DOCSLIB.ORG

Deconfounding Hypothesis Generation and Evaluation In

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Deconfounding Hypothesis Generation and Evaluation In Deconfounding Hypothesis Generation and Evaluation in Bayesian Models Elizabeth Baraff Bonawitz (liz [email protected]) Department of Psychology, 5427 Tolman Hall Berkeley, CA 94720 USA Thomas L. Griffiths (tom griffi[email protected]) Department of Psychology, 3210 Tolman Hall Berkeley, CA 94720 USA Abstract as data are observed. However, the assumption that learners possess all relevant hypotheses before seeing data is at odds Bayesian models of cognition are typically used to describe human learning and inference at the computational level, iden- with numerous findings suggesting that generating appropri- tifying which hypotheses people should select to explain ob- ate hypotheses can be one of the hardest parts of inductive in- served data given a particular set of inductive biases. However, ference (e.g., Kuhn, 1989; Klahr, Fay, & Dunbar, 1993). We such an analysis can be consistent with human behavior even if people are not actually carrying out exact Bayesian infer- thus consider the consequences of separating the processes of ence. We analyze a simple algorithm by which people might generating hypotheses and evaluating those hypotheses, as- be approximating Bayesian inference, in which a limited set of suming that learners perform Bayesian inference with only hypotheses are generated and then evaluated using Bayes’ rule. Our mathematical results indicate that a purely computational- the set of hypotheses they generate. level analysis of learners using this algorithm would confound To investigate this, we present a mathematical analysis of the distinct processes of hypothesis generation and hypothe- sis evaluation. We use a causal learning experiment to estab- a simple algorithm in which hypothesis generation and evalu- lish empirically that the processes of generation and evalua- ation are separated. This produces a surprising result: This tion can be distinguished in human learners, demonstrating the algorithm results in behavior that can still be analyzed in importance of recognizing this distinction when interpreting Bayesian models. terms of Bayesian inference, but with a prior that conflates the plausibility of a hypothesis with the ease of generating Keywords: Approximate Bayesian Inference; Hypothesis Generation; Hypothesis Evaluation; Causal Learning that hypothesis. This result suggests that we should be cau- tious when interpreting the priors of Bayesian models esti- Introduction mated from behavioral data. Such priors will always reflect Learning causal relationships, categories, and languages all the inductive biases of human learners – those factors that require solving challenging inductive problems, using lim- lead people to select one hypothesis over another when both ited data to assess underdetermined hypotheses. In the last are equally consistent with the data. However, human induc- decade an increasing number of papers have argued that peo- tive biases can include components that result from processes ple solving inductive problems act in ways that are consis- at the algorithmic level, such as generating hypotheses. tent with optimal Bayesian inference (e.g., Griffiths & Tenen- To demonstrate the importance of taking into account baum, 2005; Goodman, Tenenbaum, Feldman, & Griffiths, algorithmic-level factors in interpreting Bayesian models, we 2008; Xu & Tenenbaum, 2007). However, most of these present an experiment exploring the separability of hypoth- analyses operate at what Marr (1982) termed the computa- esis generation and evaluation. In the task, we conduct a tional level, using Bayesian inference to identify the hypothe- causal learning experiment in which we manipulate the hy- ses that an ideal learner with particular inductive biases would potheses that people generate: by “priming” an appropriate choose to explain the observed data. An important question hypothesis, we increase the probability of people producing for this approach is what learners are doing at the algorithmic responses consistent with that hypothesis; however, when we level: identifying the psychological processes by which learn- employ a more standard Bayesian reasoning task, providing a ers solve inductive problems, and understanding