❝✐❡♥❝② ❇❡②♦♥❞ ❇✐rt❤❞❛② ❇♦✉♥❞ ❚✇❡❛❦❛❜❧❡ ❇❧♦❝❦❝✐♣❤❡rs • ❙t❛t❡ ♦❢ t❤❡ ❆rt • ❚✐❣❤t ❙❡❝✉r✐t② ♦❢ ❈❛s❝❛❞❡❞ LRW 2 ❄ • ■♠♣r♦✈❡❞ ❆tt❛❝❦ • ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ ❈♦♥❝❧✉s✐♦♥ ✹✵ ✴ ✹✽

  84. ❈❛s❝❛❞❡❞ ✐s s❡❝✉r❡ ✉♣ t♦ ❡✈❛❧✉❛t✐♦♥s ■♠♣r♦✈❡❞ ❙❡❝✉r✐t② ❇♦✉♥❞ • ❈❛s❝❛❞❡❞ LRW 2 ✿ h 1 ( t ) h 1 ( t ) ⊕ h 2 ( t ) h 2 ( t ) m E k 1 E k 2 c • E k i ❛r❡ ❙P❘P✲s❡❝✉r❡ • h i ❛r❡ 4 ✲✇✐s❡ ✐♥❞❡♣❡♥❞❡♥t ❳❖❘✲✉♥✐✈❡rs❛❧ ❤❛s❤ • ◆♦ t✇❡❛❦ ✐s q✉❡r✐❡❞ ♠♦r❡ t❤❛♥ 2 n/ 4 t✐♠❡s ✹✶ ✴ ✹✽

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

rt sr ts

rt sr ts

rt sr ts rs t rt s rrr r rt

1.66k views • 112 slides
Cryptanalysis of AES-PRF and Its Dual Patrick Derbez 1 Tetsu Iwata 2 Ling Sun 3 , 4 Siwei Sun 5

Cryptanalysis of AES-PRF and Its Dual Patrick Derbez 1 Tetsu Iwata 2 Ling Sun 3 , 4 Siwei Sun 5

Motivation Preliminary Overview Attacks on AES-PRF Attacks on Dual-AES-PRF Conclusion Cryptanalysis of AES-PRF and Its Dual Patrick Derbez 1 Tetsu Iwata 2 Ling Sun 3 , 4 Siwei Sun 5 Yosuke Todo 6 Haoyang Wang 4 Meiqin Wang 3 1. Univ Rennes,

534 views • 25 slides
Spatiotemporal Pattern Extraction by Spectral Analysis of Vector-valued Observables Dimitris

Spatiotemporal Pattern Extraction by Spectral Analysis of Vector-valued Observables Dimitris

Spatiotemporal Pattern Extraction by Spectral Analysis of Vector-valued Observables Dimitris Giannakis Center for Atmosphere Ocean Science Courant Institute of Mathematical Sciences New York University Geometry and Topology of Data ICERM,

845 views • 25 slides
Elders in Public Housing: Elders in Public Housing: An opportunity for prevention An opportunity

Elders in Public Housing: Elders in Public Housing: An opportunity for prevention An opportunity

Elders in Public Housing: Elders in Public Housing: An opportunity for prevention An opportunity for prevention Judith A. Jones, DDS, MPH, DScD Judith A. Jones, DDS, MPH, DScD Professor and Chair Professor and Chair Department of General

280 views • 9 slides
Possible Worlds, The Lewis Principle, and the Myth of a Large Ontology Edward N. Zalta CSLI,

Possible Worlds, The Lewis Principle, and the Myth of a Large Ontology Edward N. Zalta CSLI,

Context Object Theory Computational Models Full Models Smallest Model Observations Bibliography Possible Worlds, The Lewis Principle, and the Myth of a Large Ontology Edward N. Zalta CSLI, Stanford University zalta@stanford.edu

300 views • 26 slides
How to use Statas sem command with nonnormal data? A new nonnormality correction for the

How to use Statas sem command with nonnormal data? A new nonnormality correction for the

How to use Statas sem command with nonnormal data? A new nonnormality correction for the RMSEA, CFI and TLI Meeting of the German Stata Users Group at the Ludwig-Maximilians Universitt, 24th May, 2019 ? All models are false, but some are

696 views • 42 slides
Bayesian inference & Markov chain Monte Carlo Note 1: Many slides for this lecture were kindly

Bayesian inference & Markov chain Monte Carlo Note 1: Many slides for this lecture were kindly

