Efecto sobre aspectos estructurales de la planta

2. EFECTO DE LA RADIACIÓN ULTRAVIOLETA (UV-B) SOBRE LA EFICIENCIA

2.2 MARCO TEÓRICO

2.2.2 Efecto sobre aspectos estructurales de la planta

INPUT p: an odd positive number;

q1, q2, …, qk: all prime factors of p – 1;

OUTPUT YES if p is prime, NO otherwise;

NO_DECISION with certain probability of error. pick g U [2, p – 1]; 1. for (i = 1, i++, k) do 2. if g (p–1)/q

i 1 (mod p) output NO_DECISION and terminate; 3.

if g p–1 _{1 (mod}_p_{) output NO and terminate;}

output YES and terminate.

However, when Alg 4.6 outputs NO_DECISION, it does not know whether or not the input integer p is prime. It is possible that p is not prime, but it is also possible that an error has occurred. In the latter case p is indeed prime, but the testing number g which the algorithm picks at random is a wrong one. After we have studied Theorem 5.12 in §5.4.4, we will know that the wrong number g is not a "primitive root."

To this end we know that Alg 4.6 is a one-sided-error algorithm in the completeness side, i.e., a Las Vegas algorithm. We may revise the algorithm into one which does not terminate at a NO_DECISION answer, but carries on the testing step by picking another random tester g. The modified algorithm is still a Las Vegas algorithm, and becomes "probably fast" since it's possible that it always picks a non-primitive root as a tester. Fortunately, for any odd prime p, the

multiplicative group modulo p (to be defined in Chapter 5) contains plenty of primitive roots and so such an element can be picked up with a non-trivial probability by random sampling the group modulo p (in Chapter 5 we will establish the proportion of primitive roots in a

• Table of Contents

Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company

Publisher: Prentice Hall PTR Pub Date: July 25, 2003

ISBN: 0-13-066943-1 Pages: 648

Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing

cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography.

Las Vegas algorithms and Monte Carlo algorithms collectively are referred to as "randomized algorithms with one-sided error." Algorithms in this union (recall that the union includes

) are really efficient ones; even they are non-deterministic algorithms, their time- complexity behaviors are similar to those of the algorithms in .

4.4.4.2 Another Example of Las Vegas Algorithms: Quantum Factorization

A quantum computer can factor an integer in time polynomial in the size of the integer (i.e., FACTORIZATION Q ). Shor devises such an algorithm ([267], also see, e.g., pages 108-115 of [300]). We now explain that Shor's quantum factorization procedure is also a Las Vegas algorithm.

To factor an integer N, a random integer a is picked; a quantum algorithm, which uses Simon's idea of finding period in quantum state by sampling from the Fourier transform [276], can find the period of the function f(x) = ax_(mod_N_{), i.e., the least positive integer}_r_satisfying_f₍_r_{) = 1.}

In Chapter 6 we shall see that for a composite N, a non-trivial proportion of integers a satisfying gcd(a, N) = 1 has an even period (called the multiplicative order of the element a), i.e., r is even.

Once an even period r is found, if ar/2 _{±1 (mod}_N_{), then}_ar/2_(mod_N_{) is a non-trivial square-} root of 1 modulo N. In §6.6.2 (Theorem 6.17) we shall show that gcd(ar/2_{± 1,}_N_{) must be a} non-trivial factor of N, i.e., the algorithm has successfully factored N.

If r is odd or if ar/2_{= ±1 (mod}_N_{), then gcd(}_ar/2_{± 1,}_N_{) is a trivial factor of}_N_{, i.e., 1 or}_N_{; so} the algorithm fails with no answer. However, for randomly chosen integer a < N, the probability for encountering ar/2 _{±1 (mod}_N_{) is bounded from below by a constant > 1/2, and therefore} the procedure can be repeated using another random element a. By our analysis in §4.4.1.1, Shor's algorithm remains in polynomial time.