how these set of hypotheses and asking participants to evaluate them, the algorithms connect back to the computational level. effect of priming goes away. A computational-level analysis Connecting the algorithmic and computational levels in- would require postulating different prior distributions in or- volves two challenges: identifying algorithms that can pro- der to explain behavior on these two components of the task. duce behavior consistent with Bayesian inference, and deter- However, an algorithmic-level analysis shows that this differ- mining how the assumptions of a computational-level analy- ence can be explained as the result of the separate effects of sis relate to the components of these algorithms. In this pa- hypothesis generation and evaluation. Finally, we discuss the per, we take up these two challenges for one class of algo- implications of this work for future models of human cogni- rithms for inductive inference. The most na¨ıve translation of tion and for studies of developmental changes. Bayesian inference into an algorithm for inductive inference would be to assume that learners implement Bayes’ rule di- Analyzing inductive inferences rectly, having a fixed set of hypotheses and updating a proba- Bayesian inference indicates how a rational learner should bility distribution over all of those hypotheses simultaneously change his or her beliefs about a set of hypotheses in light of observed data. Let h be a hypothesis belonging to a set et al., 1993). Hypotheses can be generated in many differ- of hypotheses H . Assume that the learner has different de- ent ways, including detecting cues from context, recognizing grees of belief in the truth of these hypotheses, and that these similarities to previous experiences, and making analogies to degrees of belief are reflected in a probability distribution other domains (e.g., Gick & Holyoak, 1980; Gentner, 2002; p(h), known as the prior. Then, the degrees of belief the Nersessian, 1992; Koslowski, 1996). We will not attempt to learner should assign to each hypothesis after observing data model these processes here, but for our purposes, it is suffi- d are given by the posterior probability distribution p(hjd) cient to assume that the result of all of these processes can be obtained by applying Bayes’ rule summarized in a single probability distribution over hypoth- esis spaces. Using this probability distribution, q(H ∗), we p(djh)p(h) define the Generate-Evaluate (GE) algorithm for Bayesian p(hjd) = 0 0 (1) ∑h02H p(djh )p(h ) inference with a reduced hypothesis space: Step 1: Generate Sample a reduced hypothesis space where p(djh) indicates the probability of observing d if h ∗ ⊆ from the probability distribution q( ∗). were true, and is known as the likelihood. H H H Bayes’ rule provides a computational-level theory of in- Step 2: Evaluate Evaluate the hypotheses in the reduced ductive inference, being a component of the optimal solu- hypothesis space H ∗ by applying Bayesian inference, using tions to a variety of problems of reasoning under uncer- a prior distribution on H ∗ proportional to the prior on the full tainty (Anderson, 1990; Anderson & Schooler, 1991; Free- hypothesis space H . Using p(h) to denote the prior on the man, 1994; Geisler, Perry, Super, & Gallogly, 2001; Griffiths full hypothesis space, as in Equation 1 we obtain the reduced & Tenenbaum, 2007; Huber, Shiffrin, Lyle, & Ruys, 2001; posterior distribution Knill & Richards, 1996; Kording¨ & Wolpert, 2004; Shiffrin & Steyvers, 1997; Weiss, Simonvelli, & Adelson, 2002). As ∗ p(djh)p(h) p (hjd) = 0 0 (2) an account of inductive inference, the prior p(h) captures the ∑h02H ∗ p(djh )p(h ) inductive biases of the learner, indicating which hypothesis a learner will favor when multiple hypotheses are equally con- for h 2 H ∗, with all other hypotheses receiving a posterior sistent with the observed data (ie. which hypothesis will have probability of zero. Because we are only sampling a subset higher probability when multiple hypotheses have equal like- of hypotheses, those that are not sampled will never be con- lihood). This account is attractive in that it can potentially sidered. allow us to identify the inductive biases of human learners, comparing different Bayesian models to find an appropriate Mathematical analysis prior. However, as we show in the remainder of this