Bayesian inference & Markov chain Monte Carlo Note 1: Many slides for this lecture were kindly provided by Paul Lewis and Mark Holder Note 2: Paul Lewis has written nice software for demonstrating Markov chain Monte Carlo idea. Software is

781 views • 62 slides
CMB and Kinetic Inductance Detectors Clarence Chang ANL & KICP MKIDs & Cosmology

CMB and Kinetic Inductance Detectors Clarence Chang ANL & KICP MKIDs & Cosmology

CMB and Kinetic Inductance Detectors Clarence Chang ANL & KICP MKIDs & Cosmology Workshop FNAL August 26-27, 2013 Outline Quick (and incomplete) overview of CMB science Key concepts for CMB technology Current &

570 views • 40 slides
Address Subcommittee Meeting August 14, 2019 11:00 am 12:30 pm Eastern US Department of

Address Subcommittee Meeting August 14, 2019 11:00 am 12:30 pm Eastern US Department of

Address Subcommittee Meeting August 14, 2019 11:00 am 12:30 pm Eastern US Department of Transportation Meeting Agenda 1. Welcome and Introductions/Roll Call 2. NAD Updates Steve Lewis 3. Address Content Subgroup Recommendations for the

681 views • 31 slides
NEW ZEALAND NEW ZEALAND NEW ZEALAND NEW ZEALAND AND THE WOODY ALLEN AND THE WOODY ALLEN AND

NEW ZEALAND NEW ZEALAND NEW ZEALAND NEW ZEALAND AND THE WOODY ALLEN AND THE WOODY ALLEN AND

NEW ZEALAND NEW ZEALAND NEW ZEALAND NEW ZEALAND AND THE WOODY ALLEN AND THE WOODY ALLEN AND THE WOODY ALLEN AND THE WOODY ALLEN SYNDROME SYNDROME SYNDROME SYNDROME by by SEBASTIAN EDWARDS SEBASTIAN EDWARDS University of California,

555 views • 22 slides
Shared Decision Making May 18, 2015 1:00 p.m. 2:30 p.m. ET Sponsored by: Agency for

Shared Decision Making May 18, 2015 1:00 p.m. 2:30 p.m. ET Sponsored by: Agency for

Overcoming Barriers To Shared Decision Making May 18, 2015 1:00 p.m. 2:30 p.m. ET Sponsored by: Agency for Healthcare Research and Quality (AHRQ) 1 Presenters and moderator disclosures The following presenters and moderator have no

938 views • 79 slides
QC-MDPC: A Timing Attack and a CCA2 KEM PQCrypto April 9, 2018 Edward Eaton 1 , Matthieu

QC-MDPC: A Timing Attack and a CCA2 KEM PQCrypto April 9, 2018 Edward Eaton 1 , Matthieu

QC-MDPC: A Timing Attack and a CCA2 KEM PQCrypto April 9, 2018 Edward Eaton 1 , Matthieu Lequesne 2,3 , Alex Parent 1 and Nicolas Sendrier 3 1 - ISARA Corporation, Waterloo, Canada 2 - Sorbonne Universit Paris, France 3 - Inria Paris,

1.05k views • 91 slides
A few thoughts on eee Chih-Hsiang Cheng, Bertrand Echenard, David Hitlin, Frank Porter

A few thoughts on eee Chih-Hsiang Cheng, Bertrand Echenard, David Hitlin, Frank Porter

A few thoughts on eee Chih-Hsiang Cheng, Bertrand Echenard, David Hitlin, Frank Porter California Institute of Technology Intensity frontier workshop Argonne April 2013 Probing Lorentz structure of New Physics Y. Okada et al. , PRD 61

325 views • 8 slides
802.1 Plenary July 2019 Vienna, Austria Closing Agenda John Messenger IEEE 802.1 Acting

802.1 Plenary July 2019 Vienna, Austria Closing Agenda John Messenger IEEE 802.1 Acting

802.1 Plenary July 2019 Vienna, Austria Closing Agenda John Messenger IEEE 802.1 Acting WG Chair JMessenger@advaoptical.com 802.1 plenary agenda Monday opening Thursday closing Call for Patents Call for Patents

1.36k views • 106 slides
DE1.3 - Electronics 1 TOPIC 1 Introducing the Module Prof Peter YK Cheung Dyson School of

DE1.3 - Electronics 1 TOPIC 1 Introducing the Module Prof Peter YK Cheung Dyson School of

