Knowledge-Proof Based Versatile Smart Card Verification Protocol
|
|
- Aldous Johns
- 5 years ago
- Views:
Transcription
1 Kowledge-Proof Based Versatle Smart Card Verfcato Protocol DaeHu Nyag ad JooSeok Sog Departmet of Computer Scece Departmet, Yose Uversty SeodaemuGu ShchoDog 34, Seoul , Korea fyag, ABSTRACT We propose a zero-kowledge teractve proof based detfcato ad sgature scheme. The protocol s based o Euler s totet fucto ad dscrete logarthms over the rg Z=Z, ad ca be appled to smart cards. A prover keeps a sged subgroup geerator provded by a trusted ceter as ts secret formato. Our scheme has symmetrcty the sese that the same computatoal complexty ad the same hardware both for Prover ad for Verfer are requred. Also, t requres mmal amout of computato ad commucatos for secret formato. The protocol s versatle eough to be applcable to dgtal sgature scheme, multple dgtal sgature scheme ad key exchage protocol. We outle those protocols to show the versatlty of our protocol. Categores ad Subject Descrptors F.2.m [Theory of Computato]: Mscellaeous; G.2.3 [Mathematcs of Computg]: Applcatos Geeral Terms Securty Keywords Cryptography, Smart card, Idetfcato, Zero-Kowledge Iteractve Proof, Dgtal Sgature, Multple Sgature, Key Exchage. INTRODUCTION I a computerzed commucato socety, t s ecessary to provde a adequate method by whch commucators ca detfy themselves to each other a uforgeable maer. Sce 984, cosderable atteto has bee pad to ZKIP[, 6, 3], whch s useful detfcato ad dgtal sgature. Idetfcato schemes usg ZKIP are geerally based o the dffculty of computg the dscrete logarthm modulo a large prme umber, quadratc resduosty of umbers, modular square roots, ad the factorzato of a composte umber. May detfcato schemes have bee proposed based o zero-kowledge proof[2, 5, 0, 2]. I ths paper, we propose the cocept of a sged subgroup geerator ad desg a ew teractve proof based detfcato scheme ad dgtal sgature. The scheme uses dscrete logarthm over the rg Z=Z ad Euler s totet fucto to get ts securty, ad s sutable for smart cards because t requres oly oe secret umber ad oe accredtato to complete the teractve proof. Our detfcato scheme s superor to Gullous ad Qusquater s scheme that a verfer s computatoal burde s reduced to about half ad t smplfes the hardware mplemetato. Besdes those, our protocol ca be easly modfed to serve as a key exchage protocol ad as a multple sgature scheme. 2. IDENTIFICATION SCHEME 2. Backgroud Before proceedg, we brefly expla zero-kowledge teractve proof. Iteractve proof s defed by two teractve Turg maches (P; V ). They have a few tapes to do ther operato ad commucate wth each other. Prover(P ) proves a certa kowledge to verfer(v ), ad the proof s called a wtess. ZKIP duces a formal laguage L, ad for a put x a prover proves x 2 L. If x 2 L, the, wth very hgh probablty, the verfer s covced of ths fact, after teractg wth the prover. If x 62 L,theomatter what the prover does, wth very hgh probablty, he fals to fool the verfer(to belevg that x s L). The frst codto s referred to as the completeess, whle the secod codto s referred to as soudess. Iformally, a proof system s calledzero-kowledge whe the prover tells the verfer othg but that x 2 L, eve though the verfer tres to trck the prover to revealg somethg. Our teractve protocol s a proof of kowledge of a predcate P (s; x) =[s x g mod pq] where gcd(x; (pq)) =, ad g s a geerator of a suffcetly large subgroup of Z=Z( s the Carmchael fucto[8]). We propose a ew protocol where a trusted ceter sgs g wth a prvate-key correspodg to the publc-key whch s certfed by a trusted ceter. Thus, each user keeps the sged g as ts secret formato, but does ot kow the prvate-key wth whch g s sged. g s a geerator of a suffcetly large subgroup of Z=Z. 2.2 The Idetfcato Scheme for Smart Cards
2 Lke other detfcato schemes, our protocol s composed of two phases. The frst phase s the smart card ssug step, ad the secod s teractve proof. A trusted ceter radomly chooses two large prmes, p ad q. The two prmes are kept securely by the trusted ceter. We assume that = pq s a 768-bt or 024-bt publc umber, ad the factorzato of s stll feasble. Aother publc value g s also chose by the trusted ceter. g s a geerator of a suffcetly large subgroup of Z=Z. It should be selected by the trusted ceter to satsfy g k mod where k s the order of g mod. k must ot be smooth ad must be large eough(say 60-bts) to be strog agast attacks such as baby-step gat-step ad dex calculus. Grault devsed a smart way to select g [7], but we do ot eed to reveal k, whchsa factor of ()(() s Euler s totet fucto). The trusted ceter publshes ( = pq; g) the publc drectory. The modulus ad the subgroup geerator g wll be shared amog a group of users. Whe a elgble user apples for a smart card, the trusted ceter ssues a strg I whch cotas formato about the user ad the card. Ad ow the trusted ceter performs the followg steps to compute the secret formato s ad a publc-key v for user. Preparatory steps for the ceter :. For a user who requests a trusted ceter of ts secret value, the trusted ceter chooses v,wherev s a prme ad gcd(v ;())=. 2. The ceter computes s g =v mod : s ca be easly obtaed by computg g d mod where vd mod(): 3. The ceter geerates a sgature ad the certfcate S = sgature(i;v ); C(User ) =(I;v ;S): 4. A smart card cotag the user s certfcate s ssued. Here, the certfcate ca be geerated by a trusted ceter usg ay well-kow sgature schemes or the sgature scheme proposed ths paper. Rab-lke dgtal sgature scheme or a low ecrypto expoet RSA ca be used for a faster certfcate verfcato[9]. They requre oly a few multplcatos the verfcato step. After the preparatory steps, a prover has a secret umber s ad ca prove ts detty to a verfer by the followg teractve proof. Iteractve proof betwee a prover ad a verfer :. Prover seds ts certfcate C(Prover) to Verfer. 2. Verfer checks Prover s certfcate C(Prover) =(I;v ;S). 3. Prover pcks a radom umber r 2f2;::: ;,g ad seds x r v mod as a test to Verfer. 4. Verfer seds a radom umber e 2 f;::: ;2 t g as a questo to Prover, where 2 t < v. The sze of 2 t represets a compromse betwee speed ad securty. 5. Prover seds to Verfer as a wtess: y rs e mod 6. Verfer checks that x y v g,e mod ad accepts the proof as vald oly whe the above result s correct. The above teractve proof requres oly oe securty umber ad oe accredtato for the proof of detty, but stll provdes the securty level of 2,t. To reduce the umber of bts commucated, a prover seds oly the frst t bts of a hash fucto h(x) to a verfer step 3, ad compares h(x) wth the frst t bts of y v g,e mod. Thus, the total umber of commucato bts s 2t + log. The protocol requres a verse operato to compute g,e mod, but the computato s already the preprocessg stage. 2.3 Soudess ad Completeess Proofs For the valdty ad securty of the proposed teractve proof, completeess ad soudess of the protocol should be cosdered. I ths secto, we gve formal proofs of the protocol. It s trval that the detfcato procedure succeeds f both a prover ad a verfer follow the protocol as show theorem. THEOREM (COMPLETENESS). If a prover ad a verfer follow the protocol, the verfer always accepts prover s proof of detty. PROOF. By defto y v g,e (rs e ) v g,e r v g e g,e r v x mod The proof that the cheatg probablty of a dshoest prover caot be creased to hgher tha 2,t s smlar to Gullous ad Qusquater s. THEOREM 2 (SOUNDNESS). Assume that a prover does ot kow the s ad caot compute polyomal tme the v -th root. If a verfer follows the protocol, he wll accept the proof as vald wth probablty bouded by 2,t. PROOF. To crease the probablty of cheatg, a prover must choose x such a way that he ca compute v -th roots y 0 ad y 00 of xg e mod for two questos e 0 ad e 00. However, the followg procedure reveals s, ad t cotradcts the assumpto that the v -th root caot be computed polyomal tme wthout kowg s.