section, one should be cautious in interpreting such a prior: Consid- Having defined an algorithm that takes into account the pro- ering algorithms by which people might be making inductive cess of hypothesis generation, we can now analyze the con- inferences shows that multiple processes can be reflected in a sequences of using this algorithm. We have two questions of prior estimated from behavioral data. interest. First, will a learner using the GE algorithm produce behavior that appears to be consistent with Bayesian infer- Inferences with a reduced hypothesis space ence? Second, how does the process of hypothesis generation As a computational-level theory of inductive inference, influence the interpretation of the resulting Bayesian model? Bayesian models make no commitments about the psycholog- We can answer both of these questions for a special case of ical mechanisms by which people actually learn and reason. this algorithm by exploiting its relationship to a Monte Carlo The most na¨ıve interpretation
Load more

Recommended publications
  • Abstract in This Paper, D-Strong and Almost D-Strong Near-Rings Ha
    Periodica Mathematica Hungarlca Vol. 17 (1), (1986), pp. 13--20 D-STRONG AND ALMOST D-STRONG NEAR-RINGS A. K. GOYAL (Udaipur) Abstract In this paper, D-strong and almost D-strong near-rings have been defined. It has been proved that if R is a D-strong S-near ring, then prime ideals, strictly prime ideals and completely prime ideals coincide. Also if R is a D-strong near-ring with iden- tity, then every maximal right ideal becomes a maximal ideal and moreover every 2- primitive near-ring becomes a near-field. Several properties, chain conditions and structure theorems have also been discussed. Introduction In this paper, we have generalized some of the results obtained for rings by Wong [12]. Corresponding to the prime and strictly prime ideals in near-rings, we have defined D-strong and almost D-strong near-rings. It has been shown that a regular near-ring having all idempotents central in R is a D-strong and hence almost D-strong near-ring. If R is a D-strong S-near ring, then it has been shown that prime ideals, strictly prime ideals and com- pletely prime ideals coincide and g(R) = H(R) ~ ~(R), where H(R) is the intersection of all strictly prime ideals of R. Also if R is a D-strong near-ring with identity, then every maximal right ideal becomes a maximal ideal and moreover every 2-primitive near-ring becomes a near-field. Some structure theorems have also been discussed. Preliminaries Throughout R will denote a zero-symmetric left near-ring, i.e., R -- Ro in the sense of Pilz [10].
    [Show full text]
  • Neural Networks and the Search for a Quadratic Residue Detector
    Neural Networks and the Search for a Quadratic Residue Detector Michael Potter∗ Leon Reznik∗ Stanisław Radziszowski∗ [email protected] [email protected] [email protected] ∗ Department of Computer Science Rochester Institute of Technology Rochester, NY 14623 Abstract—This paper investigates the feasibility of employing This paper investigates the possibility of employing ANNs artificial neural network techniques for solving fundamental in the search for a solution to the quadratic residues (QR) cryptography problems, taking quadratic residue detection problem, which is defined as follows: as an example. The problem of quadratic residue detection Suppose that you have two integers a and b. Then a is is one which is well known in both number theory and a quadratic residue of b if and only if the following two cryptography. While it garners less attention than problems conditions hold: [1] such as factoring or discrete logarithms, it is similar in both 1) The greatest common divisor of a and b is 1, and difficulty and importance. No polynomial–time algorithm is 2) There exists an integer c such that c2 ≡ a (mod b). currently known to the public by which the quadratic residue status of one number modulo another may be determined. This The first condition is satisfied automatically so long as ∗ work leverages machine learning algorithms in an attempt to a 2 Zb . There is, however, no known polynomial–time (in create a detector capable of solving instances of the problem the number of bits of a and b) algorithm for determining more efficiently. A variety of neural networks, currently at the whether the second condition is satisfied.
