PDF Editor
PDF Converter
Image Converter
Video Converter
Audio Converter
File Compressor
safecurves cryptography choosing safe curves for public

SafeCurves: Cryptography choosing safe curves for Public-key - PowerPoint PPT Presentation

Oct 17, 2022 β€’183 likes β€’1.85k views

SafeCurves: Cryptography choosing safe curves for Public-key signatures: elliptic-curve cryptography e.g., RSA, DSA, ECDSA. Daniel J. Bernstein Some uses: signed OS updates, University of Illinois at Chicago & SSL certificates,

  1. οΏ½ οΏ½ many smaller improvements: The clock Examples βœ™ scientific papers. β‘‘ of these algorithms for reaking RSA-1024, RSA-2048: , 2 170 , CFRAC; βœ™ , 2 160 , LS; βœ™ β‘  , 2 150 , QS; βœ™ 2 112 , NFS. βœ™ Miller β€œUse of This is the curve β‘  2 + β‘‘ 2 = 1. curves in cryptography”: Warning: extremely unlikely This is not an elliptic curve. an β€˜index calculus’ attack β€œElliptic curve” ✻ = β€œellipse.” elliptic curve method ever be able to work.”

  2. οΏ½ οΏ½ smaller improvements: The clock Examples of points βœ™ papers. β‘‘ algorithms for RSA-1024, RSA-2048: βœ™ CFRAC; βœ™ LS; β‘  βœ™ QS; βœ™ NFS. β€œUse of This is the curve β‘  2 + β‘‘ 2 = 1. cryptography”: Warning: unlikely This is not an elliptic curve. calculus’ attack β€œElliptic curve” ✻ = β€œellipse.” curve method to work.”

  3. οΏ½ οΏ½ rovements: The clock Examples of points on this curve: βœ™ β‘‘ for RSA-2048: βœ™ βœ™ β‘  βœ™ βœ™ This is the curve β‘  2 + β‘‘ 2 = 1. cryptography”: Warning: This is not an elliptic curve. attack β€œElliptic curve” ✻ = β€œellipse.” d

  4. οΏ½ οΏ½ The clock Examples of points on this curve: β‘‘ β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  5. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  6. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  7. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  8. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  9. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  10. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. β‘  This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  11. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ♣ β‘  (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  12. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ♣ β‘  (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. ♣ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  13. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ♣ β‘  (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. ♣ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. This is the curve β‘  2 + β‘‘ 2 = 1. Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  14. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ♣ β‘  (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. ♣ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. This is the curve β‘  2 + β‘‘ 2 = 1. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). Warning: This is not an elliptic curve. β€œElliptic curve” ✻ = β€œellipse.”

  15. οΏ½ οΏ½ The clock Examples of points on this curve: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ( οΏ½ 1 ❀ 0) = β€œ9:00”. ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ♣ β‘  (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. ♣ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. This is the curve β‘  2 + β‘‘ 2 = 1. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). Warning: (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). This is not an elliptic curve. (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). β€œElliptic curve” ✻ = β€œellipse.” Many more.

  16. οΏ½ οΏ½ clock Examples of points on this curve: Addition (0 ❀ 1) = β€œ12:00”. β‘‘ β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. ❀ ✎ P β‘  ❀ β‘‘ ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P β‘  ❀ β‘‘ ✎ ♣ β‘  β‘  (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P β‘  ❀ β‘‘ ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. the curve β‘  2 + β‘‘ 2 = 1. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). rning: β‘  = sin β˜› β‘‘ β˜› (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). not an elliptic curve. (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). β€œElliptic curve” ✻ = β€œellipse.” Many more.

  17. οΏ½ οΏ½ Examples of points on this curve: Addition on the clo (0 ❀ 1) = β€œ12:00”. β‘‘ β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. neutral ❀ ✎ P β‘  ❀ β‘‘ ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› 1 βœ‚ ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P β‘  ❀ β‘‘ ✎ βœ‚ βœ‚ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  β‘  βœ‚ ✐ P (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P β‘  ❀ β‘‘ ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. β‘  2 + β‘‘ 2 = 1. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). β‘  = sin β˜› , β‘‘ = cos β˜› (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). elliptic curve. (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ✻ = β€œellipse.” Many more.

  18. οΏ½ οΏ½ ✻ Examples of points on this curve: Addition on the clock: (0 ❀ 1) = β€œ12:00”. β‘‘ β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. neutral = (0 ❀ ✎ P 1 = ( β‘  ❀ β‘‘ ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› 1 βœ‚ βœ‚ ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P 2 = β‘  ❀ β‘‘ ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  β‘  ✐ P βœ‚ (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P P P ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P 3 = ( β‘  ❀ β‘‘ ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  β‘‘ = 1. β‘  2 + β‘‘ 2 = 1, parametrized b (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). β‘  = sin β˜› , β‘‘ = cos β˜› . (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). e. (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). β€œellipse.” Many more.

  19. οΏ½ οΏ½ Examples of points on this curve: Addition on the clock: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› 1 βœ‚ βœ‚ ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  ✐ P βœ‚ (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P P P ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized by (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). β‘  = sin β˜› , β‘‘ = cos β˜› . (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). Many more.

  20. οΏ½ οΏ½ Examples of points on this curve: Addition on the clock: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› 1 βœ‚ βœ‚ ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  ✐ βœ‚ P (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P P P ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized by (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). β‘  = sin β˜› , β‘‘ = cos β˜› . Recall (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). Many more.

  21. οΏ½ οΏ½ Examples of points on this curve: Addition on the clock: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› 1 βœ‚ βœ‚ ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  ✐ βœ‚ P (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P P P ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized by (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). β‘  = sin β˜› , β‘‘ = cos β˜› . Recall (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). (sin β˜› 1 cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ Many more.

  22. οΏ½ οΏ½ Examples of points on this curve: Addition on the clock: (0 ❀ 1) = β€œ12:00”. β‘‘ (0 ❀ οΏ½ 1) = β€œ6:00”. (1 ❀ 0) = β€œ3:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ( οΏ½ 1 ❀ 0) = β€œ9:00”. ✎ β˜› 1 βœ‚ βœ‚ ♣ ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  ✐ βœ‚ P (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P P P ♣ ✎ ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) ♣ ♣ ( 1 ❂ 2 ❀ 1 ❂ 2) = β€œ1:30”. (3 ❂ 5 ❀ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized by (3 ❂ 5 ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). β‘  = sin β˜› , β‘‘ = cos β˜› . Recall (4 ❂ 5 ❀ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = (4 ❂ 5 ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). (sin β˜› 1 cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ Many more. cos β˜› 1 cos β˜› 2 οΏ½ sin β˜› 1 sin β˜› 2 ).

  23. οΏ½ οΏ½ Examples of points on this curve: Addition on the clock: Clock addition ❀ = β€œ12:00”. β‘‘ β‘‘ ❀ οΏ½ 1) = β€œ6:00”. ❀ = β€œ3:00”. neutral = (0 ❀ 1) ❀ ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) P β‘  ❀ β‘‘ οΏ½ ❀ 0) = β€œ9:00”. ✎ ✎ β˜› 1 βœ‚ βœ‚ ♣ ❂ ❀ 1 ❂ 2) = β€œ2:00”. βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) P β‘  ❀ β‘‘ ✎ ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ♣ ✐ β‘  β‘  ✐ βœ‚ P ❂ ❀ οΏ½ 3 ❂ 4) = β€œ5:00”. P P P P P P ♣ ✎ ✎ οΏ½ ❂ ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) P β‘  ❀ β‘‘ ♣ ♣ ❂ ❀ 1 ❂ 2) = β€œ1:30”. ❂ ❀ ❂ 5). ( οΏ½ 3 ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized by Use Cartesian ❂ ❀ οΏ½ 4 ❂ 5). ( οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). addition. β‘  = sin β˜› , β‘‘ = cos β˜› . Recall ❂ ❀ ❂ 5). ( οΏ½ 4 ❂ 5 ❀ 3 ❂ 5). for the clo β‘  β‘‘ (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = ❂ ❀ οΏ½ 3 ❂ 5). ( οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). sum of ( β‘  ❀ β‘‘ β‘  ❀ β‘‘ (sin β˜› 1 cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ more. ( β‘  1 β‘‘ 2 + β‘‘ β‘  ❀ β‘‘ β‘‘ οΏ½ β‘  β‘  cos β˜› 1 cos β˜› 2 οΏ½ sin β˜› 1 sin β˜› 2 ).

