Making a Faster Cryptanalytic Time-Memory Trade-Off

Size: px
Start display at page:

Download "Making a Faster Cryptanalytic Time-Memory Trade-Off"

Transcription

1 Making a Faser Crypanalyic Time-Memory Trade-Off Philippe Oechslin Laboraoire de Securié e de Crypographie (LASEC) Ecole Polyechnique Fédérale de Lausanne Faculé I&C, 1015 Lausanne, Swizerland Absrac. In 1980 Marin Hellman described a crypanalyic ime-memory rade-off which reduces he ime of crypanalysis by using precalculaed daa sored in memory. This echnique was improved by Rives before 1982 wih he inroducion of disinguished poins which drasically reduces he number of memory lookups during crypanalysis. This improved echnique has been sudied exensively bu no new opimisaions have been published ever since. We propose a new way of precalculaing he daa which reduces by wo he number of calculaions needed during crypanalysis. Moreover, since he mehod does no make use of disinguished poins, i reduces he overhead due o he variable chain lengh, which again significanly reduces he number of calculaions. As an example we have implemened an aack on MS-Windows password hashes. Using 1.4GB of daa (wo CD-ROMs) we can crack 99.9% of all alphanumerical passwords hashes (2 37 ) in 13.6 seconds whereas i akes 101 seconds wih he curren approach using disinguished poins. We show ha he gain could be even much higher depending on he parameers used. Key words: ime-memory rade-off, crypanalysis, precompuaion, fixed plainex 1 Inroducion Crypanalyic aacks based on exhausive search need a lo of compuing power or a lo of ime o complee. When he same aack has o be carried ou muliple imes, i may be possible o execue he exhausive search in advance and sore all resuls in memory. Once his precompuaion is done, he aack can be carried ou almos insanly. Alas, his mehod is no pracicable because of he large amoun of memory needed. In [4] Hellman inroduced a mehod o rade memory agains aack ime. For a cryposysem having keys, his mehod can recover a key in 2/3 operaions using 2/3 words of memory. The ypical applicaion of his mehod is he recovery of a key when he plainex and he cipherex are known. One domain where his applies is in poorly designed daa encrypion sysem where an aacker can guess he firs few byes of daa (e.g.

2 2 #include <sdio.h> ). Anoher domain are password hashes. Many popular operaing sysems generae password hashes by encryping a fixed plainex wih he user s password as key and sore he resul as he password hash. Again, if he password hashing scheme is poorly designed, he plainex and he encrypion mehod will be he same for all passwords. In ha case, he password hashes can be calculaed in advance and can be subjeced o a ime-memory rade-off. The ime-memory rade-off (wih or wihou our improvemen) is a probabilisic mehod. Success is no guaraneed and he success rae depends on he ime and memory allocaed for crypanalysis. 1.1 The original mehod Given a fixed plainex P 0 and he corresponding cipherex C 0, he mehod ries o find he key k which was used o encipher he plainex using he cipher S. We hus have: C 0 = S k (P 0 ) We ry o generae all possible cipherexs in advance by enciphering he plainex wih all possible keys. The cipherexs are organised in chains whereby only he firs and he las elemen of a chain is sored in memory. Soring only he firs and las elemen of a chain is he operaion ha yields he rade-off (saving memory a he cos of crypanalysis ime). The chains are creaed using a reducion funcion R which creaes a key from a cipher ex. The cipher ex is longer ha he key, hence he reducion. By successively applying he cipher S and he reducion funcion R we can hus creae chains of alernaing keys and cipherexs. k i S ki (P 0) C i R(C i) k i+1 The succession of R(S k (P 0 )) is wrien f(k) and generaes a key from a key which leads o chains of keys: k i f ki+1 f ki+2... m chains of lengh are creaed and heir firs and las elemens are sored in a able. Given a cipherex C we can ry o find ou if he key used o generae C is among he ones used o generae he able. To do so, we generae a chain of keys saring wih R(C) and up o he lengh. If C was indeed obained wih a key used while creaing he able hen we will evenually generae he key ha maches he las key of he corresponding chain. Tha las key has been sored in memory ogeher wih he firs key of he chain. Using he firs key of he chain he whole chain can be regeneraed and in paricular he key ha comes jus before R(C). This is he key ha was used o generae C, which is he key we are looking for. Unforunaely here is a chance ha chains saring a differen keys collide and merge. This is due o he fac ha he funcion R is an arbirary reducion

3 3 of he space of cipherexs ino he space of keys. The larger a able is, he higher is he probabiliy ha a new chain merges wih a previous one. Each merge reduces he number of disinc keys which are acually covered by a able. The chance of finding a key by using a able of m rows of keys is given in he original paper [4] and is he following: P able 1 m 1 i=1 j=0 ( i ) j+1 1 (1) The efficiency of a single able rapidly decreases wih is size. To obain a high probabiliy of success i is beer o generae muliple ables using a differen reducion funcion for each able. The probabiliy of success using l ables is hen given by: P success m 1 i=1 j=0 ( 1 i l ) j+1 Chains of differen ables can collide bu will no merge since differen reducion funcions are applied in differen ables. (2) False alarms When searching for a key in a able, finding a maching endpoin does no imply ha he key is in he able. Indeed, he key may be par of a chain which has he same endpoin bu is no in he able. In ha case generaing he chain from he saved saring poin does no yield he key, which is referred o as a false alarm. False alarms also occur when a key is in a chain ha is par of he able bu which merges wih oher chains of he able. In ha case several saring poins correspond o he same endpoin and several chains may have o be generaed unil he key is finally found. 1.2 Exising work In [2] Rives suggess o use disinguished poins as endpoins for he chains. Disinguished poins are poins for which a simple crieria holds rue (e.g. he firs en bis of a key are zero). All endpoins sored in memory are disinguished poins. When given a firs cipherex, we can generae a chain of keys unil we find a disinguished poin and only hen look i up in he memory. This grealy reduces he number of memory lookups. All following publicaions use his opimisaion. [6] describes how o opimise he able parameers, m and l o minimise he oal cos of he mehod based on he coss of memory and of processing engines. [5] shows ha he parameers of he ables can be adjused such as o increase he probabiliy of success, wihou increasing he need for memory or he crypanalysis ime. This is acually a rade-off beween precompuaion ime and success rae. However, he success rae canno be arbirarily increased. Bors noes in [1] ha disinguished poins also have he following wo advanages:

