On Optimal Hash Tree Traversal for Interval Time-Stamping (Lipmaa)
|
|
- Rodger Neal
- 6 years ago
- Views:
Transcription
1 On Optimal Hash Tree Traversal for Interval Time-Stamping Helger Lipmaa Helsinki University of Technology helger 1
2 Overview of the talk Interval time-stamping Skewed trees Hash traversal Main result: Hash traversal algorithm Complexity analysis Warning: The only -sign in the proceedings! 2
3 Overview of the talk Interval time-stamping Skewed trees Hash traversal Main result: Hash traversal algorithm Complexity analysis 3
4 Need for time-stamping To use digital signatures one needs to bind the signatory with the key PKI Revocation Alice may claim that document was signed after revocation of her key Need to establish temporal relationships 4
5 Time-stamping (classical) Problem given documents X and Y, which one was stamped before? Example: X = signature key revocation, Y = document signed with this key Objective solve this problem for any X and Y 5
6 Time-stamping with graphs [BLLV98] Use directed acyclic hash graphs with a root Hash value R of the root is committed R = round stamp Time-stamp of X shows that R depends on X Return partial time-stamp (freshness token) when X stamped, and rest after R has been committed has been 6
7 Time-stamping with T(d) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 7
8 Time-stamping with T(d) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 Optimal for conventional time-stamping [BLS00] Picture corresponds to [BdM93]. [BLS00] scheme is more complicated 8
9 [BdM93] verification x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 Verify that two paths are consistent More left = earlier, more right = later 9
10 Need for interval time-stamping Assume x i is Bob s signature on some document D i Time-stamping authority can time-stamp x 1, x 2 and x 3 := x 1 If Alice has timestamps of x 1 and x 2, she thinks that x 1 was stamped earlier If Alice has timestamps of x 3 = x 1 and x 2, she thinks that x 2 was stamped earlier Solution: bind signing time also from above 10
11 Idea of interval time-stamping Time-stamp a nonce x i := σ Let x j := Sign Bob (D, σ) (j > i) Time-stamp x j Interval time-stamp = the union of two conventional time-stamps 11
12 Example: interval time-stamping x 0 x 1 x 2 = σ x 3 x 5 x 6 x 7 x 4 = Sign Bob (D, σ) Time-stamp has more elements, binary complete tree T(d) is not optimal 12
13 Overview of the talk Interval time-stamping Skewed trees Hash traversal Main result: Hash traversal algorithm Complexity analysis 13
14 Skewed trees w\d
15 Skewed trees A two-parameter family S(d, w) of trees, d, w 0 S(0, w) = S(d, 0) = I (singleton) S(d, w) = S(d 1, w 1) S(d 1, w) for d, w 0 Clearly S(d, w) = S(d, d) = T(d) when w > d [Wil02]: Skewed trees are optimal for interval time-stamping when α := w/d
16 Overview of the talk Interval time-stamping Skewed trees Hash traversal Main result: Hash traversal algorithm Complexity analysis 16
17 Hash traversal The elements x 0, x 1,... arrive in this order Final objective: compute root hash R Intermediate objectives: after i steps return the ith freshness token Question: how to do it efficiently? Wil02 proposed a suboptimal algorithm 17
18 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 0, x 1,..., arrive in this order Initially no information 18
19 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 0 has just arrived The red nodes are stored, but also returned as 0th freshness token 19
20 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 1 has just arrived The red nodes are stored, but also returned as 1st freshness token 20
21 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 2 has just arrived The red nodes are stored, but also returned as 2nd freshness token 21
22 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 3 has just arrived The red nodes are stored, but also returned as 3rd freshness token The cyan nodes were already calculated but not anymore stored 22
23 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 4 has just arrived The red nodes are stored, but also returned as 4th freshness token The cyan nodes were already calculated but not anymore stored 23
24 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 5 has just arrived The red nodes are stored, but also returned as 5th freshness token The cyan nodes were already calculated but not anymore stored 24
25 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 6 has just arrived The red nodes are stored, but also returned as 6th freshness token The cyan nodes were already calculated but not anymore stored 25
26 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 7 has just arrived The red nodes are stored, but also returned as 7th freshness token The cyan nodes were already calculated but not anymore stored 26
27 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 8 has just arrived The red nodes are stored, but also returned as 8th freshness token The cyan nodes were already calculated but not anymore stored 27