  24. οΏ½ οΏ½ οΏ½ oints on this curve: Addition on the clock: Clock addition without ❀ β€œ12:00”. β‘‘ β‘‘ ❀ οΏ½ β€œ6:00”. ❀ neutral = (0 ❀ 1) neutral ❀ ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) P β‘  ❀ β‘‘ οΏ½ ❀ β€œ9:00”. ✎ ✎ β˜› 1 βœ‚ βœ‚ βœ‚ ♣ β€œ2:00”. ❂ ❀ ❂ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) P β‘  ❀ β‘‘ ✎ ✎ βœ‚ βœ‚ ✐ βœ‚ ✐ βœ‚ ✐ ✐ ✐ ✐ βœ‚ βœ‚ ✐ ✐ ♣ ✐ ✐ β‘  β‘  βœ‚ ✐ P βœ‚ P ✐ ❂ ❀ οΏ½ ❂ β€œ5:00”. P P P P P P P P P P ♣ ✎ ✎ οΏ½ ❂ ❀ οΏ½ ❂ = β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) P β‘  ❀ β‘‘ ♣ ♣ ❂ ❀ ❂ β€œ1:30”. ❂ ❀ ❂ οΏ½ ❂ 5 ❀ 4 ❂ 5). β‘  2 + β‘‘ 2 = 1, parametrized by Use Cartesian coordinates ❂ ❀ οΏ½ ❂ οΏ½ 3 ❂ 5 ❀ οΏ½ 4 ❂ 5). addition. Addition β‘  = sin β˜› , β‘‘ = cos β˜› . Recall ❂ ❀ ❂ οΏ½ ❂ 5 ❀ 3 ❂ 5). for the clock β‘  2 + β‘‘ (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = ❂ ❀ οΏ½ ❂ οΏ½ 4 ❂ 5 ❀ οΏ½ 3 ❂ 5). sum of ( β‘  1 ❀ β‘‘ 1 ) and β‘  ❀ β‘‘ (sin β˜› 1 cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  β‘  cos β˜› 1 cos β˜› 2 οΏ½ sin β˜› 1 sin β˜› 2 ).

  25. οΏ½ οΏ½ οΏ½ οΏ½ this curve: Addition on the clock: Clock addition without sin, cos: ❀ β‘‘ β‘‘ ❀ οΏ½ ❀ neutral = (0 ❀ 1) neutral = (0 ❀ ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) P 1 = ( β‘  ❀ β‘‘ οΏ½ ❀ ✎ ✎ β˜› 1 βœ‚ βœ‚ βœ‚ βœ‚ ♣ ❂ ❀ ❂ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) P 2 = β‘  ❀ β‘‘ ✎ ✎ βœ‚ βœ‚ ✐ ✐ βœ‚ ✐ βœ‚ ✐ ✐ ✐ ✐ ✐ βœ‚ βœ‚ ✐ ✐ ♣ ✐ ✐ β‘  β‘  P βœ‚ ✐ ✐ βœ‚ P ❂ ❀ οΏ½ ❂ P P P P P P P P P P P P ♣ ✎ ✎ οΏ½ ❂ ❀ οΏ½ ❂ β€œ7:00”. P 3 = ( β‘  3 ❀ β‘‘ 3 ) P 3 = ( β‘  ❀ β‘‘ ♣ ♣ ❂ ❀ ❂ ❂ ❀ ❂ οΏ½ ❂ ❀ ❂ β‘  2 + β‘‘ 2 = 1, parametrized by Use Cartesian coordinates fo ❂ ❀ οΏ½ ❂ οΏ½ ❂ ❀ οΏ½ ❂ 5). addition. Addition formula β‘  = sin β˜› , β‘‘ = cos β˜› . Recall ❂ ❀ ❂ οΏ½ ❂ ❀ ❂ for the clock β‘  2 + β‘‘ 2 = 1: (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = ❂ ❀ οΏ½ ❂ οΏ½ ❂ ❀ οΏ½ ❂ 5). sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) (sin β˜› 1 cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). cos β˜› 1 cos β˜› 2 οΏ½ sin β˜› 1 sin β˜› 2 ).

  26. οΏ½ οΏ½ οΏ½ οΏ½ Addition on the clock: Clock addition without sin, cos: β‘‘ β‘‘ neutral = (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ ✎ β˜› 1 βœ‚ βœ‚ βœ‚ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ ✎ βœ‚ βœ‚ ✐ ✐ βœ‚ ✐ βœ‚ ✐ ✐ ✐ ✐ ✐ βœ‚ βœ‚ ✐ ✐ ✐ ✐ β‘  β‘  βœ‚ P ✐ βœ‚ P ✐ P P P P P P P P P P P P ✎ ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) P 3 = ( β‘  3 ❀ β‘‘ 3 ) β‘  2 + β‘‘ 2 = 1, parametrized by Use Cartesian coordinates for addition. Addition formula β‘  = sin β˜› , β‘‘ = cos β˜› . Recall for the clock β‘  2 + β‘‘ 2 = 1: (sin( β˜› 1 + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is (sin β˜› 1 cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). cos β˜› 1 cos β˜› 2 οΏ½ sin β˜› 1 sin β˜› 2 ).

  27. οΏ½ οΏ½ οΏ½ οΏ½ Addition on the clock: Clock addition without sin, cos: Examples β€œ2:00” + β‘‘ β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ ❂ ❂ ❀ οΏ½ ❂ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ ❂ neutral = (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + ✎ ✎ β˜› 1 βœ‚ βœ‚ βœ‚ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ ❂ οΏ½ ❀ ✎ ✎ βœ‚ βœ‚ ✐ ✐ βœ‚ ✐ βœ‚ ✐ ✐ ✐ ✐ ✐ βœ‚ βœ‚ ✐ ✐ ✐ ✐ β‘  β‘  P ✐ βœ‚ βœ‚ ✐ P P P ♣ = ( 3 ❂ 4 ❀ ❂ P P P P P P P P P P ✎ ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ βœ“ 5 ❀ 4 2 ❀ 5 β‘‘ 2 = 1, parametrized by Use Cartesian coordinates for β‘  addition. Addition formula β‘  sin β˜› , β‘‘ = cos β˜› . Recall for the clock β‘  2 + β‘‘ 2 = 1: β˜› + β˜› 2 ) ❀ cos( β˜› 1 + β˜› 2 )) = sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β˜› cos β˜› 2 + cos β˜› 1 sin β˜› 2 ❀ ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β˜› cos β˜› 2 οΏ½ sin β˜› 1 sin β˜› 2 ).

  28. οΏ½ οΏ½ οΏ½ clock: Clock addition without sin, cos: Examples of clock β€œ2:00” + β€œ5:00” β‘‘ β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ ❀ οΏ½ ❂ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) neutral = (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ ✎ β˜› βœ‚ βœ‚ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + οΏ½ ❀ ✎ ✎ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  β‘  βœ‚ P ✐ P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P P P P ✎ ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 2 = 25 ❀ 5 Use Cartesian coordinates for β‘  β‘‘ rametrized by addition. Addition formula β‘  β˜› β‘‘ cos β˜› . Recall for the clock β‘  2 + β‘‘ 2 = 1: β˜› β˜› ❀ cos( β˜› 1 + β˜› 2 )) = sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β˜› β˜› cos β˜› 1 sin β˜› 2 ❀ ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β˜› β˜› οΏ½ sin β˜› 1 sin β˜› 2 ).

  29. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ ( β‘  1 ❀ β‘‘ 1 ) P 1 = ( β‘  1 ❀ β‘‘ 1 ) P β€œ5:00” + β€œ9:00” ✎ ✎ β˜› βœ‚ βœ‚ βœ‚ P = ( β‘  2 ❀ β‘‘ 2 ) P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  β‘  ✐ P βœ‚ P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ ✎ P ( β‘  3 ❀ β‘‘ 3 ) P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 Use Cartesian coordinates for β‘  β‘‘ by addition. Addition formula β‘  β˜› β‘‘ β˜› ecall for the clock β‘  2 + β‘‘ 2 = 1: β˜› β˜› ❀ β˜› β˜› )) = sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β˜› β˜› β˜› β˜› 2 ❀ ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β˜› β˜› οΏ½ β˜› β˜› 2 ).

  30. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  P βœ‚ ✐ P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 Use Cartesian coordinates for addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ).

  31. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  ✐ βœ‚ P P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Use Cartesian coordinates for 3 = . 5 125 addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ).

  32. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  ✐ P βœ‚ P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Use Cartesian coordinates for 3 = . 5 125 addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . 5 625 sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ).

  33. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  ✐ βœ‚ P P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Use Cartesian coordinates for 3 = . 5 125 addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . 5 625 sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ).

  34. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  ✐ βœ‚ P P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Use Cartesian coordinates for 3 = . 5 125 addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . 5 625 sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ).

  35. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  βœ‚ ✐ P P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Use Cartesian coordinates for 3 = . 5 125 addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . 5 625 sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). ( β‘  1 ❀ β‘‘ 1 ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) =

  36. οΏ½ οΏ½ Clock addition without sin, cos: Examples of clock addition: β€œ2:00” + β€œ5:00” β‘‘ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ β‘  βœ‚ ✐ P P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . 5 25 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Use Cartesian coordinates for 3 = . 5 125 addition. Addition formula for the clock β‘  2 + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . 5 625 sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). ( β‘  1 ❀ β‘‘ 1 ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) = (0 ❀ 1).

  37. οΏ½ οΏ½ addition without sin, cos: Examples of clock addition: Clocks over β€œ2:00” + β€œ5:00” β‘‘ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ ✐ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ β‘  βœ‚ P ✐ P ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P P P ✎ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . ✁ ✁ ✁ ✁ ✁ ✁ ✁ 5 25 Clock( F 7 βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 Cartesian coordinates for 3 = . ✟ ✠ ( ①❀ β‘‘ ) ✷ βœ‚ β‘  β‘‘ 5 125 addition. Addition formula Here F 7 ❒ ❀ ❀ ❀ ❀ ❀ ❀ ❣ clock β‘  2 + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . = ❒ 0 ❀ 1 ❀ 2 ❀ ❀ οΏ½ ❀ οΏ½ ❀ οΏ½ ❣ 5 625 of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is with arit ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). β‘  β‘‘ + β‘‘ 1 β‘  2 ❀ β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). e.g. 2 ✁ 5 ❂ ( β‘  1 ❀ β‘‘ 1 ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) = (0 ❀ 1).