    [Show full text]
  • A Scalable System-On-A-Chip Architecture for Prime Number Validation
    A SCALABLE SYSTEM-ON-A-CHIP ARCHITECTURE FOR PRIME NUMBER VALIDATION Ray C.C. Cheung and Ashley Brown Department of Computing, Imperial College London, United Kingdom Abstract This paper presents a scalable SoC architecture for prime number validation which targets reconfigurable hardware This paper presents a scalable SoC architecture for prime such as FPGAs. In particular, users are allowed to se- number validation which targets reconfigurable hardware. lect predefined scalable or non-scalable modular opera- The primality test is crucial for security systems, especially tors for their designs [4]. Our main contributions in- for most public-key schemes. The Rabin-Miller Strong clude: (1) Parallel designs for Montgomery modular arith- Pseudoprime Test has been mapped into hardware, which metic operations (Section 3). (2) A scalable design method makes use of a circuit for computing Montgomery modu- for mapping the Rabin-Miller Strong Pseudoprime Test lar exponentiation to further speed up the validation and to into hardware (Section 4). (3) An architecture of RAM- reduce the hardware cost. A design generator has been de- based Radix-2 Scalable Montgomery multiplier (Section veloped to generate a variety of scalable and non-scalable 4). (4) A design generator for producing hardware prime Montgomery multipliers based on user-defined parameters. number validators based on user-specified parameters (Sec- The performance and resource usage of our designs, im- tion 5). (5) Implementation of the proposed hardware ar- plemented in Xilinx reconfigurable devices, have been ex- chitectures in FPGAs, with an evaluation of its effective- plored using the embedded PowerPC processor and the soft ness compared with different size and speed tradeoffs (Sec- MicroBlaze processor.
    [Show full text]
  • Diffie-Hellman Key Exchange
    Public Key Cryptosystems - Diffie Hellman Public Key Cryptosystems - Diffie Hellman Get two parties to share a secret number that no one else knows Public Key Cryptosystems - Diffie Hellman Get two parties to share a secret number that no one else knows Receiver Sender Public Key Cryptosystems - Diffie Hellman Get two parties to share a secret number that no one else knows Can only use an insecure communications channel for exchange Receiver Sender Attacker Public Key Cryptosystems - Diffie Hellman Get two parties to share a secret number that no one else knows Can only use an insecure communications channel for exchange p,g Receiver Sender p: prime & (p-1)/2 prime g: less than p n = gk mod p Attacker for all 0<n<p and some k (see http://gauss.ececs.uc.edu/Courses/c6053/lectures/Math/Group/group.html) Public Key Cryptosystems - Diffie Hellman A safe prime p: p = 2q + 1 where q is also prime Example: 479 = 2*239 + 1 If p is a safe prime, then p-1 has large prime factor, namely q. If all the factors of p-1 are less than logcp, then the problem of solving the discrete logarithm modulo p is in P (it©s easy). Therefore, for cryptosystems based on discrete logarithm (such as Diffie-Hellman) it is required that p-1 has at least one large prime factor. Public Key Cryptosystems - Diffie Hellman A strong prime p: p is large p-1 has large prime factors (p = aq+1 for integer a and prime q) q-1 has large prime factors (q = br+1 for integer b, prime r) p+1 has large prime factors.
    [Show full text]
  • WHAT IS the BEST APPROACH to COUNTING PRIMES? Andrew Granville 1. How Many Primes Are There? Predictions You Have Probably Seen
    WHAT IS THE BEST APPROACH TO COUNTING PRIMES? Andrew Granville As long as people have studied mathematics, they have wanted to know how many primes there are. Getting precise answers is a notoriously difficult problem, and the first suitable technique, due to Riemann, inspired an enormous amount of great mathematics, the techniques and insights penetrating many different fields. In this article we will review some of the best techniques for counting primes, centering our discussion around Riemann's seminal paper. We will go on to discuss its limitations, and then recent efforts to replace Riemann's theory with one that is significantly simpler. 1. How many primes are there? Predictions You have probably seen a proof that there are infinitely many prime numbers. This was known to the ancient Greeks, and today there are many different proofs, using tools from all sorts of fields. Once one knows that there are infinitely many prime numbers then it is natural to ask whether we can give an exact formula, or at least a good approximation, for the number of primes up to a given point. Such questions were no doubt asked, since antiquity, by those people who thought about prime numbers. With the advent of tables of factorizations, it was possible to make predictions supported by lots of data. Figure 1 is a photograph of Chernac's Table of Factorizations of all integers up to one million, published in 1811.1 There are exactly one thousand pages of factorization tables in the book, each giving the factorizations of one thousand numbers. For example, Page 677, seen here, enables us to factor all numbers between 676000 and 676999.