28 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 9 has just arrived The red nodes are stored, but also returned as 9th freshness token The cyan nodes were already calculated but not anymore stored 28
29 Hash traversal example: S(4, 2) x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 10 has just arrived The red nodes are stored, but also returned as 10th freshness token The cyan nodes were already calculated but not anymore stored 29
30 Overview of the talk Interval time-stamping Skewed trees Hash traversal Main result: Hash traversal algorithm Complexity analysis 30
31 Algorithm for skewed tree traversal 1 funct initialization(d, w) 2 state := 0; 3 if w > d then w = d fi; 4 Store w, d; 5 Create an empty stack of maximum possible size w. 7 funct update(value) 8 if state 2 d then return(error!); fi 9 push(value); 10 for i := 1 to ntz(state + 1) do 11 push(h(pop(), pop())); end 12 state := state + (1<<<(w h (state). w)). 31
32 Algorithm for skewed tree traversal initialization creates an empty stack of maximum size w Stack has the red nodes update updates the stack, based on x i = value and state state encodes the position in tree w h, ntz and. are all simple operations In the case of traversal of T(d) the only difference is in the last line 32
33 Good properties of algorithm Algorithm has minimal number of hashings Apart from that, only very simple operations Very clean pseudocode (easy to implement) Minimal number of memory usage: d(k + 1), k length of hash output A very simple nonrecursive algorithm for simple recursive family of trees 33
34 Overview of the talk Interval time-stamping Skewed trees Hash traversal Main result: Hash traversal algorithm Complexity analysis 34
35 Motivation Storage on any step: rk + d, where r is the number of red nodes Communication on any step: rk(1 + o(1)) Worst-case: r d What is the average-case value ft(d, w) of r? 35
36 Computing ft(d, w) Let l(d, w, t) be the number of leaves in S(d, w) that are at depth t and let L(d, w) be the total number of leaves Then ft(d, w) = t l(d, w, t) t Lemma L(d, w) = ( w d k=0 k and l(d, w, t) = ( t 1 w 1 ) = 2 d (d w) ( d w ) y d w 1 (1 y) w dy 0, t < w, ), t [w, d 1], ( ) d 1 k=0 k = 2L(d 1, w 1), t = d, 0, t > d. 2 w 1 36
37 Average size of the stack Theorem 1 ft(d, w) = d 2 + w 1 2 d+1 (w + 1) y d w 1 (1 y) w dy Proof Use the results from previous slide. Nice, but how to compute the integral? Cannot be done exactly, but can be approximated asymptotically Nice fact: approximation error is exponentially small 37
38 Laplace s method An integral of form b a e d h(y) g(y) dy Approximate it, given h(y) has only one maximum in [a, b] More precise descriptions in any good book on analysis of algorithms Perform separate analysis for the cases the maximum is inside the region or on its border 38
39 Laplace s method Maximum value 39
40 Laplace s method Maximum value Step 1: contract Exponentially small errors 40
41 Laplace s method Maximum value Step 2: approximate (use only leading terms in power series) Exponentially small errors 41
42 Laplace s method Maximum value Step 3: expand to [, ] Exponentially small errors 42
43 Laplace s method: application to our case Let w = αd. In our case, h(y) = (1 α) ln y + α ln(1 y), g(y) = 1/y, a = 0, b = 0.5 If α 0.5 then maximum is on the border and ft(d, w) d 2 + (w 1)(d 2w) 2(w+1) If α 0.5 then maximum is inside the interval and ft(d, w) d 2 43
44 Example Actual Approx
45 Conclusions We introduced a very elegant algorithm for skewed tree traversal that is optimal in almost every imaginable sense A rigourous correctness proof Analyzed the average case of algorithm The analysis is very precise because of Laplace s method. First time this method has been used in cryptography(?) Skewed trees are very natural and thus our research might have noncryptographic applications 45
Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy
Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted
More informationElements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy
Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted
More informationNotes for Lecture 21. From One-Time Signatures to Fully Secure Signatures
U.C. Berkeley CS276: Cryptography Handout N21 Luca Trevisan April 7, 2009 Notes for Lecture 21 Scribed by Anand Bhaskar, posted May 1, 2009 Summary Today we show how to construct an inefficient (but efficiently
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationOptimally Efficient Accountable Time-Stamping
In proceedings of PKC2000, Vol. 1751 of Lecture Notes in Computer Science, Springer-Verlag, 2000. pp. 293-305. Optimally Efficient Accountable Time-Stamping Ahto Buldas 1, Helger Lipmaa 1, and Berry Schoenmakers
More informationDepth-First Search Depth-first search (DFS) is another way to traverse the graph.