4 4 They allow for loop deecion. If a disinguished poin is no found afer enumeraing a given number of keys (say, muliple imes heir average occurrence), hen he chain can be suspeced o conain a loop and be abandoned. The resul is ha all chains in he able are free of loops. Merges can easily be deeced since wo merging chains will have he same endpoin (he nex disinguished poin afer he merge). As he endpoins have o be sored anyway he merges are discovered wihou addiional cos. [1] sugges ha i is hus easy o generae collision free ables wihou significan overhead. Merging chains are simply hrown away and addiional chains are generaed o replace hem. Generaing merge free ables is ye anoher rade-off, namely a reducion of memory a he cos of exra precompuaion. Finally [7] noes ha all calculaions used in previous papers are based on Hellman s original mehod and ha he resuls may be differen when using disinguished poins due o he variaion of chain lengh. They presen a deailed analysis which is backed up by simulaion in a purpose-buil FPGA. A varian of Hellman s rade-off is presened by Fia and oar in [3]. Alhough his rade-off is less efficien, i can be rigorously analysed and can provably inver any ype of funcion. 2 Resuls of he original mehod 2.1 Bounds and parameers There are hree parameers ha can be adjused in he ime-memory rade-off: he lengh of he chains, he number of chains per able m and he number of ables produced l. These parameers can be adjused o saisfy he bounds on memory M, crypanalysis ime T and success rae P success. The bound on success rae is given by equaion 2. The bound on memory M is given by he number of chains per able m, he number of ables l and he amoun of memory m 0 needed o sore a saring poin and an endpoin (8 byes in our experimens). The bound in ime T is given by he average lengh of he chains, he number of ables l and he rae 1 0 a which he plainex can be enciphered ( /s in our case). This bound corresponds o he wors case where all ables have o be searched bu i does no ake ino accoun he ime spen on false alarms. M = m l m 0 T = l 0 Figure 1 illusraes he bounds for he problem of cracking alphanumerical windows passwords (complexiy of 2 37 ). The surface on he op-lef graph is he bound on memory. Soluions saisfying he bound on memory lie below his surface. The surface on he boom-lef graph is he bound on ime and soluions also have o be below ha surface o saisfy he bound. The graph on he righ side shows he bound on success probabiliy of 99.9% and he combinaion of he wo previous bounds. To saisfy all hree bounds, he parameers of he

5 5 M < 1.4GB Success > 0.999, min(m <1.4GB, T < 220) l l m T < 220s 0 l m m Fig. 1. Soluion space for a success probabiliy of 99.9%, a memory size of 1.4GB and a maximum of 220 seconds in our sample problem. soluion mus lie below he proruding surface in he cenre of he graph (ime and memory consrains) and above he oher surface (success rae consrain). This figure nicely illusraes he conen of [5], namely ha he success rae can be improved wihou using more memory or more ime: all he poins on he ridge in he cenre of he graph saisfy boh he bound on crypanalysis ime and memory bu some of hem are furher away from he bound of success rae han ohers. Thus he success rae can be opimised while keeping he same amoun of daa and crypanalysis ime, which is he resul of [5]. We can even go one sep furher han he auhors and sae ha he opimal poin mus lie on he ridge where he bounds on ime and memory mee, which runs along m = T M. This reduces he search for he opimal soluion by one dimension. 3 A new able srucure wih beer resuls The main limiaion of he original scheme is he fac ha when wo chains collide in a single able hey merge. We propose a new ype of chains which can collide wihin he same able wihou merging. We call our chains rainbow chains. They use a successive reducion funcion for each poin in he chain. They sar wih reducion funcion 1 and end wih reducion funcion 1. Thus if wo chains collide, hey merge only if he collision appears a he same posiion in boh chains. If he collision does no appear a he same posiion, boh chains will coninue wih a differen reducion funcion and will hus no merge. For chains of lengh, if a collision occurs, he chance of i being a merge is hus only 1. The probabiliy of success wihin a single

6 6 able of size m is given by: P able = 1 (1 m i ) (3) i=1 ( where m 1 = m and m n+1 = 1 e mn The derivaion of he success probabiliy is given in he appendix. I is ineresing o noe ha he success probabiliy of rainbow ables can be direcly compared o ha of classical ables. Indeed he success probabiliy of classical ables of size m is approximaely equal o ha of a single rainbow able of size m. In boh cases he ables cover m 2 keys wih differen reducion funcions. For each poin a collision wihin a se of m keys ( a single classical able or a column in he rainbow able) resuls in a merge, whereas collisions wih he remaining keys are no merges. The relaion beween ables of size m and a rainbow able is shown in Figure 2. The probabiliy of success are compared in Figure 3. oe ha he axes have been relabeled o creae he same scale as wih he classical case in Figure 1. Rainbow ables seem o have a slighly beer probabiliy of success bu his may jus be due o he fac ha he success rae calculaed in he former case is he exac expecaion of he probabiliy where as in he laer case i is a lower bound. To lookup a key in a rainbow able we proceed in he following manner: Firs we apply R n 1 o he cipherex and look up he resul in he endpoins of he able. If we find he endpoin we know how o rebuild he chain using he corresponding saring poin. If we don find he endpoin, we ry if we find i by applying R n 2, f n 1 o see if he key was in he second las column of he able. Then we ry o apply R n 3, f n 2, f n 1, and so forh. The oal number of calculaions we have o make is hus ( 1) 2. This is half as much as wih he classical mehod. Indeed, we need 2 calculaions o search he corresponding ables of size m. Rainbow chains share some advanages of chains ending in disinguished poins wihou suffering of heir limiaions: The number of able look-ups is reduced by a facor of compared o Hellman s original mehod. Merges of rainbow chains resul in idenical endpoins and are hus deecable, as wih disinguished poins. Rainbow chains can hus be used o generae merge-free ables. oe ha in his case, he ables are no collision free. Rainbow chains have no loops, since each reducion funcion appears only once. This is beer han loop deecion and rejecion as described before, because we don spend ime on following and hen rejecing loops and he coverage of our chains is no reduced because of loops han can no be covered. Rainbow chains have a consan lengh whereas chains ending in disinguished poins have a variable lengh. As we shall see in Secion 4.1 his )

7 7 m k1 1,1 m k 1 m,1 k2 1,1 m m k 2 m,1. k 1 1,1 k 1 f 1 m,1 k 1,1 k m,1 f 1 f 1 f 1 k 1 1, f 1 f 1 f 1 k 1 m, f 2 f 2 f 2 k 2 1, f 2 f 2 f 2 k 2 m,. f 1 f 1 f 1 k 1 1, f 1 f 1 k 1 m, f f f k 1, f f f k m, m f k 1 f 2 f 1 1,1 k 1, f k 1 f 2 f 1 m,1 k m, Fig. 2. classic ables of size m on he lef and one rainbow able of size m on he righ. In boh cases merges can occur wihin a group of m keys and a collision can occur wih he remaining m( 1) keys. I akes half as many operaions o look up a key in a rainbow able han in classic ables. reduces he number of false alarms and he exra work due o false alarms. This effec can be much more imporan ha he facor of wo gained by he srucure of he able. 4 Experimenal resuls We have chosen cracking of MS Windows passwords as an example because i has a real-world significance and can be carried ou on any sandard worksaion. The password hash we ry o crack is he LanManager hash which is sill suppored by all versions of MS Windows for backward compaibiliy. The hash is generaed by cuing a 14 characers password ino wo chunks of seven characers. In each chunk, lower case characers are urned o upper case and hen he chunk is used as a key o encryp a fixed plain-ex wih DES. This yields wo 8 bye hashes which are concaenaed o form he 16 bye LanManager hash. Each halves of he LanManager hash can hus be aacked separaely and passwords of up o 14 alphanumerical generae only 2 37 differen 8 bye hashes (raher han bye hashes).