  38. οΏ½ without sin, cos: Examples of clock addition: Clocks over finite fields β€œ2:00” + β€œ5:00” β‘‘ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. neutral = (0 ❀ 1) ✎ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ P 1 = ( β‘  1 ❀ β‘‘ 1 ) β€œ5:00” + β€œ9:00” ✎ βœ‚ βœ‚ ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ ✐ ✐ ✐ ✐ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ β‘  ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. P P P ✎ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ P 3 = ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . ✁ ✁ ✁ ✁ ✁ ✁ ✁ 5 25 Clock( F 7 ) = βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 ordinates for 3 = . ✟ ✠ ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 β‘  β‘‘ 5 125 Addition formula Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ ❀ ❀ ❀ ❣ β‘  + β‘‘ 2 = 1: βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ ❀ οΏ½ ❣ 5 625 β‘  ❀ β‘‘ and ( β‘  2 ❀ β‘‘ 2 ) is with arithmetic mo ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). β‘‘ β‘  ❀ β‘‘ β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β‘  β‘‘ e.g. 2 ✁ 5 = 3 and ❂ ( β‘  1 ❀ β‘‘ 1 ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) = (0 ❀ 1).

  39. sin, cos: Examples of clock addition: Clocks over finite fields β€œ2:00” + β€œ5:00” β‘‘ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. (0 ❀ 1) ✎ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ( β‘  1 ❀ β‘‘ 1 ) P β€œ5:00” + β€œ9:00” ✎ ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ P = ( β‘  2 ❀ β‘‘ 2 ) ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✎ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ β‘  ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ✎ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ P ( β‘  3 ❀ β‘‘ 3 ) βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . ✁ ✁ ✁ ✁ ✁ ✁ ✁ 5 25 Clock( F 7 ) = βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 for 3 = . ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 ✟ ✠ 5 125 Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 β‘  β‘‘ 4 = . = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ 5 625 β‘  ❀ β‘‘ β‘  ❀ β‘‘ 2 ) is with arithmetic modulo 7. ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). β‘‘ β‘  ❀ β‘‘ β‘‘ οΏ½ β‘  β‘  ). β‘  β‘‘ e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in ( β‘  1 ❀ β‘‘ 1 ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) = (0 ❀ 1).

  40. Examples of clock addition: Clocks over finite fields β€œ2:00” + β€œ5:00” ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ = ( οΏ½ 1 ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ β€œ5:00” + β€œ9:00” ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ ♣ = (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ♣ = ( 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ βœ’ 3 βœ“ βœ’ 24 βœ“ 5 ❀ 4 25 ❀ 7 2 = . ✁ ✁ ✁ ✁ ✁ ✁ ✁ 5 25 Clock( F 7 ) = βœ’ 3 βœ“ βœ’ 117 βœ“ 5 ❀ 4 125 ❀ οΏ½ 44 3 = . ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . 5 125 Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ βœ’ 3 βœ“ βœ’ 336 βœ“ 5 ❀ 4 625 ❀ οΏ½ 527 4 = . = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ 5 625 with arithmetic modulo 7. ( β‘  1 ❀ β‘‘ 1 ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 . ( β‘  1 ❀ β‘‘ 1 ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) = (0 ❀ 1).

  41. Examples of clock addition: Clocks over finite fields Larger exa + β€œ5:00” Examples ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ 3 ❂ 4 ❀ 1 ❂ 2) + (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) on Clock( ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ οΏ½ ❂ 2 ❀ οΏ½ 3 ❂ 4) = β€œ7:00”. 2(1000 ❀ 2) ❀ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ + β€œ9:00” ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ ♣ ❂ 2 ❀ οΏ½ 3 ❂ 4) + ( οΏ½ 1 ❀ 0) ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ♣ 3 ❂ 4 ❀ 1 ❂ 2) = β€œ2:00”. ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ βœ’ βœ“ βœ’ 24 βœ“ ❀ 4 25 ❀ 7 = . ✁ ✁ ✁ ✁ ✁ ✁ ✁ 5 25 Clock( F 7 ) = βœ’ βœ“ βœ’ 117 βœ“ ❀ 4 125 ❀ οΏ½ 44 = . ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . 5 125 Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ βœ’ βœ“ βœ’ 336 βœ“ ❀ 4 625 ❀ οΏ½ 527 = . = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ 5 625 with arithmetic modulo 7. β‘  ❀ β‘‘ ) + (0 ❀ 1) = ( β‘  1 ❀ β‘‘ 1 ). e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 . β‘  ❀ β‘‘ ) + ( οΏ½ β‘  1 ❀ β‘‘ 1 ) = (0 ❀ 1).

  42. ck addition: Clocks over finite fields Larger example: Clo Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ ❂ ❀ ❂ (1 ❂ 2 ❀ οΏ½ 3 ❂ 4) on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ οΏ½ ❂ ❀ οΏ½ ❂ 4) = β€œ7:00”. 2(1000 ❀ 2) = (4000 ❀ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ ♣ ❂ ❀ οΏ½ ❂ 4) + ( οΏ½ 1 ❀ 0) ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ♣ ❂ ❀ ❂ β€œ2:00”. ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ βœ’ βœ“ βœ’ 24 βœ“ 25 ❀ 7 ❀ . ✁ ✁ ✁ ✁ ✁ ✁ ✁ 25 Clock( F 7 ) = βœ’ βœ“ βœ’ 117 βœ“ 125 ❀ οΏ½ 44 ❀ . ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . 125 Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ βœ’ βœ“ βœ’ 336 βœ“ 625 ❀ οΏ½ 527 ❀ . = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ 625 with arithmetic modulo 7. β‘  ❀ β‘‘ ❀ = ( β‘  1 ❀ β‘‘ 1 ). e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 . β‘  ❀ β‘‘ οΏ½ β‘  ❀ β‘‘ 1 ) = (0 ❀ 1).

  43. addition: Clocks over finite fields Larger example: Clock( F 1000003 Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ ♣ ♣ ❂ ❀ ❂ ❂ ❀ οΏ½ 3 ❂ 4) on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ♣ οΏ½ ❂ ❀ οΏ½ ❂ β€œ7:00”. 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ ♣ ❂ ❀ οΏ½ ❂ οΏ½ ❀ 0) ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ♣ ❂ ❀ ❂ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ βœ’ βœ“ βœ’ βœ“ ❀ ❀ ✁ ✁ ✁ ✁ ✁ ✁ ✁ Clock( F 7 ) = βœ’ βœ“ βœ’ βœ“ ❀ οΏ½ ❀ . ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ βœ’ βœ“ βœ’ βœ“ ❀ οΏ½ ❀ . = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ with arithmetic modulo 7. β‘  ❀ β‘‘ ❀ β‘  ❀ β‘‘ ). e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 . β‘  ❀ β‘‘ οΏ½ β‘  ❀ β‘‘ ❀ 1).

  44. Clocks over finite fields Larger example: Clock( F 1000003 ). Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ Clock( F 7 ) = ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ with arithmetic modulo 7. e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  45. Clocks over finite fields Larger example: Clock( F 1000003 ). Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ Clock( F 7 ) = ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ with arithmetic modulo 7. e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  46. Clocks over finite fields Larger example: Clock( F 1000003 ). Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ Clock( F 7 ) = ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ with arithmetic modulo 7. e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  47. Clocks over finite fields Larger example: Clock( F 1000003 ). Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 16(1000 ❀ 2) = (549438 ❀ 156853). ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ ✁ Clock( F 7 ) = ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ with arithmetic modulo 7. e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  48. Clocks over finite fields Larger example: Clock( F 1000003 ). Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 16(1000 ❀ 2) = (549438 ❀ 156853). ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 17(1000 ❀ 2) = (951405 ❀ 877356). ✁ ✁ ✁ ✁ ✁ ✁ ✁ Clock( F 7 ) = ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 ✟ ✠ . Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ with arithmetic modulo 7. e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  49. Clocks over finite fields Larger example: Clock( F 1000003 ). Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 16(1000 ❀ 2) = (549438 ❀ 156853). ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 17(1000 ❀ 2) = (951405 ❀ 877356). ✁ ✁ ✁ ✁ ✁ ✁ ✁ β€œScalar multiplication” Clock( F 7 ) = ( ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 on a clock: ✟ ✠ . Given integer β™₯ βœ• 0 Here F 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ and clock point ( ①❀ β‘‘ ), = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ compute β™₯ ( ①❀ β‘‘ ). with arithmetic modulo 7. e.g. 2 ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  50. over finite fields Larger example: Clock( F 1000003 ). β€œBinary If β™₯ is even, β™₯ ①❀ β‘‘ Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ by doubling β™₯❂ ①❀ β‘‘ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ Otherwise β™₯ ①❀ β‘‘ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ by adding ①❀ β‘‘ β™₯ οΏ½ ①❀ β‘‘ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ This is very 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 16(1000 ❀ 2) = (549438 ❀ 156853). ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 17(1000 ❀ 2) = (951405 ❀ 877356). ✁ ✁ ✁ ✁ ✁ ✁ ✁ β€œScalar multiplication” F 7 ) = ①❀ β‘‘ ) ✷ F 7 βœ‚ F 7 : β‘  2 + β‘‘ 2 = 1 on a clock: ✟ ✠ . Given integer β™₯ βœ• 0 7 = ❒ 0 ❀ 1 ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ and clock point ( ①❀ β‘‘ ), ❒ ❀ 1 ❀ 2 ❀ 3 ❀ οΏ½ 3 ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ compute β™₯ ( ①❀ β‘‘ ). rithmetic modulo 7. ✁ 5 = 3 and 3 ❂ 2 = 5 in F 7 .