Depth-First Search Depth-first search (DFS) is another way to traverse the graph. Motivating example: In a video game, you are searching for a path from a point in a maze to the exit. The maze can be modeled
More informationTopics. Dramatis Personae Cathy, the Computer, trusted 3 rd party. Cryptographic Protocols
Cryptographic Protocols Topics 1. Dramatis Personae and Notation 2. Session and Interchange Keys 3. Key Exchange 4. Key Generation 5. Cryptographic Key Infrastructure 6. Storing and Revoking Keys 7. Digital
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationTrees. 3. (Minimally Connected) G is connected and deleting any of its edges gives rise to a disconnected graph.
Trees 1 Introduction Trees are very special kind of (undirected) graphs. Formally speaking, a tree is a connected graph that is acyclic. 1 This definition has some drawbacks: given a graph it is not trivial
More informationInformation Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1
Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions
More information1. Meshes. D7013E Lecture 14
D7013E Lecture 14 Quadtrees Mesh Generation 1. Meshes Input: Components in the form of disjoint polygonal objects Integer coordinates, 0, 45, 90, or 135 angles Output: A triangular mesh Conforming: A triangle
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 8: Protocols for public-key management Ion Petre Department of IT, Åbo Akademi University 1 Key management two problems
More informationSignature Validity States
Validity States Danny De Cock Danny.DeCock@esat.kuleuven.be Katholieke Universiteit Leuven/Dept. Elektrotechniek (ESAT) Computer Security and Industrial Cryptography (COSIC) Kasteelpark Arenberg 10, bus
More informationMerkle Tree Traversal in Log Space and Time (2003 Preprint version)
Merkle Tree Traversal in Log Space and Time (2003 Preprint version) Michael Szydlo RSA Laboratories, Bedford, MA 01730. mszydlo@rsasecurity.com Abstract. We present a technique for Merkle tree traversal
More informationAlgorithms (III) Yijia Chen Shanghai Jiaotong University
Algorithms (III) Yijia Chen Shanghai Jiaotong University Review of the Previous Lecture Factoring: Given a number N, express it as a product of its prime factors. Many security protocols are based on the
More informationAlgorithms (III) Yu Yu. Shanghai Jiaotong University
Algorithms (III) Yu Yu Shanghai Jiaotong University Review of the Previous Lecture Factoring: Given a number N, express it as a product of its prime factors. Many security protocols are based on the assumed
More informationComparison Based Sorting Algorithms. Algorithms and Data Structures: Lower Bounds for Sorting. Comparison Based Sorting Algorithms
Comparison Based Sorting Algorithms Algorithms and Data Structures: Lower Bounds for Sorting Definition 1 A sorting algorithm is comparison based if comparisons A[i] < A[j], A[i] A[j], A[i] = A[j], A[i]
More informationAlgorithms (III) Yijia Chen Shanghai Jiaotong University
Algorithms (III) Yijia Chen Shanghai Jiaotong University Review of the Previous Lecture Factoring: Given a number N, express it as a product of its prime factors. Many security protocols are based on the
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may
More informationKurose & Ross, Chapters (5 th ed.)
Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and
More informationCSC 172 Data Structures and Algorithms. Lecture 24 Fall 2017
CSC 172 Data Structures and Algorithms Lecture 24 Fall 2017 ANALYSIS OF DIJKSTRA S ALGORITHM CSC 172, Fall 2017 Implementation and analysis The initialization requires Q( V ) memory and run time We iterate
More informationAlgorithms and Data Structures: Lower Bounds for Sorting. ADS: lect 7 slide 1
Algorithms and Data Structures: Lower Bounds for Sorting ADS: lect 7 slide 1 ADS: lect 7 slide 2 Comparison Based Sorting Algorithms Definition 1 A sorting algorithm is comparison based if comparisons
More informationBitcoin and Blockchain
Bitcoin and Blockchain COS 418: Distributed Systems Lecture 18 Zhenyu Song [Credit: Selected content adapted from Michael Freedman. Slides refined by Chris Hodsdon and Theano Stavrinos] Why Bitcoin? All
More informationCS154. Streaming Algorithms and Communication Complexity
CS154 Streaming Algorithms and Communication Complexity 1 Streaming Algorithms 2 Streaming Algorithms 01 42 3 L = {x x has more 1 s than 0 s} Initialize: C := 0 and B := 0 When the next symbol x is read,
More informationLecture Notes 14 : Public-Key Infrastructure
6.857 Computer and Network Security October 24, 2002 Lecture Notes 14 : Public-Key Infrastructure Lecturer: Ron Rivest Scribe: Armour/Johann-Berkel/Owsley/Quealy [These notes come from Fall 2001. These
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More informationTransaction & Bundle
IOTA TUTORIAL 10 Transaction & Bundle v1.0.0 INTRO In this video I will explain how an IOTA transaction looks like and what a transaction bundle is. TANGLE The squares in the Tangle represents transactions
More informationLecture 2 - Graph Theory Fundamentals - Reachability and Exploration 1
CME 305: Discrete Mathematics and Algorithms Instructor: Professor Aaron Sidford (sidford@stanford.edu) January 11, 2018 Lecture 2 - Graph Theory Fundamentals - Reachability and Exploration 1 In this lecture
More informationName: Lirong TAN 1. (15 pts) (a) Define what is a shortest s-t path in a weighted, connected graph G.
1. (15 pts) (a) Define what is a shortest s-t path in a weighted, connected graph G. A shortest s-t path is a path from vertex to vertex, whose sum of edge weights is minimized. (b) Give the pseudocode
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms
Public Key Cryptography Kurose & Ross, Chapters 8.28.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) AddisonWesley, April 2009. Copyright 19962010,
More informationKey Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature
Key Management Digital signatures: classical and public key Classic and Public Key exchange 1 Handwritten Signature Used everyday in a letter, on a check, sign a contract A signature on a signed paper
More information(Refer Slide Time: 0:19)
Theory of Computation. Professor somenath Biswas. Department of Computer Science & Engineering. Indian Institute of Technology, Kanpur. Lecture-15. Decision Problems for Regular Languages. (Refer Slide
More informationMerkle Tree Traversal in Log Space and Time
Merkle Tree Traversal in Log Space and Time Michael Szydlo RSA Laboratories, Bedford, MA 01730. mszydlo@rsasecurity.com Abstract. We present a technique for Merkle tree traversal which requires only logarithmic
More informationString quicksort solves this problem by processing the obtained information immediately after each symbol comparison.