    [Show full text]
  • Local Prime Factor Decomposition of Approximate Strong Product Graphs
    Local Prime Factor Decomposition of Approximate Strong Product Graphs Von der Fakultät für Mathematik und Informatik der Universität Leipzig angenommene DISSERTATION zur Erlangung des akademischen Grades DOCTOR RERUM NATURALIUM (Dr. rer. nat.) im Fachgebiet Informatik vorgelegt von Diplom Wirtschaftsmathematiker Marc Hellmuth geboren am 25. Juni 1980 in Nordhausen Die Annahme der Dissertation wurde empfohlen von: 1. Professor Dr. Peter F. Stadler (Leipzig, Deutschland) 2. Professor Dr. Sandi Klavžar (Ljubljana, Slowenien) Die Verleihung des akademischen Grades erfolgt mit Bestehen der Vertei- digung am 22.04.2010 mit dem Gesamtprädikat summa cum laude. Acknowledgements Let me thank you very much !! peter F. stadler and wilfried imrich paula werner kloeckl, daniel merkle, lydia gringmann, maribel hernandez-rosales, steve hoffmann, phil ostermeier, kon- stantin klemm, sven findeisz, and the entire beerinformatics community my family christine rahn, marlen pelny, dietrich becker, gilbert spiegel, min choe, and my old friends in nordhausen jens steuck and petra pregel josef leydold, manja marz, sonja prohaska, and martin middendorf ... and all other persons that are in the closed neighborhood of mine !! Abstract In practice, graphs often occur as perturbed product structures, so-called approximate graph products. The practical application of the well-known prime factorization algorithms is therefore limited, since most graphs are prime, although they can have a product-like structure. This work is concerned with the strong graph product. Since strong product graphs G contain subgraphs that are itself products of subgraphs of the underlying factors of G, we follow the idea to develop local approaches that cover a graph by factorizable patches and then use this information to derive the global factors.
    [Show full text]
  • UK Aerospace Supply Chain Study
    BIS RESEARCH PAPER NUMBER 294 UK Aerospace Supply Chain Study JULY 2016 Contents Contents ........................................................................................................................................ 2 Executive Summary ...................................................................................................................... 4 Introduction ................................................................................................................................. 12 Context ..................................................................................................................................... 12 Scope of the Study .................................................................................................................... 14 Methodology overview ............................................................................................................... 14 Structure and Value of the Supply Chain .................................................................................. 16 Primes views ............................................................................................................................. 16 Supply chain view ..................................................................................................................... 18 Participant company overview ............................................................................................... 18 Employment .........................................................................................................................
    [Show full text]
  • An Introduction to Cryptography, Second Edition Richard A
    DISCRETE MATHEMATICS AND ITS APPLICATIONS Series Editor KENNETH H. ROSEN An INTRODUCTION to CRYPTOGRAPHY Second Edition © 2007 by Taylor & Francis Group, LLC DISCRETE MATHEMATICS and ITS APPLICATIONS Series Editor Kenneth H. Rosen, Ph.D. Juergen Bierbrauer, Introduction to Coding Theory Kun-Mao Chao and Bang Ye Wu, Spanning Trees and Optimization Problems Charalambos A. Charalambides, Enumerative Combinatorics Henri Cohen, Gerhard Frey, et al., Handbook of Elliptic and Hyperelliptic Curve Cryptography Charles J. Colbourn and Jeffrey H. Dinitz, The CRC Handbook of Combinatorial Designs Steven Furino, Ying Miao, and Jianxing Yin, Frames and Resolvable Designs: Uses, Constructions, and Existence Randy Goldberg and Lance Riek, A Practical Handbook of Speech Coders Jacob E. Goodman and Joseph O’Rourke, Handbook of Discrete and Computational Geometry, Second Edition Jonathan L. Gross and Jay Yellen, Graph Theory and Its Applications, Second Edition Jonathan L. Gross and Jay Yellen, Handbook of Graph Theory Darrel R. Hankerson, Greg A. Harris, and Peter D. Johnson, Introduction to Information Theory and Data Compression, Second Edition Daryl D. Harms, Miroslav Kraetzl, Charles J. Colbourn, and John S. Devitt, Network Reliability: Experiments with a Symbolic Algebra Environment Leslie Hogben, Handbook of Linear Algebra Derek F. Holt with Bettina Eick and Eamonn A. O’Brien, Handbook of Computational Group Theory David M. Jackson and Terry I. Visentin, An Atlas of Smaller Maps in Orientable and Nonorientable Surfaces Richard E. Klima, Neil P. Sigmon, and Ernest L. Stitzinger, Applications of Abstract Algebra with Maple™ and MATLAB®, Second Edition Patrick Knupp and Kambiz Salari, Verification of Computer Codes in Computational Science and Engineering William Kocay and Donald L.