8 8 Success > and min(memory <1.4GB, Time < 110) l m Fig. 3. Comparison of he success rae of classical ables and rainbow ables. The upper surface represens he consrain of 99.9% success wih classical ables, he lower surface is he same consrain for rainbow ables. For rainbow ables he scale has been adjused o allow a direc comparison of boh ypes of ables m m, l l Based on Figure 1 we have chosen he parameers for classic ables o be c = 4666, m c = 8192 and for rainbow ables o be r = 4666, m r = c m c = We have generaed 4666 classic ables and one rainbow able and measured heir success rae by cracking 500 random passwords on a sandard worksaion (P4 1.5GHz, 500MB RAM). The resuls are given in he able below: classic wih DP rainbow, m, l 4666, 8192, , , 1 prediced coverage 75.5% 77.5% measured coverage 75.8% 78.8% Table 1. Measured coverage for classic ables wih disinguished poins and for rainbow ables, afer cracking of 500 password hashes This experimen clearly shows ha rainbow ables can achieve he same success rae wih he same amoun of daa as classical ables. Knowing his, i is now ineresing o compare he crypanalysis ime of boh mehods since rainbow ables should be wice as fas. In Table 2 we compare he mean crypanalysis ime, he mean number of hash operaions per crypanalysis and he mean number of false alarms per crypanalysis.

9 9 Wha we see from able 2 is ha our mehod is acually abou 7 imes faser han he original mehod. Indeed, each crypanalysis incurs an average of 9.3M hash calculaions wih he improved mehod whereas he original mehod incurs 67.2M calculaions. A facor of wo is explained by he srucure of he ables. The remaining speed-up is caused by he fac ha here are more false alarms wih disinguished poins (2.8 imes more in average) and ha hese false alarms generae more work. Boh effecs are due o he fac ha wih disinguished poins, he lengh of he chains is no consan. 4.1 The imporance of being consan Faal aracion: Variaions in chain lengh inroduce variaions in merge probabiliy. Wihin a given se of chains (e.g. one able) he longer chains will have more chances o merge wih oher chains han he shor ones. Thus he merges will creae larger rees of longer chains and smaller rees of shorer chains. This has a doubly negaive effec when false alarms occur. False alarm will more probably happen wih large rees because here are more possibiliies o merge ino a large ree han ino a small one. A single merge ino a large ree creaes more false alarms since he ree conains more chains and all chains have o be generaed o confirm he false alarm. Thus false alarms will no only end o happen wih longer chains, hey will also end o happen in larger ses. Larger overhead: Addiionally o he aracion effec of longer chains, he number of calculaions needed o confirm a false alarm on a variable lengh chains is larger han wih consan lengh chains. When he lengh of a chain is no known he whole chain has o be regeneraed o confirm he false alarm. Wih consan lengh chains we can coun he number of calculaions done o reach he end of a chain and hen know exacly a wha posiion o expec he key. We hus only have o generae a fracion of a chain o confirm he false alarm. Moreover, wih rainbow chains, false alarms will occur more ofen when we look a he longer chains (i.e. saring a he columns more o he lef of a able). Forunaely, his is also where he par of he chain ha has o be generaed o confirm he false alarms is he shores. Boh hese effecs can be seen in Table 2 by looking a he number of endpoins found, he number of false alarms and he number of calculaions per false alarm, in case of failure. Wih disinguished poins each maching poin generaes abou 4 false alarms and he mean lengh of he chains generaed is abou Wih rainbow chains here are only abou 2.5 false alarms per endpoin found and only 1500 keys generaed per false alarm. The fac ha longer chains yield more merges has been noed in [7] wihou menioning ha i increases he probabiliy and overhead of false alarms. As a resul, he auhors propose o only use chains which are wihin a cerain range of lengh. This reduces he problems due o he variaion of lengh bu i also reduces he coverage ha can be achieved wih one reducion funcion and increases he precalculaion effor.

10 10 classic wih DP rainbow raio, m, l 4666, 8192, , , 1 1 mean crypanalysis ime o success 68.9s 9.37s 7.4 o failure 181.0s 26.0s 7.0 average 96.1s 12.9s 7.4 mean nbr of hash calculaions o success 48.3M 6.77M 7.1 o failure 126M 18.9M 6.7 average 67.2M 9.34M 7.2 mean nbr of searches o success o failure average mean nbr of maching endpoins found o success o failure average mean nbr of false alarms o success o failure average mean nbr of hash calculaions per false alarms o success o failure average Table 2. saisics for classic ables wih disinguished poins and for rainbow ables 4.2 Increasing he gain even furher We have calculaed he expeced gain over classical ables by considering he wors case where a key has o be searched in all columns of a rainbow able and wihou couning he false alarms. While a rainbow able is searched from he amoun of calculaion increases quadraicly from 1 o 2 1 2, whereas in classical ables i increases linearly o 2. If he key is found early, he gain may hus be much higher (up o a facor of ). This addiional gain is parly se off by he fac ha in rainbow ables, false alarms ha occur in he beginning of he search, even if rarer, are he ones ha generae he mos overhead. Sill, i should be possible o consruc a (possibly pahological) case where rainbow ables have an arbirary large gain over classical ables. One way of doing i is o require a success rae very close o 100% and a large. The examples in he lieraure ofen use a success rae of up o 80% wih 1/3 ables of order of 1/3 chains of 1/3 poins. Such a configuraion can be replaced wih a single rainbow able of order of 2/3 rows of 1/3 keys. For some applicaions a success rae of 80% may be sufficien, especially if here are several samples of cipherex available and we

11 11 need o recover jus any key. In our example of password recovery we are ofen ineresed in only one paricular password (e.g. he adminisraor s password). In ha case we would raher have a near perfec success rae. High success raes lead o configuraions where he number of ables is several imes larger han he lengh of he chains. Thus we end up having several rainbow ables (5 in our example). Using a high success rae yields a case were we ypically will find he key early and we only rarely have o search all rows of all ables. To benefi from his fac we have o make sure ha we do no search he five rainbow ables sequenially bu ha we firs look up he las column of each able and hen only move o he second las column of each able. Using his procedure we reach a gain of 12 when using five ables o reach 99.9% success rae compared o he gain of 7 we had wih a single able and 78% success rae. More deails are given in he nex secion. 4.3 Cracking Windows passwords in seconds Afer having noiced ha rainbow chains perform much beer han classical ones, we have creaed a larger se of ables o achieve our goal of 99.9% success rae. The measuremens on he firs able show ha we would need 4.45 ables of lines and 4666 columns. We have chosen o generae 5 ables of lines in order o have an ineger number of ables and o respec he memory consrain of 1.4GB. On he oher hand we have generaed ables of 4666 columns and 7501 lines. The resuls are given in Table 3. We have cracked 500 passwords, wih 100% success in boh cases. classic wih DP rainbow raio rainbow sequenial raio, m, l 4666, 7501, , 35M, , 35M, 5 1 crypanalysis ime 101.4s s 7.5 hash calculaions 90.3M 7.4M M 7.6 false alarms (fa) hashes per fa effor spen on fa 80% 76% % 1.1 success rae 100% 100% 1 100% 1 Table 3. Crypanalysis saisics wih a se of ables yielding a success rae of 99.9%. From he middle column we see ha rainbow ables need 12 imes less calculaions. The gain in crypanalysis ime is only 1.5 imes beer due o disk accesses. On a worksaion wih 500MB of RAM a beer gain in ime (7.5) can be achieved by resricing he search o one rainbow able a a ime (rainbow sequenial). From able 3 we see ha rainbow ables need 12 imes less calculaions han classical ables wih disinguished poins. Unforunaely he gain in ime is only a facor of 1.5. This is because we have o randomly access 1.4GB of daa on a worksaion ha has 500MB of RAM. In he previous measuremens wih a