Lcp-Comparisons General (non-string) comparison-based sorting algorithms are not optimal for sorting strings because of an imbalance between effort and result in a string comparison: it can take a lot
More informationICS 180 May 4th, Guest Lecturer: Einar Mykletun
ICS 180 May 4th, 2004 Guest Lecturer: Einar Mykletun 1 Symmetric Key Crypto 2 Symmetric Key Two users who wish to communicate share a secret key Properties High encryption speed Limited applications: encryption
More information(2,4) Trees. 2/22/2006 (2,4) Trees 1
(2,4) Trees 9 2 5 7 10 14 2/22/2006 (2,4) Trees 1 Outline and Reading Multi-way search tree ( 10.4.1) Definition Search (2,4) tree ( 10.4.2) Definition Search Insertion Deletion Comparison of dictionary
More informationCPSC 211, Sections : Data Structures and Implementations, Honors Final Exam May 4, 2001
CPSC 211, Sections 201 203: Data Structures and Implementations, Honors Final Exam May 4, 2001 Name: Section: Instructions: 1. This is a closed book exam. Do not use any notes or books. Do not confer with
More informationGreedy Algorithms CHAPTER 16
CHAPTER 16 Greedy Algorithms In dynamic programming, the optimal solution is described in a recursive manner, and then is computed ``bottom up''. Dynamic programming is a powerful technique, but it often
More informationCSE 373 Spring 2010: Midterm #1 (closed book, closed notes, NO calculators allowed)
Name: Email address: CSE 373 Spring 2010: Midterm #1 (closed book, closed notes, NO calculators allowed) Instructions: Read the directions for each question carefully before answering. We may give partial
More informationE-cash. Cryptography. Professor: Marius Zimand. e-cash. Benefits of cash: anonymous. difficult to copy. divisible (you can get change)
Cryptography E-cash Professor: Marius Zimand e-cash Benefits of cash: anonymous difficult to copy divisible (you can get change) easily transferable There are several protocols for e-cash. We will discuss
More informationChapter 10: Key Management
Chapter 10: Key Management Session and Interchange Keys Key Exchange Key Generation Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #10-1 Overview Key exchange Session
More informationDisjoint Sets and the Union/Find Problem
Disjoint Sets and the Union/Find Problem Equivalence Relations A binary relation R on a set S is a subset of the Cartesian product S S. If (a, b) R we write arb and say a relates to b. Relations can have
More information1 Minimum Cut Problem
CS 6 Lecture 6 Min Cut and Karger s Algorithm Scribes: Peng Hui How, Virginia Williams (05) Date: November 7, 07 Anthony Kim (06), Mary Wootters (07) Adapted from Virginia Williams lecture notes Minimum
More informationL7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L7: Key Distributions Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 9/16/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are
More informationLecture 10, Zero Knowledge Proofs, Secure Computation
CS 4501-6501 Topics in Cryptography 30 Mar 2018 Lecture 10, Zero Knowledge Proofs, Secure Computation Lecturer: Mahmoody Scribe: Bella Vice-Van Heyde, Derrick Blakely, Bobby Andris 1 Introduction Last
More informationCS 161 Authentication Protocols. Zero knowledge review
CS 161 Authentication Protocols 27 September 2006 2006 Doug Tygar 1 CS 161 27 September 2006 Zero knowledge review Goal: authenticate without leaking any information What you need to know about Rabin signatures:
More informationEncryption as an Abstract Datatype:
June 2003 1/18 Outline Encryption as an Abstract Datatype: an extended abstract Dale Miller INRIA/Futurs/Saclay and École polytechnique 1. Security protocols specified using multisets rewriting. 2. Eigenvariables
More informationL8: Public Key Infrastructure. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L8: Public Key Infrastructure Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 9/21/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from
More informationConsensus. Chapter Two Friends. 2.3 Impossibility of Consensus. 2.2 Consensus 16 CHAPTER 2. CONSENSUS
16 CHAPTER 2. CONSENSUS Agreement All correct nodes decide for the same value. Termination All correct nodes terminate in finite time. Validity The decision value must be the input value of a node. Chapter
More informationThis course is intended for 3rd and/or 4th year undergraduate majors in Computer Science.