    [Show full text]
  • On the Security of Mix-Nets and Hierarchical Group Signatures
    On the Security of Mix-Nets and Hierarchical Group Signatures DOUGLAS WIKSTRÖM Doctoral Thesis Stockholm, Sweden 2005 Skolan för datavetenskap och kommunikation Kungliga Tekniska högskolan SE-100 44 Stockholm SWEDEN TRITA NA 05-38 ISSN 0348-2952 ISRN KTH/NA/R--05/38--SE ISBN 91-7178-200-1 c Douglas Wikström, december 2005 Tryck: Universitetsservice US AB iii Abstract In this thesis we investigate two separate cryptographic notions: mix-nets and hier- archical group signatures. The former notion was introduced by Chaum (1981). The latter notion is introduced in this thesis, but it generalizes the notion of group signatures which was introduced by Chaum and Heyst (1991). Numerous proposals for mix-nets are given in the literature, but these are presented with informal security arguments or at best partial proofs. We illustrate the need for a rigorous treatment of the security mix-nets by giving several practical attacks against a construction of Golle et al. (2002). Then we provide the first definition of security of a mix-net in the universally composable security framework (UC-framework) introduced by Canetti (2001). We construct two distinct efficient mix-nets that are provably secure under standard assumptions in the UC-framework against an adversary that corrupts any minority of the mix-servers and any set of senders. The first construction is based on the El Gamal cryptosystem (1985) and is secure against a static adversary, i.e., an adversary that decides which parties to corrupt before the execution of the protocol. This is the first efficient UC-secure mix-net in the literature and the first sender verifiable mix-net that is robust.
    [Show full text]
  • Plasmodium Subtilisin-Like Protease 1 (SUB1): Insights Into the Active-Site Structure, Specificity and Function of a Pan-Malaria Drug Target
    International Journal for Parasitology 42 (2012) 597–612 Contents lists available at SciVerse ScienceDirect International Journal for Parasitology journal homepage: www.elsevier.com/locate/ijpara Plasmodium subtilisin-like protease 1 (SUB1): Insights into the active-site structure, specificity and function of a pan-malaria drug target Chrislaine Withers-Martinez a, Catherine Suarez a, Simone Fulle b, Samir Kher c, Maria Penzo a, ⇑ Jean-Paul Ebejer b, Kostas Koussis a, Fiona Hackett a, Aigars Jirgensons c, Paul Finn b, Michael J. Blackman a, a Division of Parasitology, MRC National Institute for Medical Research (NIMR), Mill Hill, London NW7 1AA, UK b InhibOx Ltd., New Road, Oxford OX1 1BY, UK c Latvian Institute of Organic Synthesis, Aizkraukles 21, LV-1006 Riga, Latvia article info abstract Article history: Release of the malaria merozoite from its host erythrocyte (egress) and invasion of a fresh cell are crucial Received 2 January 2012 steps in the life cycle of the malaria pathogen. Subtilisin-like protease 1 (SUB1) is a parasite serine pro- Received in revised form 29 March 2012 tease implicated in both processes. In the most dangerous human malarial species, Plasmodium falcipa- Accepted 12 April 2012 rum, SUB1 has previously been shown to have several parasite-derived substrates, proteolytic cleavage Available online 27 April 2012 of which is important both for egress and maturation of the merozoite surface to enable invasion. Here we have used molecular modelling, existing knowledge of SUB1 substrates, and recombinant expression Keywords: and characterisation of additional Plasmodium SUB1 orthologues, to examine the active site architecture Plasmodium and substrate specificity of P.