  51. ite fields Larger example: Clock( F 1000003 ). β€œBinary method”: If β™₯ is even, compute β™₯ ①❀ β‘‘ Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ by doubling ( β™₯❂ 2)( ①❀ β‘‘ on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ Otherwise compute β™₯ ①❀ β‘‘ 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ by adding ( ①❀ β‘‘ ) to β™₯ οΏ½ ①❀ β‘‘ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ This is very fast. 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 16(1000 ❀ 2) = (549438 ❀ 156853). ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 17(1000 ❀ 2) = (951405 ❀ 877356). ✁ ✁ ✁ ✁ ✁ ✁ ✁ β€œScalar multiplication” 7 : β‘  2 + β‘‘ 2 = 1 on a clock: ✟ ✠ ①❀ β‘‘ ✷ βœ‚ . Given integer β™₯ βœ• 0 ❒ ❀ ❀ 2 ❀ 3 ❀ 4 ❀ 5 ❀ 6 ❣ and clock point ( ①❀ β‘‘ ), ❒ ❀ ❀ ❀ ❀ οΏ½ ❀ οΏ½ 2 ❀ οΏ½ 1 ❣ compute β™₯ ( ①❀ β‘‘ ). modulo 7. ✁ and 3 ❂ 2 = 5 in F 7 .

  52. Larger example: Clock( F 1000003 ). β€œBinary method”: If β™₯ is even, compute β™₯ ( ①❀ β‘‘ Examples of addition ✁ ✁ ✁ ✁ ✁ ✁ ✁ by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). on Clock( F 1000003 ): ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ Otherwise compute β™₯ ( ①❀ β‘‘ ) 2(1000 ❀ 2) = (4000 ❀ 7). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ 4(1000 ❀ 2) = (56000 ❀ 97). ✁ ✁ ✎ ✁ ✁ ✎ ✁ ✁ ✁ This is very fast. 8(1000 ❀ 2) = (863970 ❀ 18817). ✁ ✁ ✁ ✎ ✁ ✁ ✁ ✁ 16(1000 ❀ 2) = (549438 ❀ 156853). ✁ ✎ ✁ ✁ ✁ ✁ ✎ ✁ ✁ 17(1000 ❀ 2) = (951405 ❀ 877356). ✁ ✁ ✁ ✁ ✁ ✁ ✁ β€œScalar multiplication” β‘‘ 2 = 1 on a clock: ✟ ✠ ①❀ β‘‘ ✷ βœ‚ β‘  . Given integer β™₯ βœ• 0 ❒ ❀ ❀ ❀ ❀ ❀ ❀ 6 ❣ and clock point ( ①❀ β‘‘ ), ❒ ❀ ❀ ❀ ❀ οΏ½ ❀ οΏ½ ❀ οΏ½ ❣ compute β™₯ ( ①❀ β‘‘ ). ✁ ❂ in F 7 .

  53. Larger example: Clock( F 1000003 ). β€œBinary method”: If β™₯ is even, compute β™₯ ( ①❀ β‘‘ ) Examples of addition by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). on Clock( F 1000003 ): Otherwise compute β™₯ ( ①❀ β‘‘ ) 2(1000 ❀ 2) = (4000 ❀ 7). by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). 4(1000 ❀ 2) = (56000 ❀ 97). This is very fast. 8(1000 ❀ 2) = (863970 ❀ 18817). 16(1000 ❀ 2) = (549438 ❀ 156853). 17(1000 ❀ 2) = (951405 ❀ 877356). β€œScalar multiplication” on a clock: Given integer β™₯ βœ• 0 and clock point ( ①❀ β‘‘ ), compute β™₯ ( ①❀ β‘‘ ).

  54. Larger example: Clock( F 1000003 ). β€œBinary method”: If β™₯ is even, compute β™₯ ( ①❀ β‘‘ ) Examples of addition by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). on Clock( F 1000003 ): Otherwise compute β™₯ ( ①❀ β‘‘ ) 2(1000 ❀ 2) = (4000 ❀ 7). by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). 4(1000 ❀ 2) = (56000 ❀ 97). This is very fast. 8(1000 ❀ 2) = (863970 ❀ 18817). 16(1000 ❀ 2) = (549438 ❀ 156853). But figuring out β™₯ 17(1000 ❀ 2) = (951405 ❀ 877356). given ( ①❀ β‘‘ ) and β™₯ ( ①❀ β‘‘ ) is much more difficult. β€œScalar multiplication” on a clock: With 30 clock additions Given integer β™₯ βœ• 0 we computed and clock point ( ①❀ β‘‘ ), β™₯ (1000 ❀ 2) = (947472 ❀ 736284) compute β™₯ ( ①❀ β‘‘ ). for some 6-digit β™₯ . Can you figure out β™₯ ?

  55. example: Clock( F 1000003 ). β€œBinary method”: Clock cryptography If β™₯ is even, compute β™₯ ( ①❀ β‘‘ ) Examples of addition Standardize ♣ by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). ck( F 1000003 ): and some ①❀ β‘‘ ✷ ♣ Otherwise compute β™₯ ( ①❀ β‘‘ ) ❀ 2) = (4000 ❀ 7). Alice cho ❛ by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). ❀ 2) = (56000 ❀ 97). Computes ❛ ①❀ β‘‘ This is very fast. ❀ 2) = (863970 ❀ 18817). Bob cho ❜ 16(1000 ❀ 2) = (549438 ❀ 156853). But figuring out β™₯ Computes ❜ ①❀ β‘‘ 17(1000 ❀ 2) = (951405 ❀ 877356). given ( ①❀ β‘‘ ) and β™₯ ( ①❀ β‘‘ ) is much more difficult. Alice computes ❛ ❜ ①❀ β‘‘ r multiplication” Bob computes ❜ ❛ ①❀ β‘‘ clock: With 30 clock additions They use integer β™₯ βœ• 0 we computed to encrypt clock point ( ①❀ β‘‘ ), β™₯ (1000 ❀ 2) = (947472 ❀ 736284) compute β™₯ ( ①❀ β‘‘ ). for some 6-digit β™₯ . Warning Can you figure out β™₯ ? Many choices ♣

  56. Clock( F 1000003 ). β€œBinary method”: Clock cryptography If β™₯ is even, compute β™₯ ( ①❀ β‘‘ ) addition Standardize a large ♣ by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). 1000003 ): and some ( ①❀ β‘‘ ) ✷ ♣ Otherwise compute β™₯ ( ①❀ β‘‘ ) ❀ (4000 ❀ 7). Alice chooses big secret ❛ by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). ❀ (56000 ❀ 97). Computes her public ❛ ①❀ β‘‘ This is very fast. ❀ (863970 ❀ 18817). Bob chooses big secret ❜ ❀ (549438 ❀ 156853). But figuring out β™₯ Computes his public ❜ ①❀ β‘‘ ❀ (951405 ❀ 877356). given ( ①❀ β‘‘ ) and β™₯ ( ①❀ β‘‘ ) is much more difficult. Alice computes ❛ ( ❜ ①❀ β‘‘ multiplication” Bob computes ❜ ( ❛ ①❀ β‘‘ With 30 clock additions They use this shared β™₯ βœ• 0 we computed to encrypt with AES-GCM ( ①❀ β‘‘ ), β™₯ (1000 ❀ 2) = (947472 ❀ 736284) β™₯ ①❀ β‘‘ ). for some 6-digit β™₯ . Warning #1: Can you figure out β™₯ ? Many choices of ♣

  57. 1000003 ). β€œBinary method”: Clock cryptography If β™₯ is even, compute β™₯ ( ①❀ β‘‘ ) Standardize a large prime ♣ by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Otherwise compute β™₯ ( ①❀ β‘‘ ) ❀ ❀ Alice chooses big secret ❛ . by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). ❀ ❀ Computes her public key ❛ ( ①❀ β‘‘ This is very fast. ❀ ❀ 18817). Bob chooses big secret ❜ . ❀ ❀ 156853). But figuring out β™₯ Computes his public key ❜ ( ①❀ β‘‘ ❀ ❀ 877356). given ( ①❀ β‘‘ ) and β™₯ ( ①❀ β‘‘ ) is much more difficult. Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). With 30 clock additions They use this shared secret β™₯ βœ• we computed to encrypt with AES-GCM etc. β™₯ (1000 ❀ 2) = (947472 ❀ 736284) ①❀ β‘‘ β™₯ ①❀ β‘‘ for some 6-digit β™₯ . Warning #1: Can you figure out β™₯ ? Many choices of ♣ are bad!