12 12 single able, he able would say in he filesysem cache, which is no possible wih five ables. Insead of upgrading he worksaion o 1.5GB of RAM we chose o implemen an approach where we search in each rainbow able sequenially. This allows us o illusrae he discussion from he end of he previous secion. When we search he key in all ables simulaneously raher han sequenially, we work wih shorer chains and hus generae less work (7.4M operaions raher han 11.8M). Shorer chains also mean ha we have less false alarms (1311 per key cracked, raher han 2773). Bu shor chains also mean ha calculaions needed o confirm a false alarm are higher (4321 agains 3080). I is ineresing o noe ha in all cases, he calculaions due o false alarms make abou 75% of he crypanalysis effor. Looking a he generic parameers of he rade-off we also noe ha he precalculaion of he ables has needed an effor abou 10 imes higher han calculaing a full dicionary. The large effor is due o he probabilisic naure of he mehod and i could be reduced o hree imes a full dicionary if we would accep 90% success rae raher ha han 99.9%. 5 An oulook a perfec ables Rainbow ables and classic ables wih disinguished poins boh have he propery ha merging chains can be deeced because of heir idenical endpoins. Since he ables have o be sored by endpoin anyway, i seems very promising o creae perfec ables by removing all chains ha merge wih chains ha are already in he able. In he case of disinguished poins we can even choose o reain he longes chain of a se of merging chains o maximise he coverage of he able. The success rae of rainbow ables and ables wih disinguished poins are easy o calculae, a leas if we assume ha chains wih disinguished poins have a average lengh of. In ha case i is sraigh forward o see ha a rainbow able of size m has he same success rae han ables of size m. Indeed, in he former case we have rows of m disinc keys where in he laer case we have ables conaining m disinc keys each. Ideally we would wan o consruc a single perfec able ha covers he complee domain of keys. The challenge abou perfec ables is o predic how many non-merging chains of lengh i is possible o generae. For rainbow chains his can be calculaed in he same way as we calculae he success rae for non-perfec ables. Since we evaluae he number of disinc poins in each column of he able, we need only look a he number of disinc poins in he las column o know how many disinc chains here will be. ( ˆP able = 1 e m where m 1 = and m n+1 = 1 e mn ) (4) For chains delimied by disinguished poins, his calculaion is far more complex. Because of he faal aracion described above, he longer chains will be merged ino large rees. Thus when eliminaing merging chains we will eliminae

13 13 more longer chains han shorer ones. A single experimen wih 16 million chains of lengh 4666 shows ha afer eliminaion of all merges (by keeping he longes chain), only 2% of he chains remain and heir average lengh has decreased from 4666 o 386! To keep an average lengh of 4666 we have o eliminae 96% of he remaining chains o reain only he longes 4% (14060) of hem. The precalculaion effor involved in generaing maximum size perfec ables is prohibiive (). To be implemenable a soluion would use a se of ables which are smaller han he larges possible perfec ables. More advanced analysis of perfec ables is he focus of our curren effor. We conjecure ha because of he limied number of available non-merging chains, i migh acually be more efficien o use near-perfec ables. 6 Conclusions We have inroduced a new way of generaing precompued daa in Hellman s original crypanalyic ime-memory rade-off. Our opimisaion has he same propery as he use of disinguished poins, namely ha i reduces he number of able look-ups by a facor which is equal o he lengh of he chains. For an equivalen success rae our mehod reduces he number of calculaions needed for crypanalysis by a facor of wo agains he original mehod and by an even more imporan facor (12 in our experimen) agains disinguished poins. We have shown ha he reason for his exra gain is he variable lengh of chains ha are delimied by disinguished poins which resuls in more false alarms and more overhead per false alarm. We conjecure ha wih differen parameers (e.g. a higher success rae) he gain could be even much larger han he facor of 12 found in our experimen. These facs make our mehod a very aracive replacemen for he original mehod improved wih disinguished poins. The fac ha our mehod yields chains ha have a consan lengh also grealy simplifies he analysis of he mehod as compared o variable lengh chains using disinguished poins. I also avoids he exra precalculaion effor which occurs when variable lengh chains have o be discarded because hey have an inappropriae lengh or conain a loop. Consan lengh could even prove o be advanageous for hardware implemenaions. Finally our experimen has demonsraed ha he ime-memory rade-off allows anybody owning a modern personal compuer o break crypographic sysems which were believed o be secure when implemened years ago and which are sill in use oday. This goes o demonsrae he imporance of phasing ou old crypographic sysems when beer sysems exis o replace hem. In paricular, since memory has he same imporance as processing speed for his ype of aack, ypical worksaions benefi doubly from he progress of echnology. Acknowledgemens The auhor wishes o hank Maxime Mueller for implemening a firs version of he experimen.

14 14 References 1. J. Bors, B. Preneel, and J. Vandewalle. On ime-memory radeoff beween exhausive key search and able precompuaion. In P. H.. de Wih and M. van der Schaar-Mirea, ediors, 19h Symp. on Informaion Theory in he Benelux, pages , Veldhoven (L), Werkgemeenschap Informaie- en Communicaieheorie, Enschede (L). 2. D.E. Denning. Crypography and Daa Securiy, page 100. Addison-Wesley, Amos Fia and Moni aor. Rigorous ime/space radeoffs for invering funcions. In STOC 1991, pages , M. E. Hellman. A crypanalyic ime-memory rade off. IEEE Transacions on Informaion Theory, IT-26: , Kim and Masumoo. Achieving higher success probabiliy in ime-memory radeoff crypanalysis wihou increasing memory size. TIEICE: IEICE Transacions on Communicaions/Elecronics/Informaion and Sysems, Koji KUSUDA and Tsuomu MATSUMOTO. Opimizaion of ime-memory radeoff crypanalysis and is applicaion o DES, FEAL-32, and skipjack. IEICE Transacions on Fundamenals, E79-A(1):35 48, January F.X. Sandaer, G. Rouvroy, J.J. Quisquaer, and J.D. Lega. A ime-memory radeoff using disinguished poins: ew analysis & FPGA resuls. In proceedings of CHES 2002, pages Springer Verlag, Appendix The success rae of a single rainbow able can be calculaed by looking a each column of he able and reaing i as a classical occupancy problem. We sar wih m 1 = m disinc keys in he firs column. In he second column he m 1 keys are randomly disribued over he keyspace of size, generaing m 2 disinc keys: ( m 2 = (1 1 1 ) m1 ( ) 1 e m 1 Each column i has m i disinc keys. The success rae of he able is hus: ) P = 1 (1 m i ) i=1 where ( m 1 = m, m n+1 = 1 e mn ) The resul is no in a closed form and has o be calculaed numerically. This is no disadvanage agains he success rae of classical ables since he large number of erms in he sum of ha equaion requires a numerical inerpolaion. The same approach can be used o calculae he number of non-merging chains ha can be generaed. Since merging chains are recognised by heir idenical endpoin, he number of disinc keys in he las column m is he number

15 15 of non-merging chains. The maximum number of chains can be reached when choosing every single key in he key space as a saring poin. ( m 1 =, m n+1 = 1 e mn ) The success probabiliy of a able wih he maximum number of non-merging chains is: ˆP = 1 (1 m ) 1 e m oe ha he effor o build such a able is.