Lecture 9 Graphs This course is intended for 3rd and/or 4th year undergraduate majors in Computer Science. You need to be familiar with the design and use of basic data structures such as Lists, Stacks,
More information(2,4) Trees Goodrich, Tamassia (2,4) Trees 1
(2,4) Trees 9 2 5 7 10 14 2004 Goodrich, Tamassia (2,4) Trees 1 Multi-Way Search Tree A multi-way search tree is an ordered tree such that Each internal node has at least two children and stores d -1 key-element
More informationAn Introduction to Trees
An Introduction to Trees Alice E. Fischer Spring 2017 Alice E. Fischer An Introduction to Trees... 1/34 Spring 2017 1 / 34 Outline 1 Trees the Abstraction Definitions 2 Expression Trees 3 Binary Search
More information/633 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Sorting lower bound and Linear-time sorting Date: 9/19/17
601.433/633 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Sorting lower bound and Linear-time sorting Date: 9/19/17 5.1 Introduction You should all know a few ways of sorting in O(n log n)
More informationTreaps. 1 Binary Search Trees (BSTs) CSE341T/CSE549T 11/05/2014. Lecture 19
CSE34T/CSE549T /05/04 Lecture 9 Treaps Binary Search Trees (BSTs) Search trees are tree-based data structures that can be used to store and search for items that satisfy a total order. There are many types
More informationCSE 373: Data Structures and Algorithms
CSE 373: Data Structures and Algorithms Lecture 19: Comparison Sorting Algorithms Instructor: Lilian de Greef Quarter: Summer 2017 Today Intro to sorting Comparison sorting Insertion Sort Selection Sort
More informationWe don t have much time, so we don t teach them [students]; we acquaint them with things that they can learn. Charles E. Leiserson
Homework 3 CS 321 - Data Structures Fall 2018 Dec 6, 2018 Name: Collaborators: We don t have much time, so we don t teach them [students]; we acquaint them with things that they can learn. Charles E. Leiserson
More informationChapter 9. Multimedia Networking. Computer Networking: A Top Down Approach
Chapter 9 Multimedia Networking A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations;
More informationA6-R3: DATA STRUCTURE THROUGH C LANGUAGE
A6-R3: DATA STRUCTURE THROUGH C LANGUAGE NOTE: 1. There are TWO PARTS in this Module/Paper. PART ONE contains FOUR questions and PART TWO contains FIVE questions. 2. PART ONE is to be answered in the TEAR-OFF
More informationThe divide and conquer strategy has three basic parts. For a given problem of size n,
1 Divide & Conquer One strategy for designing efficient algorithms is the divide and conquer approach, which is also called, more simply, a recursive approach. The analysis of recursive algorithms often
More informationThe first few questions on this worksheet will deal with measures of central tendency. These data types tell us where the center of the data set lies.
Instructions: You are given the following data below these instructions. Your client (Courtney) wants you to statistically analyze the data to help her reach conclusions about how well she is teaching.
More informationCS 251: Bitcoin and Cryptocurrencies Fall 2016
CS 251: Bitcoin and Cryptocurrencies Fall 2016 Homework 3 due : 2016-11-28, 23:59 via Gradescope (entry code M4YJ69 ) 1. Idioms of use: Consider the transaction graph in the figure below: rectangles represent
More informationClosed Book Examination. One and a half hours UNIVERSITY OF MANCHESTER SCHOOL OF COMPUTER SCIENCE. Date: Wednesday 20 th January 2010
Closed Book Examination COMP20010 One and a half hours UNIVERSITY OF MANCHESTER SCHOOL OF COMPUTER SCIENCE Algorithms and Imperative Programming Date: Wednesday 20 th January 2010 Time: 14.00 15.30 Please
More information1.7 The Heine-Borel Covering Theorem; open sets, compact sets
1.7 The Heine-Borel Covering Theorem; open sets, compact sets This section gives another application of the interval halving method, this time to a particularly famous theorem of analysis, the Heine Borel
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 7 January 30, 2012 CPSC 467b, Lecture 7 1/44 Public-key cryptography RSA Factoring Assumption Computing with Big Numbers Fast Exponentiation
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationUsing Chains for what They re Good For
Using Chains for what They re Good For Andrew Poelstra usingchainsfor@wpsoftware.net Scaling Bitcoin, November 5, 2017 1 / 14 On-Chain Smart Contracting Bitcoin (and Ethereum, etc.) uses a scripting language
More informationAPPLICATIONS AND PROTOCOLS. Mihir Bellare UCSD 1
APPLICATIONS AND PROTOCOLS Mihir Bellare UCSD 1 Some applications and protocols Internet Casino Commitment Shared coin flips Threshold cryptography Forward security Program obfuscation Zero-knowledge Certified