  58. β€œBinary method”: Clock cryptography If β™₯ is even, compute β™₯ ( ①❀ β‘‘ ) Standardize a large prime ♣ by doubling ( β™₯❂ 2)( ①❀ β‘‘ ). and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Otherwise compute β™₯ ( ①❀ β‘‘ ) Alice chooses big secret ❛ . by adding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). Computes her public key ❛ ( ①❀ β‘‘ ). This is very fast. Bob chooses big secret ❜ . But figuring out β™₯ Computes his public key ❜ ( ①❀ β‘‘ ). given ( ①❀ β‘‘ ) and β™₯ ( ①❀ β‘‘ ) is much more difficult. Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). With 30 clock additions They use this shared secret we computed to encrypt with AES-GCM etc. β™₯ (1000 ❀ 2) = (947472 ❀ 736284) for some 6-digit β™₯ . Warning #1: Can you figure out β™₯ ? Many choices of ♣ are bad!

  59. οΏ½ οΏ½ ry method”: Clock cryptography Alice’s secret ❛ ❜ β™₯ even, compute β™₯ ( ①❀ β‘‘ ) Standardize a large prime ♣ bling ( β™₯❂ 2)( ①❀ β‘‘ ). and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Alice’s Otherwise compute β™₯ ( ①❀ β‘‘ ) public Alice chooses big secret ❛ . ding ( ①❀ β‘‘ ) to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). ❛ ( ①❀ β‘‘ ❜ ①❀ β‘‘ Computes her public key ❛ ( ①❀ β‘‘ ). very fast. Bob chooses big secret ❜ . ❒ Alice ❀ Bob ❣ ❒ ❀ ❣ figuring out β™₯ shared Computes his public key ❜ ( ①❀ β‘‘ ). ( ①❀ β‘‘ ) and β™₯ ( ①❀ β‘‘ ) β›βœ ( ①❀ β‘‘ βœβ› ①❀ β‘‘ much more difficult. Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). 30 clock additions They use this shared secret computed to encrypt with AES-GCM etc. β™₯ (1000 ❀ 2) = (947472 ❀ 736284) ome 6-digit β™₯ . Warning #1: ou figure out β™₯ ? Many choices of ♣ are bad!

  60. οΏ½ οΏ½ d”: Clock cryptography Alice’s secret key ❛ ❜ β™₯ compute β™₯ ( ①❀ β‘‘ ) Standardize a large prime ♣ β™₯❂ 2)( ①❀ β‘‘ ). and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Alice’s mpute β™₯ ( ①❀ β‘‘ ) public key Alice chooses big secret ❛ . ①❀ β‘‘ to ( β™₯ οΏ½ 1)( ①❀ β‘‘ ). ❛ ( ①❀ β‘‘ ) ❜ ①❀ β‘‘ β–² β–² Computes her public key ❛ ( ①❀ β‘‘ ). β–² fast. β–² β–² οΏ½ rrrr β–² Bob chooses big secret ❜ . ❒ Alice ❀ Bob ❣ ’s ❒ ❀ ❣ β™₯ = shared secret Computes his public key ❜ ( ①❀ β‘‘ ). ①❀ β‘‘ β™₯ ( ①❀ β‘‘ ) β›βœ ( ①❀ β‘‘ ) βœβ› ①❀ β‘‘ difficult. Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). additions They use this shared secret to encrypt with AES-GCM etc. (947472 ❀ 736284) β™₯ ❀ β™₯ . Warning #1: out β™₯ ? Many choices of ♣ are bad!

  61. οΏ½ οΏ½ οΏ½ οΏ½ Clock cryptography Alice’s Bob’s secret key ❛ secret k ❜ β™₯ β™₯ ①❀ β‘‘ ) Standardize a large prime ♣ β™₯❂ ①❀ β‘‘ and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Alice’s Bob’s β™₯ ①❀ β‘‘ ) public key public Alice chooses big secret ❛ . ①❀ β‘‘ β™₯ οΏ½ 1)( ①❀ β‘‘ ). ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ β–² β–² οΏ½ rrrrrrr Computes her public key ❛ ( ①❀ β‘‘ ). β–² β–² β–² β–² β–² Bob chooses big secret ❜ . ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ β™₯ = shared secret shared s Computes his public key ❜ ( ①❀ β‘‘ ). ①❀ β‘‘ β™₯ ①❀ β‘‘ β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). They use this shared secret to encrypt with AES-GCM etc. ❀ 736284) β™₯ ❀ β™₯ Warning #1: β™₯ Many choices of ♣ are bad!

  62. οΏ½ οΏ½ οΏ½ οΏ½ οΏ½ Clock cryptography Alice’s Bob’s secret key ❛ secret key ❜ Standardize a large prime ♣ and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Alice’s Bob’s public key public key Alice chooses big secret ❛ . ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr Computes her public key ❛ ( ①❀ β‘‘ ). β–² β–² β–² β–² β–² Bob chooses big secret ❜ . ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s = shared secret shared secret Computes his public key ❜ ( ①❀ β‘‘ ). β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). They use this shared secret to encrypt with AES-GCM etc. Warning #1: Many choices of ♣ are bad!

  63. οΏ½ οΏ½ οΏ½ οΏ½ οΏ½ Clock cryptography Alice’s Bob’s secret key ❛ secret key ❜ Standardize a large prime ♣ and some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). Alice’s Bob’s public key public key Alice chooses big secret ❛ . ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr Computes her public key ❛ ( ①❀ β‘‘ ). β–² β–² β–² β–² β–² Bob chooses big secret ❜ . ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s = shared secret shared secret Computes his public key ❜ ( ①❀ β‘‘ ). β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) Alice computes ❛ ( ❜ ( ①❀ β‘‘ )). Warning #2: Bob computes ❜ ( ❛ ( ①❀ β‘‘ )). Clocks aren’t elliptic! They use this shared secret Can use index calculus to encrypt with AES-GCM etc. to attack clock cryptography. Warning #1: To match RSA-3072 security Many choices of ♣ are bad! need ♣ βœ™ 2 1536 .

  64. οΏ½ οΏ½ οΏ½ οΏ½ οΏ½ cryptography Timing attacks Alice’s Bob’s secret key ❛ secret key ❜ Standardize a large prime ♣ Attacker some ( ①❀ β‘‘ ) ✷ Clock( F ♣ ). ❛ ( ①❀ β‘‘ ) and ❜ ①❀ β‘‘ Alice’s Bob’s public key public key chooses big secret ❛ . Attacker ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr Computes her public key ❛ ( ①❀ β‘‘ ). Alice to ❛ ❜ ①❀ β‘‘ β–² β–² β–² β–² β–² Often attack chooses big secret ❜ . ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s time for = shared secret shared secret Computes his public key ❜ ( ①❀ β‘‘ ). performed β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) computes ❛ ( ❜ ( ①❀ β‘‘ )). not just Warning #2: computes ❜ ( ❛ ( ①❀ β‘‘ )). This reveals ❛ Clocks aren’t elliptic! use this shared secret Fix: constant-time Can use index calculus encrypt with AES-GCM etc. to attack clock cryptography. performing rning #1: no matter To match RSA-3072 security choices of ♣ are bad! need ♣ βœ™ 2 1536 .

  65. οΏ½ οΏ½ οΏ½ οΏ½ οΏ½ cryptography Timing attacks Alice’s Bob’s secret key ❛ secret key ❜ rge prime ♣ Attacker sees more ①❀ β‘‘ ✷ Clock( F ♣ ). ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). Alice’s Bob’s public key public key big secret ❛ . Attacker sees time ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr public key ❛ ( ①❀ β‘‘ ). Alice to compute ❛ ❜ ①❀ β‘‘ β–² β–² β–² β–² β–² Often attacker can secret ❜ . ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s time for each operation = shared secret shared secret public key ❜ ( ①❀ β‘‘ ). performed by Alice, β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) ❛ ( ❜ ( ①❀ β‘‘ )). not just total time. Warning #2: ❜ ( ❛ ( ①❀ β‘‘ )). This reveals secret ❛ Clocks aren’t elliptic! shared secret Fix: constant-time Can use index calculus AES-GCM etc. to attack clock cryptography. performing same op no matter what scala To match RSA-3072 security ♣ are bad! need ♣ βœ™ 2 1536 .

  66. οΏ½ οΏ½ οΏ½ οΏ½ οΏ½ Timing attacks Alice’s Bob’s secret key ❛ secret key ❜ ♣ Attacker sees more than ①❀ β‘‘ ✷ ♣ ). ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). Alice’s Bob’s public key public key ❛ . Attacker sees time for ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr ❛ ( ①❀ β‘‘ ). Alice to compute ❛ ( ❜ ( ①❀ β‘‘ )). β–² β–² β–² β–² β–² Often attacker can see ❜ ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s time for each operation = shared secret shared secret ❜ ( ①❀ β‘‘ ). performed by Alice, β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) ❛ ❜ ①❀ β‘‘ )). not just total time. Warning #2: ❜ ❛ ①❀ β‘‘ This reveals secret ❛ . Clocks aren’t elliptic! cret Fix: constant-time code, Can use index calculus etc. to attack clock cryptography. performing same operations no matter what scalar is. To match RSA-3072 security ad! ♣ need ♣ βœ™ 2 1536 .

  67. οΏ½ οΏ½ οΏ½ οΏ½ οΏ½ Timing attacks Alice’s Bob’s secret key ❛ secret key ❜ Attacker sees more than ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). Alice’s Bob’s public key public key Attacker sees time for ❛ ( ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr Alice to compute ❛ ( ❜ ( ①❀ β‘‘ )). β–² β–² β–² β–² β–² Often attacker can see ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s time for each operation = shared secret shared secret performed by Alice, β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) not just total time. Warning #2: This reveals secret ❛ . Clocks aren’t elliptic! Fix: constant-time code, Can use index calculus to attack clock cryptography. performing same operations no matter what scalar is. To match RSA-3072 security need ♣ βœ™ 2 1536 .