PROFIT TEST MODELLING IN LIFE ASSURANCE USING SPREADSHEETS PART ONE

PROFIT TEST MODELLING IN LIFE ASSURANCE USING SPREADSHEETS PART ONE Profi Tes Modelling in Life Assurance Using Spreadshees PROFIT TEST MODELLING IN LIFE ASSURANCE USING SPREADSHEETS PART ONE Erik Alm Peer Millingon 2004 Profi Tes Modelling in Life Assurance Using Spreadshees

More information

Chapter 1.6 Financial Management

Chapter 1.6 Financial Management Chaper 1.6 Financial Managemen Par I: Objecive ype quesions and answers 1. Simple pay back period is equal o: a) Raio of Firs cos/ne yearly savings b) Raio of Annual gross cash flow/capial cos n c) = (1

More information

The Application of Multi Shifts and Break Windows in Employees Scheduling

The Application of Multi Shifts and Break Windows in Employees Scheduling The Applicaion of Muli Shifs and Brea Windows in Employees Scheduling Evy Herowai Indusrial Engineering Deparmen, Universiy of Surabaya, Indonesia Absrac. One mehod for increasing company s performance

More information

Multiprocessor Systems-on-Chips

Multiprocessor Systems-on-Chips Par of: Muliprocessor Sysems-on-Chips Edied by: Ahmed Amine Jerraya and Wayne Wolf Morgan Kaufmann Publishers, 2005 2 Modeling Shared Resources Conex swiching implies overhead. On a processing elemen,

More information

Duration and Convexity ( ) 20 = Bond B has a maturity of 5 years and also has a required rate of return of 10%. Its price is $613.

Duration and Convexity ( ) 20 = Bond B has a maturity of 5 years and also has a required rate of return of 10%. Its price is $613. Graduae School of Business Adminisraion Universiy of Virginia UVA-F-38 Duraion and Convexiy he price of a bond is a funcion of he promised paymens and he marke required rae of reurn. Since he promised

More information

cooking trajectory boiling water B (t) microwave 0 2 4 6 8 101214161820 time t (mins)

cooking trajectory boiling water B (t) microwave 0 2 4 6 8 101214161820 time t (mins) Alligaor egg wih calculus We have a large alligaor egg jus ou of he fridge (1 ) which we need o hea o 9. Now here are wo accepable mehods for heaing alligaor eggs, one is o immerse hem in boiling waer

More information

Chapter 8: Regression with Lagged Explanatory Variables

Chapter 8: Regression with Lagged Explanatory Variables Chaper 8: Regression wih Lagged Explanaory Variables Time series daa: Y for =1,..,T End goal: Regression model relaing a dependen variable o explanaory variables. Wih ime series new issues arise: 1. One

More information

INTEREST RATE FUTURES AND THEIR OPTIONS: SOME PRICING APPROACHES

INTEREST RATE FUTURES AND THEIR OPTIONS: SOME PRICING APPROACHES INTEREST RATE FUTURES AND THEIR OPTIONS: SOME PRICING APPROACHES OPENGAMMA QUANTITATIVE RESEARCH Absrac. Exchange-raded ineres rae fuures and heir opions are described. The fuure opions include hose paying

More information

Real-time Particle Filters

Real-time Particle Filters Real-ime Paricle Filers Cody Kwok Dieer Fox Marina Meilă Dep. of Compuer Science & Engineering, Dep. of Saisics Universiy of Washingon Seale, WA 9895 ckwok,fox @cs.washingon.edu, mmp@sa.washingon.edu Absrac

More information

Individual Health Insurance April 30, 2008 Pages 167-170

Individual Health Insurance April 30, 2008 Pages 167-170 Individual Healh Insurance April 30, 2008 Pages 167-170 We have received feedback ha his secion of he e is confusing because some of he defined noaion is inconsisen wih comparable life insurance reserve

More information

17 Laplace transform. Solving linear ODE with piecewise continuous right hand sides

17 Laplace transform. Solving linear ODE with piecewise continuous right hand sides 7 Laplace ransform. Solving linear ODE wih piecewise coninuous righ hand sides In his lecure I will show how o apply he Laplace ransform o he ODE Ly = f wih piecewise coninuous f. Definiion. A funcion

More information

BALANCE OF PAYMENTS. First quarter 2008. Balance of payments

BALANCE OF PAYMENTS. First quarter 2008. Balance of payments BALANCE OF PAYMENTS DATE: 2008-05-30 PUBLISHER: Balance of Paymens and Financial Markes (BFM) Lena Finn + 46 8 506 944 09, lena.finn@scb.se Camilla Bergeling +46 8 506 942 06, camilla.bergeling@scb.se

More information

The Grantor Retained Annuity Trust (GRAT)

The Grantor Retained Annuity Trust (GRAT) WEALTH ADVISORY Esae Planning Sraegies for closely-held, family businesses The Granor Reained Annuiy Trus (GRAT) An efficien wealh ransfer sraegy, paricularly in a low ineres rae environmen Family business

More information

Hedging with Forwards and Futures

Hedging with Forwards and Futures Hedging wih orwards and uures Hedging in mos cases is sraighforward. You plan o buy 10,000 barrels of oil in six monhs and you wish o eliminae he price risk. If you ake he buy-side of a forward/fuures

More information

The Transport Equation

The Transport Equation The Transpor Equaion Consider a fluid, flowing wih velociy, V, in a hin sraigh ube whose cross secion will be denoed by A. Suppose he fluid conains a conaminan whose concenraion a posiion a ime will be

More information

Why Did the Demand for Cash Decrease Recently in Korea?

Why Did the Demand for Cash Decrease Recently in Korea? Why Did he Demand for Cash Decrease Recenly in Korea? Byoung Hark Yoo Bank of Korea 26. 5 Absrac We explores why cash demand have decreased recenly in Korea. The raio of cash o consumpion fell o 4.7% in

More information

Mathematics in Pharmacokinetics What and Why (A second attempt to make it clearer)

Mathematics in Pharmacokinetics What and Why (A second attempt to make it clearer) Mahemaics in Pharmacokineics Wha and Why (A second aemp o make i clearer) We have used equaions for concenraion () as a funcion of ime (). We will coninue o use hese equaions since he plasma concenraions

More information

Chapter 2 Problems. 3600s = 25m / s d = s t = 25m / s 0.5s = 12.5m. Δx = x(4) x(0) =12m 0m =12m

Chapter 2 Problems. 3600s = 25m / s d = s t = 25m / s 0.5s = 12.5m. Δx = x(4) x(0) =12m 0m =12m Chaper 2 Problems 2.1 During a hard sneeze, your eyes migh shu for 0.5s. If you are driving a car a 90km/h during such a sneeze, how far does he car move during ha ime s = 90km 1000m h 1km 1h 3600s = 25m

More information

TEMPORAL PATTERN IDENTIFICATION OF TIME SERIES DATA USING PATTERN WAVELETS AND GENETIC ALGORITHMS

TEMPORAL PATTERN IDENTIFICATION OF TIME SERIES DATA USING PATTERN WAVELETS AND GENETIC ALGORITHMS TEMPORAL PATTERN IDENTIFICATION OF TIME SERIES DATA USING PATTERN WAVELETS AND GENETIC ALGORITHMS RICHARD J. POVINELLI AND XIN FENG Deparmen of Elecrical and Compuer Engineering Marquee Universiy, P.O.