3 . For two questos e 0 ad e 00, choose Bezout coeffcets m ad k such that v m +(e 0, e 00 )k = There always exst Bezout coeffcets m ad k, because of gcd(v ;e 0, e 00 )=. 2. Compute the followg ad output: (g m y 0 k y 00 ) (s v m y 0 k y 00 ) (s v m s mod s (e0,e 00 )k ) 2.4 Why s v a Prme Number? We show that the probablty of cheatg may be hgher tha 2,t, uless v s a prme. For ths, we assume that v s ot a prme. Suppose a dshoest prover who has (s ;v ) such that s v g mod ad preteds to be a prover j. Ifgcd(v ;v j) 6= such as v = la, v j = lb ad b<2 t, the he/she ca preted to be prover j wth probablty b, > 2,t by guessg e such that b dvdes e+r, ad sedg x g r mod ad y s (e+r)a=b mod. Ideed, y vj g,e s (e+r)v ja=b g,e s (e+r)lba=b g,e s v (e+r) g r x mod : g,e Thus, a dshoest prover ca cheat a verfer wth probablty hgher tha 2,t.However,fv s a prme, ths caot happe. If the questo e s predcted by a prover, she ca deceve the verfer by guessg e such that v dvdes r + e ad sedg x g r mod ad y g (r+e)=v mod. A verfer wll accept the proof of kowledge, because y v g,e (g (r+e)=v ) v g r+e g,e x mod : However, the probablty of ths evet s 2,t, ad for a suffcetly large t, t s almost mpossble to guess a questo e. There s a tradeoff betwee speed ad securty. If a securty parameter t has a large value, the speed becomes slow. For the detfcato scheme, t = 20 s eough for the most applcatos, t = 45 for atoal securty applcatos. For the dgtal sgature, t =72s eough. I the protocol, (x r v mod ) s a radom umber, ad y s masked by a radom umber r whch caot be computed by a verfer who does ot kow the factorzato. Thus, all the messages from a prover to a verfer do ot reveal ay formato about the prover s secret, s. The protocol wth oe roud, however, s ot a zero-kowledge proof, because the rug tme of the smulator whch produces trascrpts wth a detcal probablty dstrbuto to those produced whe Prover actually takes part the protocol s O(2 t ). Techcally for soudess, t must grow asymptotcally faster tha log, but the codto makes the rug tme of the smulator grow asymptotcally faster tha (log ) c, for a costat c. Thus, our protocol wth oe roud s ot a zerokowledge proof. However, the protocol wth k-rouds (k >) has surely the zero-kowledgeess. If we perform the protocol wth k-rouds, the smulator rus O(2 t ) ad for the soudess, kt (ot t) must grow asymptotcally faster tha log. If we chooses k large eough for kt to grow faster tha log for a t that grows slower tha log, both the soudess ad the zero-kowledgeess are obtaed. The protocol wth k-rouds, however, s ot effcet to lose the practcal meag. If we restrct k =, the protocol loses the zero-kowledgeess theoretcal sese but t gets effcecy stead. Perfect zero-koledge practce s hard to get, ad oly Fat-Shamr s scheme amog the referred oes the paper obtas t. Practcally, we do t eed to sst the zero-kowledgeess the asymptotc sese, sacrfcg the effcecy. Proper selecto of parameters such as k ad t s eough to protect the secret formato. 2.5 Cosderato o Commo Modulus The protocol ths paper uses the same securty assumpto as that of RSA. That s, the v-th root fdg Z=Z s as dffcult as the factorzato. Smmos has show that the protocol usg commo modulus RSA fals as a prvacy chael f a message was ecrypted ad set to two or more recevers[4]. I that case, a outsder (ot a subscrber/user) usg oly the publc-key could decrypt the cphertext wth uacceptably hgh probablty. Also, DeLaurets has show that the commo modulus protocol s eve more vulerable to attack by sders (subscrber/user) who ca break the cryptosystem by usg ether a probablstc or a determstc method[3]. Kowledge of a sgle ecrypto/decrypto par s equvalet to factorg the modulus probablstcally, ad eables a subscrber to fd other users secret key determstcally. Thus, a protocol usg RSA should ot use commo modulus. There are two securty aspects to be cosdered the proposed scheme. Oe s whether a subscrber(a legal prover) ca fd d from g =v g d mod ad v. If he fds d, he ca easly factor by [3]. To fd out d oly from g d mod, he should solve a dscrete logarthm problem. I fact, most sub-expoetal algorthms to solve the dscrete logarthm problem assume a fte feld F p or a Galos feld GF (p m ). The order of g mod p or g mod p m s kow a pror these felds, whereas the order of g mod s ot kow. Thus, those algorthms are ot applcable to fd out d oly from g d Z=Z. Moreover, t s equvalet to breakg the RSA dgtal sgature scheme to fd d from g d mod ad v. The other to be cosdered s whether a subscrber ca compute aother subscrber s secret formato g =v j mod from ts secret g =v mod,wherev;v j are prmes. Uless v = av j(a =; 2;:::), oe caot compute g =v j mod wth g =v wthout the kowledge of the factorzato[4]. 3. DIGITAL SIGNATURES Ths secto treats dgtal sgatures that are costructed from our detfcato scheme. Also, we show that the dgtal sgature scheme s extedble to multple dgtal sgature scheme. 3. Dgtal Sgature Usg a zero-kowledge based detfcato scheme ad a hash fucto, oe ca costruct a secure dgtal sgature scheme[5]. The role of the trusted ceter ths case s the same as that the detfcato scheme. I our detfcato scheme, radom
4 umber e cotas o formato, but ts upredctablty prevets a prover from cheatg. Swtchg the detfcato scheme to a sgature scheme, we replace the verfer s role by the hash fucto h ad obta the followg sgature protocol. To sg a message M, Sger :. Pcks a radom umber, r, ad computes x r v mod Ths computato s the preprocessg stage. 2. Cocateates M ad x, ad hashes the result: 3. Computes e = h(m;x) 2f0;::: ;2 t, g y rs e mod The sgature s e ad y; he/she seds these to Verfer wth M, C(User ). To verfy Sger s sgature o M, Verfer :. Computes z y v g,e mod 2. Verfes whether h(m; z) s e or ot. Verfer accepts the message M as geue f ad oly f e equals to h(m;z). THEOREM 3 (COMPLETENESS). If Sger ad Verfer follow ther protocols, Verfer always accepts the sgature as vald. PROOF. By defto, z y v g,e (rs e ) v g,e r v (s v )e g,e r v g e g,e r v ad thus h(m;z) =h(m;x). x mod The probablty dstrbuto of the hash fucto h(m;x) must be uform wth respect to radom x. Also,h(M; x) should be oeway wth respect to M. The hash fucto whch satsfes both crtera s hghly resstat agast kow platext attacks ad chose platext attacks. 