More informationLecture 9. Authentication & Key Distribution
Lecture 9 Authentication & Key Distribution 1 Where are we now? We know a bit of the following: Conventional (symmetric) cryptography Hash functions and MACs Public key (asymmetric) cryptography Encryption
More informationCOMP3121/3821/9101/ s1 Assignment 1
Sample solutions to assignment 1 1. (a) Describe an O(n log n) algorithm (in the sense of the worst case performance) that, given an array S of n integers and another integer x, determines whether or not
More informationWhat did we talk about last time? Public key cryptography A little number theory
Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive
More informationOptimization I : Brute force and Greedy strategy
Chapter 3 Optimization I : Brute force and Greedy strategy A generic definition of an optimization problem involves a set of constraints that defines a subset in some underlying space (like the Euclidean
More informationAnnouncements. HW3 is graded. Average is 81%
CSC263 Week 9 Announcements HW3 is graded. Average is 81% Announcements Problem Set 4 is due this Tuesday! Due Tuesday (Nov 17) Recap The Graph ADT definition and data structures BFS gives us single-source
More informationASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1
ASYMMETRIC (PUBLIC-KEY) ENCRYPTION Mihir Bellare UCSD 1 Recommended Book Steven Levy. Crypto. Penguin books. 2001. A non-technical account of the history of public-key cryptography and the colorful characters
More informationBroadcast: Befo re 1
Broadcast: Before 1 After 2 Spanning Tree ffl assume fixed spanning tree ffl asynchronous model 3 Processor State parent terminated children 4 Broadcast: Step One parent terminated children 5 Broadcast:Step
More informationAssignment 4 CSE 517: Natural Language Processing
Assignment 4 CSE 517: Natural Language Processing University of Washington Winter 2016 Due: March 2, 2016, 1:30 pm 1 HMMs and PCFGs Here s the definition of a PCFG given in class on 2/17: A finite set
More informationDatasäkerhetsmetoder föreläsning 7
Datasäkerhetsmetoder föreläsning 7 Nyckelhantering Jan-Åke Larsson Cryptography A security tool, not a general solution Cryptography usually converts a communication security problem into a key management
More informationCSE373: Data Structures & Algorithms Lecture 17: Minimum Spanning Trees. Dan Grossman Fall 2013
CSE373: Data Structures & Algorithms Lecture 7: Minimum Spanning Trees Dan Grossman Fall 03 Spanning Trees A simple problem: Given a connected undirected graph G=(V,E), find a minimal subset of edges such
More informationCMSC th Lecture: Graph Theory: Trees.
CMSC 27100 26th Lecture: Graph Theory: Trees. Lecturer: Janos Simon December 2, 2018 1 Trees Definition 1. A tree is an acyclic connected graph. Trees have many nice properties. Theorem 2. The following
More information/633 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Priority Queues / Heaps Date: 9/27/17
01.433/33 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Priority Queues / Heaps Date: 9/2/1.1 Introduction In this lecture we ll talk about a useful abstraction, priority queues, which are
More informationDATA STRUCTURES AND ALGORITHMS
LECTURE 11 Babeş - Bolyai University Computer Science and Mathematics Faculty 2017-2018 In Lecture 10... Hash tables Separate chaining Coalesced chaining Open Addressing Today 1 Open addressing - review
More informationSAS-Based Group Authentication and Key Agreement Protocols
SAS-Based Group Authentication and Key Agreement Protocols Sven Laur 1,2 and Sylvain Pasini 3 2 University of Tartu 1 Helsinki University of Technology 3 Ecole Polytechnique Fédérale de Lausanne User-aided
More informationII (Sorting and) Order Statistics
II (Sorting and) Order Statistics Heapsort Quicksort Sorting in Linear Time Medians and Order Statistics 8 Sorting in Linear Time The sorting algorithms introduced thus far are comparison sorts Any comparison
More informationW4231: Analysis of Algorithms
W4231: Analysis of Algorithms 10/21/1999 Definitions for graphs Breadth First Search and Depth First Search Topological Sort. Graphs AgraphG is given by a set of vertices V and a set of edges E. Normally
More informationOverview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation
Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May
More informationPESIT Bangalore South Campus Hosur road, 1km before Electronic City, Bengaluru -100 Department of MCA
INTERNAL ASSESSMENT TEST 2 Date : 30/3/15 Max Marks : 50 Name of faculty : Sabeeha Sultana Subject & Code : ADA(13MCA41) Answer any five full question: 1.Illustrate Mergesort for the dataset 8,3,2,9,7,1,5,4.