  68. οΏ½ οΏ½ οΏ½ οΏ½ Timing attacks Addition Alice’s Bob’s secret key ❛ secret key ❜ Attacker sees more than β‘‘ ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). Alice’s Bob’s ❀ ✎ public key public key Attacker sees time for P β‘  ❀ β‘‘ ❛ ①❀ β‘‘ ) ❜ ( ①❀ β‘‘ ) β–² β–² οΏ½ rrrrrrr ✎ Alice to compute ❛ ( ❜ ( ①❀ β‘‘ )). β–² β–² β–² P β‘  ❀ β‘‘ β–² ✎ β–² Often attacker can see β‘  ✎ ❒ Alice ❀ Bob ❣ ’s ❒ Bob ❀ Alice ❣ ’s P β‘  ❀ β‘‘ time for each operation = red secret shared secret performed by Alice, β›βœ ( ①❀ β‘‘ ) βœβ› ( ①❀ β‘‘ ) not just total time. β‘  2 + β‘‘ 2 οΏ½ β‘  β‘‘ rning #2: This reveals secret ❛ . Sum of ( β‘  ❀ β‘‘ β‘  ❀ β‘‘ aren’t elliptic! (( β‘  1 β‘‘ 2 + β‘‘ β‘  ❂ οΏ½ β‘  β‘  β‘‘ β‘‘ Fix: constant-time code, use index calculus ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  β‘  ❂ β‘  β‘  β‘‘ β‘‘ attack clock cryptography. performing same operations no matter what scalar is. match RSA-3072 security ♣ βœ™ 2 1536 .

  69. οΏ½ οΏ½ οΏ½ οΏ½ Timing attacks Addition on an elliptic Bob’s ❛ secret key ❜ Attacker sees more than β‘‘ ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). Bob’s neutral ❀ ✎ public key Attacker sees time for P β‘  ❀ β‘‘ ❜ ( ①❀ β‘‘ ) ❛ ①❀ β‘‘ rrrr ✎ Alice to compute ❛ ( ❜ ( ①❀ β‘‘ )). ☞ β–² P β‘  ❀ β‘‘ β–² ☞ ✎ β–² ☞ ❒ ❒ Often attacker can see ❒ β‘  ❒ ❬ ☞ ❬ ❬ ❬ ✎ ❒ ❀ ❣ ❒ Bob ❀ Alice ❣ ’s P β‘  ❀ β‘‘ time for each operation = shared secret performed by Alice, β›βœ ①❀ β‘‘ βœβ› ( ①❀ β‘‘ ) not just total time. β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  β‘‘ This reveals secret ❛ . Sum of ( β‘  1 ❀ β‘‘ 1 ) and β‘  ❀ β‘‘ elliptic! (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ β‘  β‘  β‘‘ β‘‘ Fix: constant-time code, calculus ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  β‘  β‘‘ β‘‘ cryptography. performing same operations no matter what scalar is. RSA-3072 security ♣ βœ™

  70. οΏ½ οΏ½ οΏ½ οΏ½ Timing attacks Addition on an elliptic curve Bob’s ❛ secret key ❜ Attacker sees more than β‘‘ ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). Bob’s neutral = (0 ❀ ✎ public key Attacker sees time for P 1 = ( β‘  1 ❀ β‘‘ ❜ ①❀ β‘‘ ) ❛ ①❀ β‘‘ ✎ Alice to compute ❛ ( ❜ ( ①❀ β‘‘ )). ☞ P 2 = ( β‘  ❀ β‘‘ ☞ ✎ ❒ ☞ ❒ ❒ Often attacker can see ❒ β‘  ❒ ❬ ☞ ❬ ❬ ❬ ❬ ✎ ❬ ❒ ❀ ❣ ❒ ❀ Alice ❣ ’s P 3 = ( β‘  ❀ β‘‘ time for each operation secret performed by Alice, β›βœ ①❀ β‘‘ βœβ› ①❀ β‘‘ ) not just total time. β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . This reveals secret ❛ . Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ Fix: constant-time code, ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ cryptography. performing same operations no matter what scalar is. security ♣ βœ™

  71. οΏ½ οΏ½ Timing attacks Addition on an elliptic curve Attacker sees more than β‘‘ ❛ ( ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). neutral = (0 ❀ 1) ✎ Attacker sees time for P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ Alice to compute ❛ ( ❜ ( ①❀ β‘‘ )). ☞ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ☞ ✎ ❒ ☞ ❒ ❒ Often attacker can see ❒ β‘  ❬ ☞ ❒ ❬ ❬ ❬ ❬ ✎ ❬ P 3 = ( β‘  3 ❀ β‘‘ 3 ) time for each operation performed by Alice, not just total time. β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . This reveals secret ❛ . Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), Fix: constant-time code, ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). performing same operations no matter what scalar is.

  72. οΏ½ οΏ½ Timing attacks Addition on an elliptic curve The clock er sees more than β‘‘ β‘‘ ❛ ①❀ β‘‘ ) and ❜ ( ①❀ β‘‘ ). neutral = (0 ❀ 1) ❀ ✎ ✎ er sees time for P β‘  ❀ β‘‘ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ to compute ❛ ( ❜ ( ①❀ β‘‘ )). P β‘  ❀ β‘‘ ☞ ✎ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ☞ ✎ ❒ ☞ ❒ ❒ attacker can see ❒ β‘  β‘  ❬ ❒ ☞ ❬ ❬ ❬ ❬ ✎ ❬ P 3 = ( β‘  3 ❀ β‘‘ 3 ) for each operation ✎ P β‘  ❀ β‘‘ rmed by Alice, just total time. β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . β‘  2 + β‘‘ 2 reveals secret ❛ . Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is Sum of ( β‘  ❀ β‘‘ β‘  ❀ β‘‘ (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ β‘  constant-time code, ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  β‘  rming same operations matter what scalar is.

  73. οΏ½ οΏ½ οΏ½ Addition on an elliptic curve The clock again, fo more than β‘‘ β‘‘ ❛ ①❀ β‘‘ ❜ ①❀ β‘‘ ). neutral = (0 ❀ 1) neutral ❀ ✎ ✎ time for P β‘  ❀ β‘‘ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ βœ‚ compute ❛ ( ❜ ( ①❀ β‘‘ )). βœ‚ P β‘  ❀ β‘‘ ☞ ✎ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ☞ βœ‚ ✎ ✐ ❒ ✐ ☞ βœ‚ ❒ ✐ ❒ can see ✐ ❒ β‘  β‘  ❬ ☞ ❒ ✐ βœ‚ P ❬ ❬ ❬ P ❬ ✎ ❬ P P P 3 = ( β‘  3 ❀ β‘‘ 3 ) P eration ✎ P β‘  ❀ β‘‘ Alice, time. β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . β‘  2 + β‘‘ 2 = 1. secret ❛ . Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is Sum of ( β‘  1 ❀ β‘‘ 1 ) and β‘  ❀ β‘‘ (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , constant-time code, ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). operations scalar is.

  74. οΏ½ οΏ½ οΏ½ οΏ½ Addition on an elliptic curve The clock again, for comparison: β‘‘ β‘‘ ❛ ①❀ β‘‘ ❜ ①❀ β‘‘ neutral = (0 ❀ 1) neutral = (0 ❀ ✎ ✎ P 1 = ( β‘  ❀ β‘‘ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) βœ‚ ✎ βœ‚ ❛ ❜ ①❀ β‘‘ )). βœ‚ P 2 = β‘  ❀ β‘‘ ☞ ✎ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✐ ☞ βœ‚ ✐ ✎ ✐ ❒ ✐ ☞ βœ‚ ❒ ✐ ❒ ✐ ❒ β‘  β‘  ❒ ☞ ❬ ✐ P βœ‚ ❬ ❬ ❬ P ❬ ✎ ❬ P P P 3 = ( β‘  3 ❀ β‘‘ 3 ) P P P ✎ P 3 = ( β‘  ❀ β‘‘ β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . β‘  2 + β‘‘ 2 = 1. ❛ Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). erations

  75. οΏ½ οΏ½ οΏ½ οΏ½ Addition on an elliptic curve The clock again, for comparison: β‘‘ β‘‘ neutral = (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) βœ‚ ✎ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ☞ ✎ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✐ ☞ βœ‚ ✐ ✎ ✐ ❒ ✐ ☞ βœ‚ ❒ ✐ ❒ ✐ ❒ β‘  β‘  ☞ ❬ ❒ βœ‚ ✐ P ❬ ❬ ❬ P ❬ ✎ ❬ P P P 3 = ( β‘  3 ❀ β‘‘ 3 ) P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β‘  2 + β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . β‘  2 + β‘‘ 2 = 1. Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is (( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , ( β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ).