More information

Chabot College Physics Lab RC Circuits Scott Hildreth

Chabot College Physics Lab RC Circuits Scott Hildreth Chabo College Physics Lab Circuis Sco Hildreh Goals: Coninue o advance your undersanding of circuis, measuring resisances, currens, and volages across muliple componens. Exend your skills in making breadboard

More information

A Note on Using the Svensson procedure to estimate the risk free rate in corporate valuation

A Note on Using the Svensson procedure to estimate the risk free rate in corporate valuation A Noe on Using he Svensson procedure o esimae he risk free rae in corporae valuaion By Sven Arnold, Alexander Lahmann and Bernhard Schwezler Ocober 2011 1. The risk free ineres rae in corporae valuaion

More information

TSG-RAN Working Group 1 (Radio Layer 1) meeting #3 Nynashamn, Sweden 22 nd 26 th March 1999

TSG-RAN Working Group 1 (Radio Layer 1) meeting #3 Nynashamn, Sweden 22 nd 26 th March 1999 TSG-RAN Working Group 1 (Radio Layer 1) meeing #3 Nynashamn, Sweden 22 nd 26 h March 1999 RAN TSGW1#3(99)196 Agenda Iem: 9.1 Source: Tile: Documen for: Moorola Macro-diversiy for he PRACH Discussion/Decision

More information

USE OF EDUCATION TECHNOLOGY IN ENGLISH CLASSES

USE OF EDUCATION TECHNOLOGY IN ENGLISH CLASSES USE OF EDUCATION TECHNOLOGY IN ENGLISH CLASSES Mehme Nuri GÖMLEKSİZ Absrac Using educaion echnology in classes helps eachers realize a beer and more effecive learning. In his sudy 150 English eachers were

More information

1 HALF-LIFE EQUATIONS

1 HALF-LIFE EQUATIONS R.L. Hanna Page HALF-LIFE EQUATIONS The basic equaion ; he saring poin ; : wrien for ime: x / where fracion of original maerial and / number of half-lives, and / log / o calculae he age (# ears): age (half-life)

More information

Morningstar Investor Return

Morningstar Investor Return Morningsar Invesor Reurn Morningsar Mehodology Paper Augus 31, 2010 2010 Morningsar, Inc. All righs reserved. The informaion in his documen is he propery of Morningsar, Inc. Reproducion or ranscripion

More information

Journal Of Business & Economics Research September 2005 Volume 3, Number 9

Journal Of Business & Economics Research September 2005 Volume 3, Number 9 Opion Pricing And Mone Carlo Simulaions George M. Jabbour, (Email: jabbour@gwu.edu), George Washingon Universiy Yi-Kang Liu, (yikang@gwu.edu), George Washingon Universiy ABSTRACT The advanage of Mone Carlo

More information

Stock Trading with Recurrent Reinforcement Learning (RRL) CS229 Application Project Gabriel Molina, SUID 5055783

Stock Trading with Recurrent Reinforcement Learning (RRL) CS229 Application Project Gabriel Molina, SUID 5055783 Sock raing wih Recurren Reinforcemen Learning (RRL) CS9 Applicaion Projec Gabriel Molina, SUID 555783 I. INRODUCION One relaively new approach o financial raing is o use machine learning algorihms o preic

More information

Principal components of stock market dynamics. Methodology and applications in brief (to be updated ) Andrei Bouzaev, bouzaev@ya.

Principal components of stock market dynamics. Methodology and applications in brief (to be updated ) Andrei Bouzaev, bouzaev@ya. Principal componens of sock marke dynamics Mehodology and applicaions in brief o be updaed Andrei Bouzaev, bouzaev@ya.ru Why principal componens are needed Objecives undersand he evidence of more han one

More information

Chapter 4: Exponential and Logarithmic Functions

Chapter 4: Exponential and Logarithmic Functions Chaper 4: Eponenial and Logarihmic Funcions Secion 4.1 Eponenial Funcions... 15 Secion 4. Graphs of Eponenial Funcions... 3 Secion 4.3 Logarihmic Funcions... 4 Secion 4.4 Logarihmic Properies... 53 Secion

More information

Option Put-Call Parity Relations When the Underlying Security Pays Dividends

Option Put-Call Parity Relations When the Underlying Security Pays Dividends Inernaional Journal of Business and conomics, 26, Vol. 5, No. 3, 225-23 Opion Pu-all Pariy Relaions When he Underlying Securiy Pays Dividends Weiyu Guo Deparmen of Finance, Universiy of Nebraska Omaha,

More information

Double Entry System of Accounting

Double Entry System of Accounting CHAPTER 2 Double Enry Sysem of Accouning Sysem of Accouning \ The following are he main sysem of accouning for recording he business ransacions: (a) Cash Sysem of Accouning. (b) Mercanile or Accrual Sysem

More information

Automatic measurement and detection of GSM interferences

Automatic measurement and detection of GSM interferences Auomaic measuremen and deecion of GSM inerferences Poor speech qualiy and dropped calls in GSM neworks may be caused by inerferences as a resul of high raffic load. The radio nework analyzers from Rohde

More information

Efficient One-time Signature Schemes for Stream Authentication *

Efficient One-time Signature Schemes for Stream Authentication * JOURNAL OF INFORMATION SCIENCE AND ENGINEERING, 611-64 (006) Efficien One-ime Signaure Schemes for Sream Auhenicaion * YONGSU PARK AND YOOKUN CHO + College of Informaion and Communicaions Hanyang Universiy

More information

Random Walk in 1-D. 3 possible paths x vs n. -5 For our random walk, we assume the probabilities p,q do not depend on time (n) - stationary

Random Walk in 1-D. 3 possible paths x vs n. -5 For our random walk, we assume the probabilities p,q do not depend on time (n) - stationary Random Walk in -D Random walks appear in many cones: diffusion is a random walk process undersanding buffering, waiing imes, queuing more generally he heory of sochasic processes gambling choosing he bes

More information

Price elasticity of demand for crude oil: estimates for 23 countries

Price elasticity of demand for crude oil: estimates for 23 countries Price elasiciy of demand for crude oil: esimaes for 23 counries John C.B. Cooper Absrac This paper uses a muliple regression model derived from an adapaion of Nerlove s parial adjusmen model o esimae boh

More information

Risk Modelling of Collateralised Lending

Risk Modelling of Collateralised Lending Risk Modelling of Collaeralised Lending Dae: 4-11-2008 Number: 8/18 Inroducion This noe explains how i is possible o handle collaeralised lending wihin Risk Conroller. The approach draws on he faciliies

More information

Sampling Time-Based Sliding Windows in Bounded Space

Sampling Time-Based Sliding Windows in Bounded Space Sampling Time-Based Sliding Windows in Bounded Space Rainer Gemulla Technische Universiä Dresden 01062 Dresden, Germany gemulla@inf.u-dresden.de Wolfgang Lehner Technische Universiä Dresden 01062 Dresden,