3.2 Multple Sgature A exteso of the sgature scheme to the multple sgature scheme s preseted. Multple sgatures are eeded f may people wat to sg the same documet. A easy way to do ths s to let each of them sg the same documet separately, ad cocateate the result to the sged documet. Wth the scheme, the legth ad the tme to sg a documet s proportoal to the umber of people volved. Usg the sgature scheme desged secto 3., we ca sg a documet wth more effcecy. To sg a message, sgers geerate ther ow radom umbers ad use the product of those umbers as a commtmet umber. The radom questo s geerated from the commtted umber, the message to be sged, ad a hash fucto, so t s detcal amog sgers. Verfcato process s smlar to that of sgle sgature scheme except that the publc-key used the verfcato s the product of v s. To wrte a multple sgature ad verfy a documet, each partcpat does the followg procedure. To sg a message M, Sger :. Pcks a radom umber, r, ad computes x r j= vj mod 2. Seds x to every other sgers. 3. Receves x ;x 2;::: ;x,;x +;x +2;::: ;x ad computes x Y j= x j mod 4. Cocateates M ad x, ad hashes the result: 5. Computes e = h(m;x) 2f0;::: ;2 t, g y rs e mod ad seds y to every other sgers. 6. Receves y ;y 2;::: ;y,;y +;y +2;::: ;y ad computes y Y j= y j mod The sgature s e ad y; he/she seds these to Verfer wth M ad I ;I 2;::: ;I whch are correspod to each sger s publc-key. To verfy Sgers multple sgature o M, Verfer:. Computes the followg from v = f(i );v 2 = f(i 2);::: ;v = f(i ),wherei s a detfcato word for Sger : 2. Computes v = Y = v z y v g,e P j= v=vj mod 3. Verfes whether h(m;z) s e or ot. Verfer accepts the message M as geue f ad oly f e equals to h(m; z). Ife 6= h(m;z), there s at least oe vald sgature. Usg our multple sgature scheme, the legth of a sgature s greatly reduced. Regardless of the umber of people volved sgg procedure, the legth of a sgature s costatly t + log. For example, whe s a 52-bt umber ad the securty parameter t =2 72, total sgature legth of the scheme s bts, whch s the same as that of the sgle sgature. Eve better, the umber of sgers does ot crease the sgature legth. As before, the completeess proof s followed by defto.
5 THEOREM 4 (COMPLETENESS). If Sgers ad Verfer follow ther protocols, Verfer always accepts the sgature as vald. PROOF. Letv be = v. By defto, y = v g,e P j= v=vj (y y 2 y ) = v g,e P j= v=vj (r r 2 r s e s e 2 s e ) = v g,e P j= v=vj (r r 2 r ) = v (s = v s = v 2 s = v ) e g,e P j= v=vj (r r 2 r ) = v (g = v=v g = v=v2 g = v=v ) e g,e P j= Q v=vj r = v r = v 2 r = v x mod Q THEOREM 5 (SOUNDNESS). Assume that a prover theq does ot kow the = s ad caot compute polyomal tme vth root. If a verfer follows the protocol, he/she wll accept the = proof as vald wth probablty bouded by 2,t. PROOF. To crease the probablty of cheatg, Q a prover must choose x such a way that he/she ca compute = v-th roots y 0 ad y 00 of xg e P j= v=vj mod for two Q questos e 0 ad e 00. However, the followg procedure Q reveals s, ad t cotradcts the assumpto that the v- = = th Qroot caot be computed polyomal tme wthout kowg s. =. Choose Bezout coeffcets m, k such that m Y = for =; 2;::: ;: v +(e 0, e 00 )k = ; where v > (e 0, e 00 ) Sce gcd( = v;e0,e 00 )=, there exst k ad m whch satsfy the Q above codto. 2. Compute = s as followg : 00 (g ( = v=v)m g ( = v=v2)m Q g ( = v=v)m y k) 0 y ((s v )( = v=v)m (s v2 2 )( = v=v2)m (s v ) ( = v=v)m s (e0,e 00 )k s (e0,e 00 )k 2 s (e0,e 00 )k ) ((s s 2 s ) ( = v)m+(e 0,e 00 )k ) s s 2 s mod # of mults Prover Verfer Bytes(x; e; y) FS (t(k+2)/2) (t(k+2)/2) Schorr* (.5l +0.25t) GQ (.5t) (3t) OgSchorr* (t(k+2)/2 - ) (t(k+2)/2 + ) Ours* (.5t) (.5t) Table : Comparso wth the other detfcato schemes : * requres a certfcate verfcato phase. # of mults Sg ge Sg verfy Legth(y; e) RSA Fat-Shamr Schorr GQ Og-Schorr Our Scheme Table 2: Comparso wth the other sgature schemes a verfer ca prepare g,e mod advace. Whe the protocol starts, the oly multplcatos a prover should do are s e mod. Smlarly, t s eough for a verfer to compute y v mod ad check the valdty of the proof. Ths pre-computato does half the verfer s computato. Comparsos wth other schemes terms of the umber of multplcatos ad the requred storage amout are show Table ad Table 2. Pre-computatos are cosdered. We assume that detfcato schemes provde a securty level of 2,24 ad sgature schemes 2,72. Table ad Table 2 show the computatoal load of detfcato schemes ad sgature schemes, respectvely. I the case of Schorr s, Og-Shorr s ad our scheme, the umber of multplcatos to verfy the certfcate s ot couted. As stated Secto 2.2, ether Rab-lke dgtal sgature scheme or a low ecrypto expoet RSA adds oly a couple of multplcatos the verfcato step[, 9]. We assume the square ad multply algorthm s used to expoetate a umber. I Table, t meas the securty level ad l meas the umber of bts of q Schorr s scheme. k s the umber of Prover s secrets whch s proportoal to the amout of commucato. Our scheme requres the same computatoal complexty ad almost the same hardware both for Prover ad for Verfer. Ths symmetrcty s useful the evromet where mutual detfcatos are requred. I the sgature geerato process, our scheme requres oly 4% of the umber of multplcatos requred by RSA. I the verfcato phase, 50% of that of Schorr s ad Gullous ad Qusquater s are eough. The amout of computato of Gullous ad Qusquater s durg the verfcato ca be reduced by smultaeous multple expoetato, but t requres more complex hardware tha ours. 4. PERFORMANCE EVALUATION I the detfcato protocol ad the sgature scheme, pre-computatos ca reduce the verfer s burde as well as the prover s. A prover ca pre-compute the value x r v mod ts dle tme, ad 5. CONCLUSION I ths paper, we propose a ew teractve proof based detfcato scheme ad a dgtal sgature. The proposed scheme s very effcet both verfcato ad provg steps owg to the pre-computable protocol structure. Ths property makes our