  76. οΏ½ οΏ½ οΏ½ οΏ½ Addition on an elliptic curve The clock again, for comparison: More elliptic Choose an ♣ β‘‘ β‘‘ Choose a ❞ ✷ ♣ neutral = (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ ❒ ( ①❀ β‘‘ ) ✷ ♣ βœ‚ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ♣ ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) βœ‚ β‘  2 + β‘‘ ✎ βœ‚ βžβ‘  β‘‘ ❣ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ☞ ✎ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✐ ☞ βœ‚ ✐ ✎ ✐ ❒ ✐ ☞ βœ‚ ❒ ✐ ❒ is a β€œcomplete ✐ ❒ β‘  β‘  ☞ ❬ ❒ P ✐ βœ‚ ❬ ❬ ❬ P ❬ ✎ ❬ P P P 3 = ( β‘  3 ❀ β‘‘ 3 ) P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edw ( β‘  1 ❀ β‘‘ 1 ) + β‘  ❀ β‘‘ β‘  ❀ β‘‘ β‘‘ 2 = 1 οΏ½ 30 β‘  2 β‘‘ 2 . β‘  2 + β‘‘ 2 = 1. β‘  where of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β‘  β‘‘ β‘‘ β‘  β‘  3 = β‘  β‘‘ + β‘‘ 1 β‘  2 ) ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , 1 + βžβ‘  β‘  β‘‘ β‘‘ β‘‘ β‘‘ οΏ½ β‘  1 β‘  2 ) ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β‘‘ 1 β‘‘ οΏ½ β‘  β‘  β‘‘ 3 = 1 οΏ½ βžβ‘  β‘  β‘‘ β‘‘

  77. οΏ½ οΏ½ οΏ½ elliptic curve The clock again, for comparison: More elliptic curves Choose an odd prime ♣ β‘‘ β‘‘ Choose a non-squa ❞ ✷ ♣ neutral = (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ P 1 = ( β‘  1 ❀ β‘‘ 1 ) βœ‚ β‘  2 + β‘‘ 2 = 1 + βžβ‘  β‘‘ ❣ ✎ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✐ βœ‚ ✐ ✎ ✐ ❒ ✐ βœ‚ ❒ ✐ is a β€œcomplete Edw ✐ β‘  β‘  ✐ P βœ‚ ❬ P ❬ ✎ ❬ P P P 3 = ( β‘  3 ❀ β‘‘ 3 ) P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edwards addition ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) β‘  ❀ β‘‘ β‘  2 + β‘‘ 2 = 1. οΏ½ 30 β‘  2 β‘‘ 2 . β‘  β‘‘ where β‘  ❀ β‘‘ and ( β‘  2 ❀ β‘‘ 2 ) is Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β‘  1 β‘‘ 2 + β‘‘ 1 β‘  β‘  3 = β‘  β‘‘ β‘‘ β‘  ❂ (1 οΏ½ 30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ β‘‘ β‘‘ οΏ½ β‘  β‘  ❂ (1+30 β‘  1 β‘  2 β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  β‘‘ 3 = 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘

  78. οΏ½ οΏ½ curve The clock again, for comparison: More elliptic curves Choose an odd prime ♣ . β‘‘ β‘‘ Choose a non-square ❞ ✷ F ♣ (0 ❀ 1) neutral = (0 ❀ 1) ✎ ✎ ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ P β‘  ❀ β‘‘ 1 ) βœ‚ β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ ✎ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ P ( β‘  2 ❀ β‘‘ 2 ) ✐ βœ‚ ✐ ✎ ✐ ✐ βœ‚ ✐ is a β€œcomplete Edwards curve”. ✐ β‘  β‘  P βœ‚ ✐ P ✎ P P P ( β‘  3 ❀ β‘‘ 3 ) P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 β‘  2 + β‘‘ 2 = 1. β‘  β‘‘ οΏ½ β‘  β‘‘ where β‘  ❀ β‘‘ β‘  ❀ β‘‘ 2 ) is Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , β‘  β‘‘ β‘‘ β‘  ❂ οΏ½ β‘  β‘  β‘‘ 1 β‘‘ 2 ), ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ β‘‘ οΏ½ β‘  β‘  ❂ β‘  β‘  β‘‘ 1 β‘‘ 2 )). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  79. οΏ½ οΏ½ The clock again, for comparison: More elliptic curves Choose an odd prime ♣ . β‘‘ Choose a non-square ❞ ✷ F ♣ . neutral = (0 ❀ 1) ✎ ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ βœ‚ β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ is a β€œcomplete Edwards curve”. ✐ β‘  ✐ βœ‚ P P P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) β‘  2 + β‘‘ 2 = 1. where Sum of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , ( β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 ). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  80. οΏ½ οΏ½ clock again, for comparison: More elliptic curves β€œHey, there in the Edw Choose an odd prime ♣ . β‘‘ What if Choose a non-square ❞ ✷ F ♣ . neutral = (0 ❀ 1) ✎ ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ βœ‚ β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ βœ‚ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ βœ‚ ✐ βœ‚ ✐ ✐ ✐ βœ‚ ✐ is a β€œcomplete Edwards curve”. ✐ β‘  P ✐ βœ‚ P P P P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) β‘‘ 2 = 1. β‘  where of ( β‘  1 ❀ β‘‘ 1 ) and ( β‘  2 ❀ β‘‘ 2 ) is β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , β‘  β‘‘ + β‘‘ 1 β‘  2 , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ β‘‘ οΏ½ β‘  1 β‘  2 ). β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  81. οΏ½ again, for comparison: More elliptic curves β€œHey, there are divisions in the Edwards addition Choose an odd prime ♣ . β‘‘ What if the denominato Choose a non-square ❞ ✷ F ♣ . neutral = (0 ❀ 1) ✎ ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : P 1 = ( β‘  1 ❀ β‘‘ 1 ) ✎ βœ‚ β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ βœ‚ P 2 = ( β‘  2 ❀ β‘‘ 2 ) ✎ ✐ ✐ ✐ ✐ is a β€œcomplete Edwards curve”. β‘  P P P ✎ P 3 = ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) β‘  β‘‘ where β‘  ❀ β‘‘ and ( β‘  2 ❀ β‘‘ 2 ) is β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , β‘  β‘‘ β‘‘ β‘  1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ β‘‘ οΏ½ β‘  β‘  β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  82. comparison: More elliptic curves β€œHey, there are divisions in the Edwards addition law! Choose an odd prime ♣ . β‘‘ What if the denominators are Choose a non-square ❞ ✷ F ♣ . (0 ❀ 1) ✎ ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : ( β‘  1 ❀ β‘‘ 1 ) P ✎ β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ P = ( β‘  2 ❀ β‘‘ 2 ) ✎ is a β€œcomplete Edwards curve”. β‘  ✎ P ( β‘  3 ❀ β‘‘ 3 ) β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) β‘  β‘‘ where β‘  ❀ β‘‘ β‘  ❀ β‘‘ 2 ) is β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , β‘  β‘‘ β‘‘ β‘  1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ β‘‘ οΏ½ β‘  β‘  β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  83. More elliptic curves β€œHey, there are divisions in the Edwards addition law! Choose an odd prime ♣ . What if the denominators are 0?” Choose a non-square ❞ ✷ F ♣ . ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ is a β€œcomplete Edwards curve”. β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) where β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  84. More elliptic curves β€œHey, there are divisions in the Edwards addition law! Choose an odd prime ♣ . What if the denominators are 0?” Choose a non-square ❞ ✷ F ♣ . Answer: Can prove that ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : the denominators are never 0. β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ Addition law is complete . is a β€œcomplete Edwards curve”. β€œThe Edwards addition law”: ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) where β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  85. More elliptic curves β€œHey, there are divisions in the Edwards addition law! Choose an odd prime ♣ . What if the denominators are 0?” Choose a non-square ❞ ✷ F ♣ . Answer: Can prove that ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : the denominators are never 0. β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ Addition law is complete . is a β€œcomplete Edwards curve”. This proof relies on β€œThe Edwards addition law”: choosing non-square ❞ . ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) where β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 β‘  3 = , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2

  86. More elliptic curves β€œHey, there are divisions in the Edwards addition law! Choose an odd prime ♣ . What if the denominators are 0?” Choose a non-square ❞ ✷ F ♣ . Answer: Can prove that ❒ ( ①❀ β‘‘ ) ✷ F ♣ βœ‚ F ♣ : the denominators are never 0. β‘  2 + β‘‘ 2 = 1 + βžβ‘  2 β‘‘ 2 ❣ Addition law is complete . is a β€œcomplete Edwards curve”. This proof relies on β€œThe Edwards addition law”: choosing non-square ❞ . ( β‘  1 ❀ β‘‘ 1 ) + ( β‘  2 ❀ β‘‘ 2 ) = ( β‘  3 ❀ β‘‘ 3 ) where If we instead choose square ❞ : β‘  1 β‘‘ 2 + β‘‘ 1 β‘  2 curve is still elliptic, and β‘  3 = , 1 + βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 addition seems to work, β‘‘ 1 β‘‘ 2 οΏ½ β‘  1 β‘  2 but there are failure cases, β‘‘ 3 = . 1 οΏ½ βžβ‘  1 β‘  2 β‘‘ 1 β‘‘ 2 often exploitable by attackers. Safe code is more complicated.