More information

Term Structure of Prices of Asian Options

Term Structure of Prices of Asian Options Term Srucure of Prices of Asian Opions Jirô Akahori, Tsuomu Mikami, Kenji Yasuomi and Teruo Yokoa Dep. of Mahemaical Sciences, Risumeikan Universiy 1-1-1 Nojihigashi, Kusasu, Shiga 525-8577, Japan E-mail:

More information

Task is a schedulable entity, i.e., a thread

Task is a schedulable entity, i.e., a thread Real-Time Scheduling Sysem Model Task is a schedulable eniy, i.e., a hread Time consrains of periodic ask T: - s: saring poin - e: processing ime of T - d: deadline of T - p: period of T Periodic ask T

More information

Chapter 7. Response of First-Order RL and RC Circuits

Chapter 7. Response of First-Order RL and RC Circuits Chaper 7. esponse of Firs-Order L and C Circuis 7.1. The Naural esponse of an L Circui 7.2. The Naural esponse of an C Circui 7.3. The ep esponse of L and C Circuis 7.4. A General oluion for ep and Naural

More information

CALCULATION OF OMX TALLINN

CALCULATION OF OMX TALLINN CALCULATION OF OMX TALLINN CALCULATION OF OMX TALLINN 1. OMX Tallinn index...3 2. Terms in use...3 3. Comuaion rules of OMX Tallinn...3 3.1. Oening, real-ime and closing value of he Index...3 3.2. Index

More information

Market Liquidity and the Impacts of the Computerized Trading System: Evidence from the Stock Exchange of Thailand

Market Liquidity and the Impacts of the Computerized Trading System: Evidence from the Stock Exchange of Thailand 36 Invesmen Managemen and Financial Innovaions, 4/4 Marke Liquidiy and he Impacs of he Compuerized Trading Sysem: Evidence from he Sock Exchange of Thailand Sorasar Sukcharoensin 1, Pariyada Srisopisawa,

More information

CHARGE AND DISCHARGE OF A CAPACITOR

CHARGE AND DISCHARGE OF A CAPACITOR REFERENCES RC Circuis: Elecrical Insrumens: Mos Inroducory Physics exs (e.g. A. Halliday and Resnick, Physics ; M. Sernheim and J. Kane, General Physics.) This Laboraory Manual: Commonly Used Insrumens:

More information

Acceleration Lab Teacher s Guide

Acceleration Lab Teacher s Guide Acceleraion Lab Teacher s Guide Objecives:. Use graphs of disance vs. ime and velociy vs. ime o find acceleraion of a oy car.. Observe he relaionship beween he angle of an inclined plane and he acceleraion

More information

SKF Documented Solutions

SKF Documented Solutions SKF Documened Soluions Real world savings and we can prove i! How much can SKF save you? Le s do he numbers. The SKF Documened Soluions Program SKF is probably no he firs of your supplier parners o alk

More information

Constant Data Length Retrieval for Video Servers with Variable Bit Rate Streams

Constant Data Length Retrieval for Video Servers with Variable Bit Rate Streams IEEE Inernaional Conference on Mulimedia Compuing & Sysems, June 17-3, 1996, in Hiroshima, Japan, p. 151-155 Consan Lengh Rerieval for Video Servers wih Variable Bi Rae Sreams Erns Biersack, Frédéric Thiesse,

More information

Markit Excess Return Credit Indices Guide for price based indices

Markit Excess Return Credit Indices Guide for price based indices Marki Excess Reurn Credi Indices Guide for price based indices Sepember 2011 Marki Excess Reurn Credi Indices Guide for price based indices Conens Inroducion...3 Index Calculaion Mehodology...4 Semi-annual

More information

Appendix D Flexibility Factor/Margin of Choice Desktop Research

Appendix D Flexibility Factor/Margin of Choice Desktop Research Appendix D Flexibiliy Facor/Margin of Choice Deskop Research Cheshire Eas Council Cheshire Eas Employmen Land Review Conens D1 Flexibiliy Facor/Margin of Choice Deskop Research 2 Final Ocober 2012 \\GLOBAL.ARUP.COM\EUROPE\MANCHESTER\JOBS\200000\223489-00\4

More information

Single-machine Scheduling with Periodic Maintenance and both Preemptive and. Non-preemptive jobs in Remanufacturing System 1

Single-machine Scheduling with Periodic Maintenance and both Preemptive and. Non-preemptive jobs in Remanufacturing System 1 Absrac number: 05-0407 Single-machine Scheduling wih Periodic Mainenance and boh Preempive and Non-preempive jobs in Remanufacuring Sysem Liu Biyu hen Weida (School of Economics and Managemen Souheas Universiy

More information

Making Use of Gate Charge Information in MOSFET and IGBT Data Sheets

Making Use of Gate Charge Information in MOSFET and IGBT Data Sheets Making Use of ae Charge Informaion in MOSFET and IBT Daa Shees Ralph McArhur Senior Applicaions Engineer Advanced Power Technology 405 S.W. Columbia Sree Bend, Oregon 97702 Power MOSFETs and IBTs have

More information

A Universal Pricing Framework for Guaranteed Minimum Benefits in Variable Annuities *

A Universal Pricing Framework for Guaranteed Minimum Benefits in Variable Annuities * A Universal Pricing Framework for Guaraneed Minimum Benefis in Variable Annuiies * Daniel Bauer Deparmen of Risk Managemen and Insurance, Georgia Sae Universiy 35 Broad Sree, Alana, GA 333, USA Phone:

More information

Working Paper No. 482. Net Intergenerational Transfers from an Increase in Social Security Benefits

Working Paper No. 482. Net Intergenerational Transfers from an Increase in Social Security Benefits Working Paper No. 482 Ne Inergeneraional Transfers from an Increase in Social Securiy Benefis By Li Gan Texas A&M and NBER Guan Gong Shanghai Universiy of Finance and Economics Michael Hurd RAND Corporaion

More information

MTH6121 Introduction to Mathematical Finance Lesson 5

MTH6121 Introduction to Mathematical Finance Lesson 5 26 MTH6121 Inroducion o Mahemaical Finance Lesson 5 Conens 2.3 Brownian moion wih drif........................... 27 2.4 Geomeric Brownian moion........................... 28 2.5 Convergence of random

More information

ANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS

ANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS ANALYSIS AND COMPARISONS OF SOME SOLUTION CONCEPTS FOR STOCHASTIC PROGRAMMING PROBLEMS R. Caballero, E. Cerdá, M. M. Muñoz and L. Rey () Deparmen of Applied Economics (Mahemaics), Universiy of Málaga,

More information

Chapter 2 Kinematics in One Dimension

Chapter 2 Kinematics in One Dimension Chaper Kinemaics in One Dimension Chaper DESCRIBING MOTION:KINEMATICS IN ONE DIMENSION PREVIEW Kinemaics is he sudy of how hings moe how far (disance and displacemen), how fas (speed and elociy), and how

More information

µ r of the ferrite amounts to 1000...4000. It should be noted that the magnetic length of the + δ

µ r of the ferrite amounts to 1000...4000. It should be noted that the magnetic length of the + δ Page 9 Design of Inducors and High Frequency Transformers Inducors sore energy, ransformers ransfer energy. This is he prime difference. The magneic cores are significanly differen for inducors and high