6 scheme much more approprate for smart cards, ad provdes the computatoal symmetrcty. I addto, our detfcato protocol requres mmal amout of storage for secret formato ad mmal amout of commucatos. Our protocol ca be modfed such that a prover uses x g r mod ad y s e+r mod. I that case, a radom umber r should be chose the rage [;::: ;k],wherek s the order of g mod. Wth ths modfed verso, a verfer ca check the valdty of the proof as the same way as before. y v g,e s (e+r)v g,e (s v )e+r g,e g e+r g,e x mod Soudess proof of the modfed verso s the same as the orgal oe. However, ths modfcato requres a prover to do much more multplcatos, eve though those are the pre-computato phase. Besdes the dgtal sgature, the protocol ca be exteded for the key-exchage whe t s used for mutual detfcato. Istead of prover s sedg x = r v mod, the alterate verso of the protocol s used.. User commts x g r mod,wherer s a radom umber. 2. User j seds a questo ad her commtmet: e j ad x j g r j mod. 3. User seds her aswer ad questo: y s ej +r mod ad e 4. User j checks x g,ej y v mod. ad seds her aswer: y j s e+rj mod 5. User checks x j g,e y v j mod. After dog the mutual detfcato protocol, User ad j ca obta a commo key, K j = K j. K j x r j g r j r g r rj x rj K j mod 6. REFERENCES [] L. Baba. Arthur-merl games: A radomzed proof system, ad a herarchy of complexty classes. Joural of Computer ad System Sceces, 36: , 988. [2] T. Beth. Effcet zero-kowledge detfcato scheme. I Advaces Cryptology : Proceedgs of EuroCrypt 88, Lecture Notes Computer Scece, Sprger-Verlag, pages IACR, 988. [3] J. M. DeLaurets. A further weakess the commo modulus protocol for the rsa cryptoalgorthm. Cryptologa, 8(3): , 984. [4] J.-H. Evertse. Whch ew rsa sgatures ca be computed from some gve rsa sgatures? I Advaces Cryptology : Proceedgs of EuroCrypt 90, Lecture Notes Computer Scece, Sprger-Verlag, pages IACR, 99. [5] A. Fat ad A. Shamr. How to prove yourself: Practcal solutos to detfcato ad sgature problems. I Advaces Cryptology : Proceedgs of Crypto 86, Lecture Notes Computer Scece, Sprger-Verlag, pages IACR, 987. [6] D. C. Glles Brassard ad C. Crépeau. Mmum dsclosure proofs of kowledge. Joural of Computer ad System Sceces, 37:56 89, 988. [7] M. Grault. A detty-based detfcato scheme based o dscrete logarthms modulo a composte umber. I Advaces Cryptology : Proceedgs of EuroCrypt 90, Lecture Notes Computer Scece, Sprger-Verlag, pages IACR, 990. [8] G. L. Mller. Rema s hypothess ad tests for prmalty. Joural of Computer ad System Sceces, 3:300 37, 976. [9] D. H. Nyag ad J. S. Sog. Fast dgtal sgature scheme based o the quadratc resdue problem. Electrocs Letters, 33(3): , 997. [0] J. Qusquater ad L. Gullou. A paradoxcal detty based sgature scheme resultg from zero kowledge. I Advaces Cryptology : Proceedgs of EuroCrypt 88, Lecture Notes Computer Scece, Sprger-Verlag, pages IACR, 988. [] M. O. Rab. Dgtalzed sgatures ad publc key fuctos as tractable as factorzato. I Techcal Report, MIT/LCS/TR22, Cambrdeg, Mass. MIT Lab., 979. [2] C. Schorr. Effcet detfcato ad sgatures for smart cards. I Advaces Cryptology : Proceedgs of Crypto 89, Lecture Notes Computer Scece, Sprger-Verlag, pages IACR, 989. [3] S. M. Shaf Goldwasser ad C. Rackoff. Kowledge complexty of teractve proof systems. SIAM Joural o Computg, 8():86 208, 989. [4] G. J. Smmos. A weak prvacy protocol usg the rsa cryptoalgorthm. Cryptologa, 7:80 82, 983.
Pseudo-random Functions
Pseudo-radom Fuctos Debdeep Mukhopadhyay IIT Kharagpur We have see the costructo of PRG (pseudo-radom geerators) beg costructed from ay oe-way fuctos. Now we shall cosder a related cocept: Pseudo-radom
More informationA note on An efficient certificateless aggregate signature with constant pairing computations
A ote o A effcet certfcateless aggregate sgature wth costat parg computatos Debao He Maomao Ta Jahua Che School of Mathematcs ad Statstcs Wuha Uversty Wuha Cha School of Computer Scece ad Techology Uversty
More informationPseudo-random Functions. PRG vs PRF
Pseudo-radom Fuctos Debdeep Muhopadhyay IIT Kharagpur PRG vs PRF We have see the costructo of PRG (pseudo-radom geerators) beg costructed from ay oe-way fuctos. Now we shall cosder a related cocept: Pseudo-radom
More informationNP!= P. By Liu Ran. Table of Contents. The P versus NP problem is a major unsolved problem in computer
NP!= P By Lu Ra Table of Cotets. Itroduce 2. Prelmary theorem 3. Proof 4. Expla 5. Cocluso. Itroduce The P versus NP problem s a major usolved problem computer scece. Iformally, t asks whether a computer
More informationDiscrete Mathematics and Probability Theory Fall 2016 Seshia and Walrand DIS 10b
CS 70 Dscrete Mathematcs ad Probablty Theory Fall 206 Sesha ad Walrad DIS 0b. Wll I Get My Package? Seaky delvery guy of some compay s out delverg packages to customers. Not oly does he had a radom package
More informationLecture 6: October 10, DES: Modes of Operation
Lecture 6: October 1, 21 Revew: DES, Merkle s puzzles Oe-tme sgatures Publc key cryptography Proect proposals due ext Moday Homework : due ext Wedesday Aoymous commets gts@dr.com Sged PGP/GPG emal gts@dr.com
More informationNP!= P. By Liu Ran. Table of Contents. The P vs. NP problem is a major unsolved problem in computer
NP!= P By Lu Ra Table of Cotets. Itroduce 2. Strategy 3. Prelmary theorem 4. Proof 5. Expla 6. Cocluso. Itroduce The P vs. NP problem s a major usolved problem computer scece. Iformally, t asks whether
More informationHard Core Predicates: How to encrypt? Recap
Hard Core Predcates: How to ecrypt? Debdeep Mukhopadhyay IIT Kharagpur Recap A ecrypto scheme s secured f for every probablstc adversary A carryg out some specfed kd of attack ad for every polyomal p(.),
More information18.413: Error Correcting Codes Lab March 2, Lecture 8
18.413: Error Correctg Codes Lab March 2, 2004 Lecturer: Dael A. Spelma Lecture 8 8.1 Vector Spaces A set C {0, 1} s a vector space f for x all C ad y C, x + y C, where we take addto to be compoet wse
More informationPolynomial Encryption Using The Subset Problem Based On Elgamal. Raipur, Chhattisgarh , India. Raipur, Chhattisgarh , India.