Design Engineering Year 1 DE1.3 - Electronics 1 TOPIC 1 Introducing the Module Prof Peter YK Cheung Dyson School of Design Engineering Imperial College London URL: www.ee.ic.ac.uk/pcheung/teaching/DE1_EE/ E-mail: p.cheung@imperial.ac.uk

437 views • 6 slides
Model Theory of the Reflection Scheme Ali Enayat (+ Shahram Mohsenipour) Fifty Years of

Model Theory of the Reflection Scheme Ali Enayat (+ Shahram Mohsenipour) Fifty Years of

Model Theory of the Reflection Scheme Ali Enayat (+ Shahram Mohsenipour) Fifty Years of Generalized Quantifiers Warsaw, Banach Center, June 2007 The reflection principle for ZF : for any set theoretical formula ( x ) (possibly with

201 views • 19 slides
Wilkinsons Corrections and Role of Pseudoscalar Interactions in Neutron Beta Decays Andrey N.

Wilkinsons Corrections and Role of Pseudoscalar Interactions in Neutron Beta Decays Andrey N.

Wilkinsons Corrections and Role of Pseudoscalar Interactions in Neutron Beta Decays Andrey N. Ivanov TU Wien Atominstitut, Austria Amhest Center for Fundamental Interactions 17 May 2019 /USA A. N. Ivanov Current and Future Status of the

422 views • 15 slides
Coding and decoding with convolutional codes. The Viterbi Algorithm. J.-M. Brossier 2008 J.-M.

Coding and decoding with convolutional codes. The Viterbi Algorithm. J.-M. Brossier 2008 J.-M.

Convolutional encoding Finite State Machine Channel models The Viterbi algorithm Coding and decoding with convolutional codes. The Viterbi Algorithm. J.-M. Brossier 2008 J.-M. Brossier Coding and decoding with convolutional codes. The

1.37k views • 135 slides
M.Eng. PROGRAMME @ EEE presented by Goh Wei Jiuan Asst Director Graduate Research Programme

M.Eng. PROGRAMME @ EEE presented by Goh Wei Jiuan Asst Director Graduate Research Programme

M.Eng. PROGRAMME @ EEE presented by Goh Wei Jiuan Asst Director Graduate Research Programme Office School of Electrical and Electronic Engineering 17 Jan 2019 Welcome to School of EEE EEE Graduate PROGRAMMES Master of Engineering (M.Eng.)

660 views • 13 slides
First-class continuations call/cc, stack-passing CEK machines But first Assignment 2 e ::=

First-class continuations call/cc, stack-passing CEK machines But first Assignment 2 e ::=

First-class continuations call/cc, stack-passing CEK machines But first Assignment 2 e ::= (letrec* ([x e] ...) e) | (letrec ([x e] ...) e) | (case e case-clause ...) | (let* ([x e] ...) e) | (if e e e) | (let ([x e] ...) e) | (when e

971 views • 56 slides
Multimedia course CONTINUUM MECHANICS FOR ENGINEERS By Prof. Xavier Oliver Technical University

Multimedia course CONTINUUM MECHANICS FOR ENGINEERS By Prof. Xavier Oliver Technical University

Multimedia course CONTINUUM MECHANICS FOR ENGINEERS By Prof. Xavier Oliver Technical University of Catalonia (UPC/BarcelonaTech) International Center for Numerical Methods in Engineering (CIMNE) http://oliver.rmee.upc.edu/xo First edition May

931 views • 68 slides
Charged kaon identification system for the CMD3 detector

Charged kaon identification system for the CMD3 detector

Charged kaon identification system for the CMD3 detector

299 views • 7 slides
Phenomenological Perspective on (Charged-)LFV Processes Andr e de Gouv ea Northwestern

Phenomenological Perspective on (Charged-)LFV Processes Andr e de Gouv ea Northwestern

Andr e de Gouv ea Northwestern Phenomenological Perspective on (Charged-)LFV Processes Andr e de Gouv ea Northwestern University NuFlavor 2009 June 810, 2009, Coseners House, UK [session: interplay between neutrino masses

826 views • 34 slides
WindEEE Dome Unique Facility, Unique Experience Horia Hangan WindEEE Milestones WindEEE Dome

WindEEE Dome Unique Facility, Unique Experience Horia Hangan WindEEE Milestones WindEEE Dome

WindEEE Dome Unique Facility, Unique Experience Horia Hangan WindEEE Milestones WindEEE Dome Funded : April 2009 Design : December 2010 Construction : Sept. 2011- Sept. 2013 Commissioned : September 2014 Operational : October 2014 WindEEE

549 views • 21 slides

More recommend