    [Show full text]
  • Recent Advances in Information Technology
    RECENT ADVANCES IN INFORMATION TECHNOLOGY EDITED BY WALDEMAR WÓJCIK AND JAN SIKORA Faculty of Electrical Engineering and Computer Science, Lublin University of Technology, Lublin, Poland LUBLIN 2017 CONTENS 1. CHAPTER 1: SECURITY ESTIMATES UPDATING OF ASYMMETRIC CRYPTOSYSTEMS FOR MODERN COMPUTING 1.1. The effectiveness of different computational models for numbers factorization 1.2. Rho-pollard algorithm 1.3. Selecting crypto parameters 1.4. Distribution and amount of strong primes 1.5. Features of factorization algorithm elaboration for cloud computing 1.6. Conclusions 2. CHAPTER 2: GAME PROBLEMS OF CONTROL FOR FUNCTIONAL- DIFFERENTIAL SYSTEMS 2.1. Problem statement, time of the “first absorption” 2.2. Sufficient conditions for the game termination 2.3. Integro-differential approach 2.4. Example of the integro-differential game approach 2.5. Quasilinear positional integral games approach 2.6. Case of the pursuit problem 2.7. Connection of integral and differential games of approach 2.8. Positional control in differential- difference games 2.9. Time of the ”first absorption” in the linear nonstationary differential game 2.10. Conflict-controlled impulse systems 2.11. Game problems for processes with fractional derivatives 3. CHAPTER 3: INFORMATION TECHNOLOGY FOR AUTOMATED TRANSLATION FROM INFLECTED LANGUAGES TO SIGN LANGUAGE 3.1. Theoretical principles of automated translation system design 3.2. Algorithmic models of automated information technology of translation from inflectional language to sign language 3.3. Experimental testing of informational technology of translation from ukrainian to sign language 3.4. Conclusion 4. CHAPTER 4: INTEROPERABILITY OF THE HEALTH CARE INFORMATION RESOURCES 4.1. Strategy for his development 4.2. The fhir specification concept 4.3.
    [Show full text]
  • On Improving Integer Factorization and Discrete Logarithm Computation Using Partial Triangulation
    On Improving Integer Factorization and Discrete Logarithm Computation using Partial Triangulation Fabrice Boudot [email protected] Abstract. The number field sieve is the best-known algorithm for fac- toring integers and solving the discrete logarithm problem in prime fields. In this paper, we present some new improvements to various steps of the number field sieve. We apply these improvements on the current 768- bit discrete logarithm record and show that we are able to perform the overall computing time in about 1260 core·years using these improve- ments instead of 2350 core·years using the best known parameters for this problem. Moreover, we show that the pre-computation phase for a 768-bit discrete logarithm problem, that allows for example to build a massive decryption tool of IPsec traffic protected by the Oakley group 1, was feasible in reasonable time using technologies available before the year 2000. Keywords: discrete logarithm, integer factorization, number field sieve, sparse linear algebra 1 Introduction 1.1 The discrete logarithm problem The hardness of the discrete logarithm problem in prime fields is one of the most used assumptions in asymmetric cryptography, alongside with the hardness of integer factorization and discrete logarithm computations on elliptic curves. The security of well-known cryptographic primitives, such as the Diffie-Hellman key exchange protocol [12], the El-Gamal encryption [13], and the Digital Signature Algorithm [14], are based on the discrete logarithm problem, and these primitives are used in the most used security protocols such as TLS, IPsec or SSH. The discrete logarithm problem over prime fields can be defined as follows.
    [Show full text]