Polyomal Ecrypto Usg The Subset Problem Based O Elgamal Khushboo Thakur 1, B. P. Trpath 2 1 School of Studes Mathematcs Pt. Ravshakar Shukla Uversty Rapur, Chhattsgarh 92001, Ida. 2 Departmet of Mathematcs,
More informationCHAPTER 4 RADICAL EXPRESSIONS
6 CHAPTER RADICAL EXPRESSIONS. The th Root of a Real Number A real umber a s called the th root of a real umber b f Thus, for example: s a square root of sce. s also a square root of sce ( ). s a cube
More informationAssignment 5/MATH 247/Winter Due: Friday, February 19 in class (!) (answers will be posted right after class)
Assgmet 5/MATH 7/Wter 00 Due: Frday, February 9 class (!) (aswers wll be posted rght after class) As usual, there are peces of text, before the questos [], [], themselves. Recall: For the quadratc form
More informationSolving Constrained Flow-Shop Scheduling. Problems with Three Machines
It J Cotemp Math Sceces, Vol 5, 2010, o 19, 921-929 Solvg Costraed Flow-Shop Schedulg Problems wth Three Maches P Pada ad P Rajedra Departmet of Mathematcs, School of Advaced Sceces, VIT Uversty, Vellore-632
More information{ }{ ( )} (, ) = ( ) ( ) ( ) Chapter 14 Exercises in Sampling Theory. Exercise 1 (Simple random sampling): Solution:
Chapter 4 Exercses Samplg Theory Exercse (Smple radom samplg: Let there be two correlated radom varables X ad A sample of sze s draw from a populato by smple radom samplg wthout replacemet The observed
More informationFor combinatorial problems we might need to generate all permutations, combinations, or subsets of a set.
Addtoal Decrease ad Coquer Algorthms For combatoral problems we mght eed to geerate all permutatos, combatos, or subsets of a set. Geeratg Permutatos If we have a set f elemets: { a 1, a 2, a 3, a } the
More information8.1 Hashing Algorithms
CS787: Advaced Algorthms Scrbe: Mayak Maheshwar, Chrs Hrchs Lecturer: Shuch Chawla Topc: Hashg ad NP-Completeess Date: September 21 2007 Prevously we looked at applcatos of radomzed algorthms, ad bega
More informationFunctions of Random Variables
Fuctos of Radom Varables Chapter Fve Fuctos of Radom Varables 5. Itroducto A geeral egeerg aalyss model s show Fg. 5.. The model output (respose) cotas the performaces of a system or product, such as weght,
More informationLecture 9: Tolerant Testing
Lecture 9: Tolerat Testg Dael Kae Scrbe: Sakeerth Rao Aprl 4, 07 Abstract I ths lecture we prove a quas lear lower boud o the umber of samples eeded to do tolerat testg for L dstace. Tolerat Testg We have
More informationIntroduction Cryptography and Security Fall 2009 Steve Lai
Itroducto 788.11 Cryptography ad Securty Fall 2009 Steve La Outle Bascs of ecrypto Homomorphc ecrypto Bascs of Ecrypto For more formato, see my CSE 651 or 794Q otes Summary Symmetrc ecrypto Stream cpher
More informationClass 13,14 June 17, 19, 2015
Class 3,4 Jue 7, 9, 05 Pla for Class3,4:. Samplg dstrbuto of sample mea. The Cetral Lmt Theorem (CLT). Cofdece terval for ukow mea.. Samplg Dstrbuto for Sample mea. Methods used are based o CLT ( Cetral
More informationChapter 8. Inferences about More Than Two Population Central Values
Chapter 8. Ifereces about More Tha Two Populato Cetral Values Case tudy: Effect of Tmg of the Treatmet of Port-We tas wth Lasers ) To vestgate whether treatmet at a youg age would yeld better results tha
More informationAlgorithms Theory, Solution for Assignment 2
Juor-Prof. Dr. Robert Elsässer, Marco Muñz, Phllp Hedegger WS 2009/200 Algorthms Theory, Soluto for Assgmet 2 http://lak.formatk.u-freburg.de/lak_teachg/ws09_0/algo090.php Exercse 2. - Fast Fourer Trasform
More informationCS286.2 Lecture 4: Dinur s Proof of the PCP Theorem
CS86. Lecture 4: Dur s Proof of the PCP Theorem Scrbe: Thom Bohdaowcz Prevously, we have prove a weak verso of the PCP theorem: NP PCP 1,1/ (r = poly, q = O(1)). Wth ths result we have the desred costat
More informationL5 Polynomial / Spline Curves
L5 Polyomal / Sple Curves Cotets Coc sectos Polyomal Curves Hermte Curves Bezer Curves B-Sples No-Uform Ratoal B-Sples (NURBS) Mapulato ad Represetato of Curves Types of Curve Equatos Implct: Descrbe a
More information10.1 Approximation Algorithms
290 0. Approxmato Algorthms Let us exame a problem, where we are gve A groud set U wth m elemets A collecto of subsets of the groud set = {,, } s.t. t s a cover of U: = U The am s to fd a subcover, = U,
More informationEvaluating Polynomials
Uverst of Nebraska - Lcol DgtalCommos@Uverst of Nebraska - Lcol MAT Exam Expostor Papers Math the Mddle Isttute Partershp 7-7 Evaluatg Polomals Thomas J. Harrgto Uverst of Nebraska-Lcol Follow ths ad addtoal
More informationEconometric Methods. Review of Estimation
Ecoometrc Methods Revew of Estmato Estmatg the populato mea Radom samplg Pot ad terval estmators Lear estmators Ubased estmators Lear Ubased Estmators (LUEs) Effcecy (mmum varace) ad Best Lear Ubased Estmators
More informationEfficient Identification of Bad Signatures in RSA-Type Batch Signature
74 PAPER Specal Secto o Cryptography ad Iformato Securty Effcet Idetfcato of Bad Sgatures RSA-Type Batch Sgature Seugwo LEE a, Nomember,SeogjeCHO b, Member, Jogmoo CHOI c, Nomember, ad Yooku CHO d, Member
More informationIntroduction to local (nonparametric) density estimation. methods
Itroducto to local (oparametrc) desty estmato methods A slecture by Yu Lu for ECE 66 Sprg 014 1. Itroducto Ths slecture troduces two local desty estmato methods whch are Parze desty estmato ad k-earest
More informationAlgorithms Design & Analysis. Hash Tables
Algorthms Desg & Aalyss Hash Tables Recap Lower boud Order statstcs 2 Today s topcs Drect-accessble table Hash tables Hash fuctos Uversal hashg Perfect Hashg Ope addressg 3 Symbol-table problem Symbol
More informationPTAS for Bin-Packing
CS 663: Patter Matchg Algorthms Scrbe: Che Jag /9/00. Itroducto PTAS for B-Packg The B-Packg problem s NP-hard. If we use approxmato algorthms, the B-Packg problem could be solved polyomal tme. For example,
More informationThe internal structure of natural numbers, one method for the definition of large prime numbers, and a factorization test
Fal verso The teral structure of atural umbers oe method for the defto of large prme umbers ad a factorzato test Emmaul Maousos APM Isttute for the Advacemet of Physcs ad Mathematcs 3 Poulou str. 53 Athes
More informationLattices. Mathematical background
Lattces Mathematcal backgroud Lattces : -dmesoal Eucldea space. That s, { T x } x x = (,, ) :,. T T If x= ( x,, x), y = ( y,, y), the xy, = xy (er product of xad y) x = /2 xx, (Eucldea legth or orm of
More informationAN UPPER BOUND FOR THE PERMANENT VERSUS DETERMINANT PROBLEM BRUNO GRENET
AN UPPER BOUND FOR THE PERMANENT VERSUS DETERMINANT PROBLEM BRUNO GRENET Abstract. The Permaet versus Determat problem s the followg: Gve a matrx X of determates over a feld of characterstc dfferet from
More information1 Onto functions and bijections Applications to Counting
1 Oto fuctos ad bectos Applcatos to Coutg Now we move o to a ew topc. Defto 1.1 (Surecto. A fucto f : A B s sad to be surectve or oto f for each b B there s some a A so that f(a B. What are examples of
More informationChapter 5 Properties of a Random Sample
Lecture 6 o BST 63: Statstcal Theory I Ku Zhag, /0/008 Revew for the prevous lecture Cocepts: t-dstrbuto, F-dstrbuto Theorems: Dstrbutos of sample mea ad sample varace, relatoshp betwee sample mea ad sample
More informationMu Sequences/Series Solutions National Convention 2014
Mu Sequeces/Seres Solutos Natoal Coveto 04 C 6 E A 6C A 6 B B 7 A D 7 D C 7 A B 8 A B 8 A C 8 E 4 B 9 B 4 E 9 B 4 C 9 E C 0 A A 0 D B 0 C C Usg basc propertes of arthmetc sequeces, we fd a ad bm m We eed
More informationSummary of the lecture in Biostatistics
Summary of the lecture Bostatstcs Probablty Desty Fucto For a cotuos radom varable, a probablty desty fucto s a fucto such that: 0 dx a b) b a dx A probablty desty fucto provdes a smple descrpto of the
More informationLecture 2 - What are component and system reliability and how it can be improved?