Recommend

Bezier curves Bezier curves Control points Bezier curves Control points Bezier curves Bezier

Bezier curves Bezier curves Control points Bezier curves Control points Bezier curves Bezier

Bezier curves Bezier curves Control points Bezier curves Control points Bezier curves Bezier curves Bezier curves Bezier curves P 0 0 P 0 P 1 1 0 . . . P d . 0 . . P 0 P 1 d-1 d-1 P 0 d Bezier curves Curve cut Want to cut

566 views β€’ 12 slides
New Curves in DNSSEC Ond ej Sur, CZ.NIC SafeCurves(.cr.yp.to) Work by Daniel J. Bernstein

New Curves in DNSSEC Ond ej Sur, CZ.NIC SafeCurves(.cr.yp.to) Work by Daniel J. Bernstein

New Curves in DNSSEC Ond ej Sur, CZ.NIC SafeCurves(.cr.yp.to) Work by Daniel J. Bernstein and Tanja Lange Difference between security of: Elliptic-Curve Cryptography (ECC) Elliptic-Curve Discrete-Logarithm Problem (ECDLP)

384 views β€’ 6 slides
Evaluation of Classifiers Evaluation of Classifiers ROC Curves ROC Curves Reject Curves Reject

Evaluation of Classifiers Evaluation of Classifiers ROC Curves ROC Curves Reject Curves Reject

Evaluation of Classifiers Evaluation of Classifiers ROC Curves ROC Curves Reject Curves Reject Curves Precision- -Recall Curves Recall Curves Precision Statistical Tests Statistical Tests Estimating the error rate of a classifier

565 views β€’ 32 slides
Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 El

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 El

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 El Gamal Encryption Public-Key Cryptography Lecture 9 El Gamal Encryption Public-Key Encryption from Trapdoor OWP Public-Key Cryptography Lecture

2.11k views β€’ 163 slides
Neatening sketched strokes using piecewise French Curves James McCrae, Karan Singh French Curves

Neatening sketched strokes using piecewise French Curves James McCrae, Karan Singh French Curves

Neatening sketched strokes using piecewise French Curves James McCrae, Karan Singh French Curves Physical tools, used to model curves French Curves Smoothly connect pre-determined curve points French Curves French Curves Digital French

845 views β€’ 42 slides
Curves and Surfaces Curves and Surfaces Parametric Representations Parametric Representations

Curves and Surfaces Curves and Surfaces Parametric Representations Parametric Representations

Curves and Surfaces Curves and Surfaces Parametric Representations Parametric Representations Cubic Polynomial Forms Cubic Polynomial Forms Hermite Curves Hermite Curves Bezier Curves and Surfaces Bezier Curves and Surfaces [Angel

433 views β€’ 25 slides
Forms of elliptic curves Wouter Castryck Forms of elliptic curves First definitions Well-known

Forms of elliptic curves Wouter Castryck Forms of elliptic curves First definitions Well-known

Well-known forms of elliptic curves Toric forms of elliptic curves Forms of elliptic curves Wouter Castryck Forms of elliptic curves First definitions Well-known forms of elliptic curves Projective coordinates Toric forms of elliptic curves

478 views β€’ 46 slides
Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8

Public-Key Cryptography Public-Key Cryptography Lecture 8 Public-Key Cryptography Lecture 8 Public-Key Encryption from Trapdoor OWP Public-Key Cryptography Lecture 8 Public-Key Encryption from Trapdoor OWP CCA Security El Gamal Encryption

1.78k views β€’ 162 slides
Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve

Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve

Cryptography Elliptic Curve Cryptography Overview of Elliptic Curve Cryptography Elliptic Curve Cryptography Applications of Elliptic Curve Cryptography Elliptic Curve Cryptography Cryptography in OpenSSL School of Engineering and

857 views β€’ 17 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

454 views β€’ 11 slides
Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and

Cryptography Cryptography Concepts and Terminology Security Concepts Cryptography Concepts and Terminology Cryptography Concepts Cryptography Notation and Terminology Cryptography School of Engineering and Technology CQUniversity

322 views β€’ 11 slides
parametric spline curves 1 curves used in many contexts fonts (2D) animation paths (3D) shape

parametric spline curves 1 curves used in many contexts fonts (2D) animation paths (3D) shape

parametric spline curves 1 curves used in many contexts fonts (2D) animation paths (3D) shape modeling (3D) different representation implicit curves parametric curves (mostly used) 2D and 3D curves are mostly the same use vector notation

724 views β€’ 35 slides
BEZIER CURVES 1 OUTLINE Introduce types of curves and surfaces Introduce the types of

BEZIER CURVES 1 OUTLINE Introduce types of curves and surfaces Introduce the types of

BEZIER CURVES 1 OUTLINE Introduce types of curves and surfaces Introduce the types of curves Interpolating Hermite Bezier B-spline Quadratic Bezier Curves Cubic Bezier Curves 2 ESCAPING FLATLAND

991 views β€’ 38 slides
Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia

Cryptography Public Key Cryptography Concepts of Public Key Cryptography Public Key Cryptography Cryptography School of Engineering and Technology CQUniversity Australia Prepared by Steven Gordon on 20 Feb 2020, public.tex, r1803 1

422 views β€’ 7 slides
Your Plan After High School Choosing a Career Choosing a College College Admissions

Your Plan After High School Choosing a Career Choosing a College College Admissions

Your Plan After High School Choosing a Career Choosing a College College Admissions Financial Aid Choosing a Career Choosing a Career TN College and Career Planning System Career Interest Assessment Skills Confidence

417 views β€’ 30 slides
Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9

Public-Key Cryptography Public-Key Cryptography Lecture 9 Public-Key Cryptography Lecture 9 CCA Security SIM-CCA Security (PKE) Recv Send PK/Enc SK/Dec Replay Filter Secure (and correct) if: s.t. output of is distributed

1.26k views β€’ 101 slides
Disclosures The speaker has no conflicts of interest to disclose Learning Objectives Upon

Disclosures The speaker has no conflicts of interest to disclose Learning Objectives Upon

APNA 30th Annual Conference Session 2026: October 20, 2016 The Newest Risk Factor for Pediatric Depression, Anxiety, and Suicidal Ideation: Cyberbullying Elizabeth Hutson PMHNP-BC Disclosures The speaker has no conflicts of interest to

82 views β€’ 7 slides
Extending Scalability of Collective IO Through Nessie and Staging Parallel Data Storage Workshop

Extending Scalability of Collective IO Through Nessie and Staging Parallel Data Storage Workshop

Extending Scalability of Collective IO Through Nessie and Staging Parallel Data Storage Workshop November 13, 2011 Jay Lofstead (SNL) Ron Oldfield (SNL) Todd Kordenbrock (HP) Charles Reiss (UCB) Sandia National Laboratories is a

649 views β€’ 15 slides
Epidemics on random graphs with a given degree sequence Malwina Luczak 1 2 School of Mathematical

Epidemics on random graphs with a given degree sequence Malwina Luczak 1 2 School of Mathematical

Introduction The model Results Results about near-criticality Epidemics on random graphs with a given degree sequence Malwina Luczak 1 2 School of Mathematical Sciences Queen Mary, University of London e-mail: m.luczak@qmul.ac.uk 14 April

795 views β€’ 40 slides
Architecting HBM as a High Bandwidth, High Capacity, Self-Managed Last-Level Cache Tyler

Architecting HBM as a High Bandwidth, High Capacity, Self-Managed Last-Level Cache Tyler

Architecting HBM as a High Bandwidth, High Capacity, Self-Managed Last-Level Cache Tyler Stocksdale Advisor: Frank Mueller Mentor: Mu-Tien Chang Manager: Hongzhong Zheng 11/13/2017 Background Commodity DRAM is hitting the memory/bandwidth

958 views β€’ 63 slides
Growi rowing ng resea research whi rch which com ch comput putes es Nick Jones Director

Growi rowing ng resea research whi rch which com ch comput putes es Nick Jones Director

Growi rowing ng resea research whi rch which com ch comput putes es Nick Jones Director New Zealand eScience Infrastructure New Zealand eScience Infrastructure eScience in a national context New Zealand eScience Infrastructure New

247 views β€’ 20 slides
Improvements to the Co-simulation Interface for Geographically Distributed Real-time Simulation

Improvements to the Co-simulation Interface for Geographically Distributed Real-time Simulation

Improvements to the Co-simulation Interface for Geographically Distributed Real-time Simulation 45th Annual Conference of the IEEE Industrial Electronics Society (IECON) 15th 17th October 2019, Lisbon Paper: LD-029874 1 Improvements to the

317 views β€’ 20 slides
Transit Database June 2018 Transit Asset Management First compliant plans Oct 1, 2018

Transit Database June 2018 Transit Asset Management First compliant plans Oct 1, 2018

Updates on Asset Management and the National Transit Database June 2018 Transit Asset Management First compliant plans Oct 1, 2018 Group Plan Sponsor Workbook Plan development eligible activity (5307, 5310, 5311, and 5337)

264 views β€’ 10 slides
Cost Allocation 101 Webinar June 6, 2018, 2:00-3:30 PM ET U.S. Department of Transportation

Cost Allocation 101 Webinar June 6, 2018, 2:00-3:30 PM ET U.S. Department of Transportation

Cost Allocation 101 Webinar June 6, 2018, 2:00-3:30 PM ET U.S. Department of Transportation Federal Transit Administration Presenters Todd Hansen Assistant Research Scientist, Transit Mobility Program, Texas A&M Transportation Institute

611 views β€’ 60 slides

More recommend

Logo Sambuz

Unleash a World of Digital Possibilitiesβ€”Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Blogs Contact

Newsletter

Stay Informed & Inspiredβ€”Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2025 SAMBUZ, All right reserved.