4.4.5 Subclass "Probably Fast and Probably Correct"

A subclass of is named (which stands for "Bounded error probability Probabilistic

Polynomial time") if the error probability bounds in (4.4.1) and (4.4.2) both hold for the following cases:

Equation 4.4.11

here a > 0 and b > 0. We should pay attention to two things in this error probability characterization:

1 and d 0. Otherwise, the subclass degenerates to one of the three simpler

cases: , or (Monte Carlo), or (Las Vegas). Now with 1 and d 0,

algorithms in have two-sided errors, both false no-recognition (a completeness

• Table of Contents

Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company

Publisher: Prentice Hall PTR Pub Date: July 25, 2003

ISBN: 0-13-066943-1 Pages: 648

error) and false recognition (a soundness error) are possible.

a > 0 and/or b > 0. This means that algorithms in have their error probabilities clearly bounded away from . In §4.4.1 we have reasoned that if then repeating the algorithm with the majority election criterion can lead to the enlargement of the completeness (reduction of the soundness) error probability. If or , then the majority election technique won't work, since the former (the latter) case means that there is no majority fraction of the random moves to lead to a recognition (rejection). However, a "minority election criterion" may still be used (we will see such an example in §18.5.1). Finally, if and , then no election criterion can work and the problem is not in (i.e., cannot be recognized by a non-deterministic Turing machine regardless of how long a machine runs).

Since besides Monte Carlo and Las Vegas, Atlantic City is another famous gambling place to lure people to increase their winning probabilities by increasing the number of games they play, randomized algorithms with two-sided-errors are also called Atlantic City algorithms. Now let us look at an example of Atlantic City algorithms.

4.4.5.1 An Example of Atlantic City Algorithms

There is a famous protocol in quantum cryptography named the quantum key distribution protocol (the QKD protocol, see e.g. [31]). The QKD protocol allows a bit string to be agreed between two communication entities without having the two parties to meet face to face, and yet that the two parties can be sure with a high confidence that the agreed bit string is exclusively shared between them. The QKD protocol is a two-sided-error randomized algorithm. Let us describe this algorithm and examine its two-sided-error property.

Let us first provide a brief description on the physical principle for the QKD protocol. The distribution of a secret bit string in the QKD protocol is achieved by a sender (let Alice be the sender) transmitting a string of four-way-polarized photons. Each of these photons is in a state (called a photon state or a state) denoted by one of the four following symbols:

The first two photon states are emitted by a polarizer which is set with a rectilinear orientation; the latter two states are emitted by a polarizer which is set with a diagonal orientation. Let us denote by + and x these two differently oriented polarizers, respectively. We can encode information into these four photon states. The following is a bit-to-photon-state encoding scheme:

Equation 4.4.12

This encoding scheme is the public knowledge. If Alice wants to transmit the conventional bit 0 (respectively, 1), she may choose to use + and consequently send out over a quantum channel

• Table of Contents

Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company

Publisher: Prentice Hall PTR Pub Date: July 25, 2003

ISBN: 0-13-066943-1 Pages: 648

— (respectively, |), or choose to use x and consequently send out / (respectively, \). For each conventional bit to be transmitted in the QKD protocol Alice will set differently oriented

polarizers + or x uniformly random.

To receive a photon state, a receiver (who may be Bob, the intended receiver, or Eve, an eavesdropper) must use a device called a photon observer which is also set with rectilinear or diagonal orientations. We shall also denote by + and x these two differently oriented observers, respectively. Let and denote the two differently oriented observers receiving and interpreting photon states transmitted from left to right. The observation of the photon states obeys the following rules:

Correct observations (states are maintained)

Incorrect observations (states are destroyed)

These observation rules say the following things. Rectilinearly oriented states can be correctly observed by rectilinearly set observers correctly; likewise, diagonally oriented states can be correctly observed by diagonally set observers correctly. However, if a rectilinearly (diagonally) oriented state is observed by a diagonally (rectilinearly) oriented observer, then a ±45°

"rectification" of the orientation will occur, with 0.5 probability in either directions. These are wrong observations and are an inevitable result of "Heisenberg Uncertainty Principle." which underlies the working principle for the QKD Protocol.

So if the orientation setting of the receiver's observer agrees with (i.e., is the same as) the setting of Alice's polarizer then a photon state will be correctly received. The public bit-to-photon encoding scheme in (4.4.12) is a 1-1 mapping between the conventional bits and the phone states. So in such a case, the conventional bit sent by Alice can be correctly decoded. On the other hand, if the orientation settings of the photon devices in the two ends disagree, a wrong observation must occur and it also necessarily destroys the photon state transmitted, although the receiver can have no idea which photon state has actually been sent and destroyed.

We are now ready to specify the QKD Protocol. The protocol is specified in Prot 4.1.

Let us explain how this protocol works and measure the probabilities for the two-sided errors to occur.

• Table of Contents

Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company

Publisher: Prentice Hall PTR Pub Date: July 25, 2003

ISBN: 0-13-066943-1 Pages: 648

Protocol 4.1: Quantum Key Distribution (an Atlantic City

In document Efecto de la radiación ultravioleta UV B y UV A en plantas C4: estructura y ultraestructura (página 55-58)