Lecture 2 - What are compoet ad system relablty ad how t ca be mproved? Relablty s a measure of the qualty of the product over the log ru. The cocept of relablty s a exteded tme perod over whch the expected
More informationENGI 4421 Joint Probability Distributions Page Joint Probability Distributions [Navidi sections 2.5 and 2.6; Devore sections
ENGI 441 Jot Probablty Dstrbutos Page 7-01 Jot Probablty Dstrbutos [Navd sectos.5 ad.6; Devore sectos 5.1-5.] The jot probablty mass fucto of two dscrete radom quattes, s, P ad p x y x y The margal probablty
More information1. BLAST (Karlin Altschul) Statistics
Parwse seuece algmet global ad local Multple seuece algmet Substtuto matrces Database searchg global local BLAST Seuece statstcs Evolutoary tree recostructo Gee Fdg Prote structure predcto RNA structure
More informationEstimation of Stress- Strength Reliability model using finite mixture of exponential distributions
Iteratoal Joural of Computatoal Egeerg Research Vol, 0 Issue, Estmato of Stress- Stregth Relablty model usg fte mxture of expoetal dstrbutos K.Sadhya, T.S.Umamaheswar Departmet of Mathematcs, Lal Bhadur
More informationNon-uniform Turán-type problems
Joural of Combatoral Theory, Seres A 111 2005 106 110 wwwelsevercomlocatecta No-uform Turá-type problems DhruvMubay 1, Y Zhao 2 Departmet of Mathematcs, Statstcs, ad Computer Scece, Uversty of Illos at
More informationThe Selection Problem - Variable Size Decrease/Conquer (Practice with algorithm analysis)
We have covered: Selecto, Iserto, Mergesort, Bubblesort, Heapsort Next: Selecto the Qucksort The Selecto Problem - Varable Sze Decrease/Coquer (Practce wth algorthm aalyss) Cosder the problem of fdg the
More informationPROJECTION PROBLEM FOR REGULAR POLYGONS
Joural of Mathematcal Sceces: Advaces ad Applcatos Volume, Number, 008, Pages 95-50 PROJECTION PROBLEM FOR REGULAR POLYGONS College of Scece Bejg Forestry Uversty Bejg 0008 P. R. Cha e-mal: sl@bjfu.edu.c
More informationSimulation Output Analysis
Smulato Output Aalyss Summary Examples Parameter Estmato Sample Mea ad Varace Pot ad Iterval Estmato ermatg ad o-ermatg Smulato Mea Square Errors Example: Sgle Server Queueg System x(t) S 4 S 4 S 3 S 5
More informationChapter 4 (Part 1): Non-Parametric Classification (Sections ) Pattern Classification 4.3) Announcements
Aoucemets No-Parametrc Desty Estmato Techques HW assged Most of ths lecture was o the blacboard. These sldes cover the same materal as preseted DHS Bometrcs CSE 90-a Lecture 7 CSE90a Fall 06 CSE90a Fall
More information5 Short Proofs of Simplified Stirling s Approximation
5 Short Proofs of Smplfed Strlg s Approxmato Ofr Gorodetsky, drtymaths.wordpress.com Jue, 20 0 Itroducto Strlg s approxmato s the followg (somewhat surprsg) approxmato of the factoral,, usg elemetary fuctos:
More informationhp calculators HP 30S Statistics Averages and Standard Deviations Average and Standard Deviation Practice Finding Averages and Standard Deviations
HP 30S Statstcs Averages ad Stadard Devatos Average ad Stadard Devato Practce Fdg Averages ad Stadard Devatos HP 30S Statstcs Averages ad Stadard Devatos Average ad stadard devato The HP 30S provdes several
More informationMultiple Regression. More than 2 variables! Grade on Final. Multiple Regression 11/21/2012. Exam 2 Grades. Exam 2 Re-grades
STAT 101 Dr. Kar Lock Morga 11/20/12 Exam 2 Grades Multple Regresso SECTIONS 9.2, 10.1, 10.2 Multple explaatory varables (10.1) Parttog varablty R 2, ANOVA (9.2) Codtos resdual plot (10.2) Trasformatos
More informationAnalysis of Lagrange Interpolation Formula
P IJISET - Iteratoal Joural of Iovatve Scece, Egeerg & Techology, Vol. Issue, December 4. www.jset.com ISS 348 7968 Aalyss of Lagrage Iterpolato Formula Vjay Dahya PDepartmet of MathematcsMaharaja Surajmal
More information22 Nonparametric Methods.
22 oparametrc Methods. I parametrc models oe assumes apror that the dstrbutos have a specfc form wth oe or more ukow parameters ad oe tres to fd the best or atleast reasoably effcet procedures that aswer
More informationFeature Selection: Part 2. 1 Greedy Algorithms (continued from the last lecture)
CSE 546: Mache Learg Lecture 6 Feature Selecto: Part 2 Istructor: Sham Kakade Greedy Algorthms (cotued from the last lecture) There are varety of greedy algorthms ad umerous amg covetos for these algorthms.
More informationChapter 3 Sampling For Proportions and Percentages
Chapter 3 Samplg For Proportos ad Percetages I may stuatos, the characterstc uder study o whch the observatos are collected are qualtatve ature For example, the resposes of customers may marketg surveys
More informationLecture 7. Confidence Intervals and Hypothesis Tests in the Simple CLR Model
Lecture 7. Cofdece Itervals ad Hypothess Tests the Smple CLR Model I lecture 6 we troduced the Classcal Lear Regresso (CLR) model that s the radom expermet of whch the data Y,,, K, are the outcomes. The
More informationPoint Estimation: definition of estimators
Pot Estmato: defto of estmators Pot estmator: ay fucto W (X,..., X ) of a data sample. The exercse of pot estmato s to use partcular fuctos of the data order to estmate certa ukow populato parameters.