More informationComputer Science Foundation Exam
Computer Science Foundation Exam August 26, 2017 Section I A DATA STRUCTURES NO books, notes, or calculators may be used, and you must work entirely on your own. Name: UCFID: NID: Question # Max Pts Category
More informationCSE 332 Spring 2013: Midterm Exam (closed book, closed notes, no calculators)
Name: Email address: Quiz Section: CSE 332 Spring 2013: Midterm Exam (closed book, closed notes, no calculators) Instructions: Read the directions for each question carefully before answering. We will
More informationSolutions. (a) Claim: A d-ary tree of height h has at most 1 + d +...
Design and Analysis of Algorithms nd August, 016 Problem Sheet 1 Solutions Sushant Agarwal Solutions 1. A d-ary tree is a rooted tree in which each node has at most d children. Show that any d-ary tree
More informationCopyright 2000, Kevin Wayne 1
Chapter 3 - Graphs Undirected Graphs Undirected graph. G = (V, E) V = nodes. E = edges between pairs of nodes. Captures pairwise relationship between objects. Graph size parameters: n = V, m = E. Directed
More informationConsensus. Chapter Two Friends. 8.3 Impossibility of Consensus. 8.2 Consensus 8.3. IMPOSSIBILITY OF CONSENSUS 55
8.3. IMPOSSIBILITY OF CONSENSUS 55 Agreement All correct nodes decide for the same value. Termination All correct nodes terminate in finite time. Validity The decision value must be the input value of
More informationCOMS W4995 Introduction to Cryptography November 13, Lecture 21: Multiple Use Signature Schemes
COMS W4995 Introduction to Cryptography November 13, 2003 Lecture 21: Multiple Use Signature Schemes Lecturer: Tal Malkin Scribes: M. Niccolai, M. Raibert Summary In this lecture, we use the one time secure
More informationCryptographic Hash Functions. Debdeep Mukhopadhyay
Cryptographic Hash Functions Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Applications Objectives Security
More informationEfficient Quantum-Immune Keyless Signatures with Identity
Efficient Quantum-Immune Keyless Signatures with Identity Risto Laanoja Tallinn University of Technology / Guardtime AS May 17, 2014 Estonian CS Theory days at Narva-Jõesuu TL; DR Built a practical signature
More informationAlgorithms and Data Structures
Algorithms and Data Structures Strongly Connected Components Ulf Leser Content of this Lecture Graph Traversals Strongly Connected Components Ulf Leser: Algorithms and Data Structures, Summer Semester
More informationimplementing the breadth-first search algorithm implementing the depth-first search algorithm
Graph Traversals 1 Graph Traversals representing graphs adjacency matrices and adjacency lists 2 Implementing the Breadth-First and Depth-First Search Algorithms implementing the breadth-first search algorithm
More information10 minutes, 10 slides, goals, tech details and why it matters. Decentralized ID & Verifiable Claims
10 minutes, 10 slides, goals, tech details and why it matters Decentralized ID & Verifiable Claims Terminology & Current Model Claim or Assertion a claim or way of communicating what a person or thing
More informationECE242 Data Structures and Algorithms Fall 2008
ECE242 Data Structures and Algorithms Fall 2008 2 nd Midterm Examination (120 Minutes, closed book) Name: Student ID: Question 1 (10) 2 (20) 3 (25) 4 (10) 5 (15) 6 (20) Score NOTE: Any questions on writing
More information