More informationIdeal multigrades with trigonometric coefficients
Ideal multgrades wth trgoometrc coeffcets Zarathustra Brady December 13, 010 1 The problem A (, k) multgrade s defed as a par of dstct sets of tegers such that (a 1,..., a ; b 1,..., b ) a j = =1 for all
More informationCHAPTER VI Statistical Analysis of Experimental Data
Chapter VI Statstcal Aalyss of Expermetal Data CHAPTER VI Statstcal Aalyss of Expermetal Data Measuremets do ot lead to a uque value. Ths s a result of the multtude of errors (maly radom errors) that ca
More informationMultiple Choice Test. Chapter Adequacy of Models for Regression
Multple Choce Test Chapter 06.0 Adequac of Models for Regresso. For a lear regresso model to be cosdered adequate, the percetage of scaled resduals that eed to be the rage [-,] s greater tha or equal to
More informationThe Primitive Idempotents in
Iteratoal Joural of Algebra, Vol, 00, o 5, 3 - The Prmtve Idempotets FC - I Kulvr gh Departmet of Mathematcs, H College r Jwa Nagar (rsa)-5075, Ida kulvrsheora@yahoocom K Arora Departmet of Mathematcs,
More information1. A real number x is represented approximately by , and we are told that the relative error is 0.1 %. What is x? Note: There are two answers.
PROBLEMS A real umber s represeted appromately by 63, ad we are told that the relatve error s % What s? Note: There are two aswers Ht : Recall that % relatve error s What s the relatve error volved roudg
More informationUNIVERSITY OF OSLO DEPARTMENT OF ECONOMICS
UNIVERSITY OF OSLO DEPARTMENT OF ECONOMICS Exam: ECON430 Statstcs Date of exam: Frday, December 8, 07 Grades are gve: Jauary 4, 08 Tme for exam: 0900 am 00 oo The problem set covers 5 pages Resources allowed:
More informationAnalysis of System Performance IN2072 Chapter 5 Analysis of Non Markov Systems
Char for Network Archtectures ad Servces Prof. Carle Departmet of Computer Scece U Müche Aalyss of System Performace IN2072 Chapter 5 Aalyss of No Markov Systems Dr. Alexader Kle Prof. Dr.-Ig. Georg Carle
More informationLaboratory I.10 It All Adds Up
Laboratory I. It All Adds Up Goals The studet wll work wth Rema sums ad evaluate them usg Derve. The studet wll see applcatos of tegrals as accumulatos of chages. The studet wll revew curve fttg sklls.
More information1 Mixed Quantum State. 2 Density Matrix. CS Density Matrices, von Neumann Entropy 3/7/07 Spring 2007 Lecture 13. ψ = α x x. ρ = p i ψ i ψ i.
CS 94- Desty Matrces, vo Neuma Etropy 3/7/07 Sprg 007 Lecture 3 I ths lecture, we wll dscuss the bascs of quatum formato theory I partcular, we wll dscuss mxed quatum states, desty matrces, vo Neuma etropy
More informationENGI 3423 Simple Linear Regression Page 12-01
ENGI 343 mple Lear Regresso Page - mple Lear Regresso ometmes a expermet s set up where the expermeter has cotrol over the values of oe or more varables X ad measures the resultg values of aother varable
More informationThe Mathematical Appendix
The Mathematcal Appedx Defto A: If ( Λ, Ω, where ( λ λ λ whch the probablty dstrbutos,,..., Defto A. uppose that ( Λ,,..., s a expermet type, the σ-algebra o λ λ λ are defed s deoted by ( (,,...,, σ Ω.
More informationPart 4b Asymptotic Results for MRR2 using PRESS. Recall that the PRESS statistic is a special type of cross validation procedure (see Allen (1971))
art 4b Asymptotc Results for MRR usg RESS Recall that the RESS statstc s a specal type of cross valdato procedure (see Alle (97)) partcular to the regresso problem ad volves fdg Y $,, the estmate at the
More informationExercises for Square-Congruence Modulo n ver 11
Exercses for Square-Cogruece Modulo ver Let ad ab,.. Mark True or False. a. 3S 30 b. 3S 90 c. 3S 3 d. 3S 4 e. 4S f. 5S g. 0S 55 h. 8S 57. 9S 58 j. S 76 k. 6S 304 l. 47S 5347. Fd the equvalece classes duced
More informationMATH 247/Winter Notes on the adjoint and on normal operators.
MATH 47/Wter 00 Notes o the adjot ad o ormal operators I these otes, V s a fte dmesoal er product space over, wth gve er * product uv, T, S, T, are lear operators o V U, W are subspaces of V Whe we say
More informationBlock-Based Compact Thermal Modeling of Semiconductor Integrated Circuits
Block-Based Compact hermal Modelg of Semcoductor Itegrated Crcuts Master s hess Defese Caddate: Jg Ba Commttee Members: Dr. Mg-Cheg Cheg Dr. Daqg Hou Dr. Robert Schllg July 27, 2009 Outle Itroducto Backgroud
More informationPacking of graphs with small product of sizes
Joural of Combatoral Theory, Seres B 98 (008) 4 45 www.elsever.com/locate/jctb Note Packg of graphs wth small product of szes Alexadr V. Kostochka a,b,,gexyu c, a Departmet of Mathematcs, Uversty of Illos,
More informationA tighter lower bound on the circuit size of the hardest Boolean functions
Electroc Colloquum o Computatoal Complexty, Report No. 86 2011) A tghter lower boud o the crcut sze of the hardest Boolea fuctos Masak Yamamoto Abstract I [IPL2005], Fradse ad Mlterse mproved bouds o the
More informationCIS 800/002 The Algorithmic Foundations of Data Privacy October 13, Lecture 9. Database Update Algorithms: Multiplicative Weights
CIS 800/002 The Algorthmc Foudatos of Data Prvacy October 13, 2011 Lecturer: Aaro Roth Lecture 9 Scrbe: Aaro Roth Database Update Algorthms: Multplcatve Weghts We ll recall aga) some deftos from last tme:
More informationChapter 9 Jordan Block Matrices
Chapter 9 Jorda Block atrces I ths chapter we wll solve the followg problem. Gve a lear operator T fd a bass R of F such that the matrx R (T) s as smple as possble. f course smple s a matter of taste.
More informationUNIT 2 SOLUTION OF ALGEBRAIC AND TRANSCENDENTAL EQUATIONS
Numercal Computg -I UNIT SOLUTION OF ALGEBRAIC AND TRANSCENDENTAL EQUATIONS Structure Page Nos..0 Itroducto 6. Objectves 7. Ital Approxmato to a Root 7. Bsecto Method 8.. Error Aalyss 9.4 Regula Fals Method
More informationArithmetic Mean and Geometric Mean
Acta Mathematca Ntresa Vol, No, p 43 48 ISSN 453-6083 Arthmetc Mea ad Geometrc Mea Mare Varga a * Peter Mchalča b a Departmet of Mathematcs, Faculty of Natural Sceces, Costate the Phlosopher Uversty Ntra,
More informationA New Measure of Probabilistic Entropy. and its Properties
Appled Mathematcal Sceces, Vol. 4, 200, o. 28, 387-394 A New Measure of Probablstc Etropy ad ts Propertes Rajeesh Kumar Departmet of Mathematcs Kurukshetra Uversty Kurukshetra, Ida rajeesh_kuk@redffmal.com
More informationWireless Link Properties
Opportustc Ecrypto for Robust Wreless Securty R. Chadramoul ( Moul ) moul@steves.edu Multmeda System, Networkg, ad Commucatos (MSyNC) Laboratory, Departmet of Electrcal ad Computer Egeerg, Steves Isttute
More informationCHAPTER 3 POSTERIOR DISTRIBUTIONS
CHAPTER 3 POSTERIOR DISTRIBUTIONS If scece caot measure the degree of probablt volved, so much the worse for scece. The practcal ma wll stck to hs apprecatve methods utl t does, or wll accept the results
More informationMEASURES OF DISPERSION
MEASURES OF DISPERSION Measure of Cetral Tedecy: Measures of Cetral Tedecy ad Dsperso ) Mathematcal Average: a) Arthmetc mea (A.M.) b) Geometrc mea (G.M.) c) Harmoc mea (H.M.) ) Averages of Posto: a) Meda
More informationMedian as a Weighted Arithmetic Mean of All Sample Observations
Meda as a Weghted Arthmetc Mea of All Sample Observatos SK Mshra Dept. of Ecoomcs NEHU, Shllog (Ida). Itroducto: Iumerably may textbooks Statstcs explctly meto that oe of the weakesses (or propertes) of
More informationå 1 13 Practice Final Examination Solutions - = CS109 Dec 5, 2018
Chrs Pech Fal Practce CS09 Dec 5, 08 Practce Fal Examato Solutos. Aswer: 4/5 8/7. There are multle ways to obta ths aswer; here are two: The frst commo method s to sum over all ossbltes for the rak of
More informationThird handout: On the Gini Index
Thrd hadout: O the dex Corrado, a tala statstca, proposed (, 9, 96) to measure absolute equalt va the mea dfferece whch s defed as ( / ) where refers to the total umber of dvduals socet. Assume that. The
More informationBIOREPS Problem Set #11 The Evolution of DNA Strands
BIOREPS Problem Set #11 The Evoluto of DNA Strads 1 Backgroud I the md 2000s, evolutoary bologsts studyg DNA mutato rates brds ad prmates dscovered somethg surprsg. There were a large umber of mutatos
More information(b) By independence, the probability that the string 1011 is received correctly is
Soluto to Problem 1.31. (a) Let A be the evet that a 0 s trasmtted. Usg the total probablty theorem, the desred probablty s P(A)(1 ɛ ( 0)+ 1 P(A) ) (1 ɛ 1)=p(1 ɛ 0)+(1 p)(1 ɛ 1). (b) By depedece, the probablty
More informationApplication of Calibration Approach for Regression Coefficient Estimation under Two-stage Sampling Design
Authors: Pradp Basak, Kaustav Adtya, Hukum Chadra ad U.C. Sud Applcato of Calbrato Approach for Regresso Coeffcet Estmato uder Two-stage Samplg Desg Pradp Basak, Kaustav Adtya, Hukum Chadra ad U.C. Sud
More informationBounds on the expected entropy and KL-divergence of sampled multinomial distributions. Brandon C. Roy
Bouds o the expected etropy ad KL-dvergece of sampled multomal dstrbutos Brado C. Roy bcroy@meda.mt.edu Orgal: May 18, 2011 Revsed: Jue 6, 2011 Abstract Iformato theoretc quattes calculated from a sampled
More informationEntropy ISSN by MDPI
Etropy 2003, 5, 233-238 Etropy ISSN 1099-4300 2003 by MDPI www.mdp.org/etropy O the Measure Etropy of Addtve Cellular Automata Hasa Aı Arts ad Sceces Faculty, Departmet of Mathematcs, Harra Uversty; 63100,
More information3. Basic Concepts: Consequences and Properties
: 3. Basc Cocepts: Cosequeces ad Propertes Markku Jutt Overvew More advaced cosequeces ad propertes of the basc cocepts troduced the prevous lecture are derved. Source The materal s maly based o Sectos.6.8
More informationParameter, Statistic and Random Samples
Parameter, Statstc ad Radom Samples A parameter s a umber that descrbes the populato. It s a fxed umber, but practce we do ot kow ts value. A statstc s a fucto of the sample data,.e., t s a quatty whose
More informationSection l h l Stem=Tens. 8l Leaf=Ones. 8h l 03. 9h 58
Secto.. 6l 34 6h 667899 7l 44 7h Stem=Tes 8l 344 Leaf=Oes 8h 5557899 9l 3 9h 58 Ths dsplay brgs out the gap the data: There are o scores the hgh 7's. 6. a. beams cylders 9 5 8 88533 6 6 98877643 7 488
More informationSTK4011 and STK9011 Autumn 2016
STK4 ad STK9 Autum 6 Pot estmato Covers (most of the followg materal from chapter 7: Secto 7.: pages 3-3 Secto 7..: pages 3-33 Secto 7..: pages 35-3 Secto 7..3: pages 34-35 Secto 7.3.: pages 33-33 Secto
More informationUNIVERSITY OF OSLO DEPARTMENT OF ECONOMICS
UNIVERSITY OF OSLO DEPARTMENT OF ECONOMICS Postpoed exam: ECON430 Statstcs Date of exam: Jauary 0, 0 Tme for exam: 09:00 a.m. :00 oo The problem set covers 5 pages Resources allowed: All wrtte ad prted
More informationLecture 3. Sampling, sampling distributions, and parameter estimation
Lecture 3 Samplg, samplg dstrbutos, ad parameter estmato Samplg Defto Populato s defed as the collecto of all the possble observatos of terest. The collecto of observatos we take from the populato s called
More informationLecture 5: Interpolation. Polynomial interpolation Rational approximation
Lecture 5: Iterpolato olyomal terpolato Ratoal appromato Coeffcets of the polyomal Iterpolato: Sometme we kow the values of a fucto f for a fte set of pots. Yet we wat to evaluate f for other values perhaps
More informationThe Necessarily Efficient Point Method for Interval Molp Problems
ISS 6-69 Eglad K Joural of Iformato ad omputg Scece Vol. o. 9 pp. - The ecessarly Effcet Pot Method for Iterval Molp Problems Hassa Mshmast eh ad Marzeh Alezhad + Mathematcs Departmet versty of Ssta ad
More informationLecture 8: Linear Regression
Lecture 8: Lear egresso May 4, GENOME 56, Sprg Goals Develop basc cocepts of lear regresso from a probablstc framework Estmatg parameters ad hypothess testg wth lear models Lear regresso Su I Lee, CSE
More informationOrdinary Least Squares Regression. Simple Regression. Algebra and Assumptions.
Ordary Least Squares egresso. Smple egresso. Algebra ad Assumptos. I ths part of the course we are gog to study a techque for aalysg the lear relatoshp betwee two varables Y ad X. We have pars of observatos
More informationQualifying Exam Statistical Theory Problem Solutions August 2005
Qualfyg Exam Statstcal Theory Problem Solutos August 5. Let X, X,..., X be d uform U(,),
More information