More information

Performance Center Overview. Performance Center Overview 1

Performance Center Overview. Performance Center Overview 1 Performance Cener Overview Performance Cener Overview 1 ODJFS Performance Cener ce Cener New Performance Cener Model Performance Cener Projec Meeings Performance Cener Execuive Meeings Performance Cener

More information

Analysis of Pricing and Efficiency Control Strategy between Internet Retailer and Conventional Retailer

Analysis of Pricing and Efficiency Control Strategy between Internet Retailer and Conventional Retailer Recen Advances in Business Managemen and Markeing Analysis of Pricing and Efficiency Conrol Sraegy beween Inerne Reailer and Convenional Reailer HYUG RAE CHO 1, SUG MOO BAE and JOG HU PARK 3 Deparmen of

More information

Inductance and Transient Circuits

Inductance and Transient Circuits Chaper H Inducance and Transien Circuis Blinn College - Physics 2426 - Terry Honan As a consequence of Faraday's law a changing curren hrough one coil induces an EMF in anoher coil; his is known as muual

More information

Return Calculation of U.S. Treasury Constant Maturity Indices

Return Calculation of U.S. Treasury Constant Maturity Indices Reurn Calculaion of US Treasur Consan Mauri Indices Morningsar Mehodolog Paper Sepeber 30 008 008 Morningsar Inc All righs reserved The inforaion in his docuen is he proper of Morningsar Inc Reproducion

More information

UNDERSTANDING THE DEATH BENEFIT SWITCH OPTION IN UNIVERSAL LIFE POLICIES. Nadine Gatzert

UNDERSTANDING THE DEATH BENEFIT SWITCH OPTION IN UNIVERSAL LIFE POLICIES. Nadine Gatzert UNDERSTANDING THE DEATH BENEFIT SWITCH OPTION IN UNIVERSAL LIFE POLICIES Nadine Gazer Conac (has changed since iniial submission): Chair for Insurance Managemen Universiy of Erlangen-Nuremberg Lange Gasse

More information

Statistical Analysis with Little s Law. Supplementary Material: More on the Call Center Data. by Song-Hee Kim and Ward Whitt

Statistical Analysis with Little s Law. Supplementary Material: More on the Call Center Data. by Song-Hee Kim and Ward Whitt Saisical Analysis wih Lile s Law Supplemenary Maerial: More on he Call Cener Daa by Song-Hee Kim and Ward Whi Deparmen of Indusrial Engineering and Operaions Research Columbia Universiy, New York, NY 17-99

More information

C Fast-Dealing Property Trading Game C

C Fast-Dealing Property Trading Game C AGES 8+ C Fas-Dealing Propery Trading Game C Y Collecor s Ediion Original MONOPOLY Game Rules plus Special Rules for his Ediion. CONTENTS Game board, 6 Collecible okens, 28 Tile Deed cards, 16 Wha he Deuce?

More information

Keldysh Formalism: Non-equilibrium Green s Function

Keldysh Formalism: Non-equilibrium Green s Function Keldysh Formalism: Non-equilibrium Green s Funcion Jinshan Wu Deparmen of Physics & Asronomy, Universiy of Briish Columbia, Vancouver, B.C. Canada, V6T 1Z1 (Daed: November 28, 2005) A review of Non-equilibrium

More information

CLASSIFICATION OF REINSURANCE IN LIFE INSURANCE

CLASSIFICATION OF REINSURANCE IN LIFE INSURANCE CLASSIFICATION OF REINSURANCE IN LIFE INSURANCE Kaarína Sakálová 1. Classificaions of reinsurance There are many differen ways in which reinsurance may be classified or disinguished. We will discuss briefly

More information

DDoS Attacks Detection Model and its Application

DDoS Attacks Detection Model and its Application DDoS Aacks Deecion Model and is Applicaion 1, MUHAI LI, 1 MING LI, XIUYING JIANG 1 School of Informaion Science & Technology Eas China Normal Universiy No. 500, Dong-Chuan Road, Shanghai 0041, PR. China

More information

Entropy: From the Boltzmann equation to the Maxwell Boltzmann distribution

Entropy: From the Boltzmann equation to the Maxwell Boltzmann distribution Enropy: From he Bolzmann equaion o he Maxwell Bolzmann disribuion A formula o relae enropy o probabiliy Ofen i is a lo more useful o hink abou enropy in erms of he probabiliy wih which differen saes are

More information

Optimal Investment and Consumption Decision of Family with Life Insurance

Optimal Investment and Consumption Decision of Family with Life Insurance Opimal Invesmen and Consumpion Decision of Family wih Life Insurance Minsuk Kwak 1 2 Yong Hyun Shin 3 U Jin Choi 4 6h World Congress of he Bachelier Finance Sociey Torono, Canada June 25, 2010 1 Speaker

More information

Chapter 6: Business Valuation (Income Approach)

Chapter 6: Business Valuation (Income Approach) Chaper 6: Business Valuaion (Income Approach) Cash flow deerminaion is one of he mos criical elemens o a business valuaion. Everyhing may be secondary. If cash flow is high, hen he value is high; if he

More information

II.1. Debt reduction and fiscal multipliers. dbt da dpbal da dg. bal

II.1. Debt reduction and fiscal multipliers. dbt da dpbal da dg. bal Quarerly Repor on he Euro Area 3/202 II.. Deb reducion and fiscal mulipliers The deerioraion of public finances in he firs years of he crisis has led mos Member Saes o adop sizeable consolidaion packages.

More information

Present Value Methodology

Present Value Methodology Presen Value Mehodology Econ 422 Invesmen, Capial & Finance Universiy of Washingon Eric Zivo Las updaed: April 11, 2010 Presen Value Concep Wealh in Fisher Model: W = Y 0 + Y 1 /(1+r) The consumer/producer

More information

RC, RL and RLC circuits

RC, RL and RLC circuits Name Dae Time o Complee h m Parner Course/ Secion / Grade RC, RL and RLC circuis Inroducion In his experimen we will invesigae he behavior of circuis conaining combinaions of resisors, capaciors, and inducors.

More information

LEASING VERSUSBUYING

LEASING VERSUSBUYING LEASNG VERSUSBUYNG Conribued by James D. Blum and LeRoy D. Brooks Assisan Professors of Business Adminisraion Deparmen of Business Adminisraion Universiy of Delaware Newark, Delaware The auhors discuss

More information

DYNAMIC MODELS FOR VALUATION OF WRONGFUL DEATH PAYMENTS

DYNAMIC MODELS FOR VALUATION OF WRONGFUL DEATH PAYMENTS DYNAMIC MODELS FOR VALUATION OF WRONGFUL DEATH PAYMENTS Hong Mao, Shanghai Second Polyechnic Universiy Krzyszof M. Osaszewski, Illinois Sae Universiy Youyu Zhang, Fudan Universiy ABSTRACT Liigaion, exper

More information

ACTUARIAL FUNCTIONS 1_05

ACTUARIAL FUNCTIONS 1_05 ACTUARIAL FUNCTIONS _05 User Guide for MS Office 2007 or laer CONTENT Inroducion... 3 2 Insallaion procedure... 3 3 Demo Version and Acivaion... 5 4 Using formulas and synax... 7 5 Using he help... 6 Noaion...

More information

Table of contents Chapter 1 Interest rates and factors Chapter 2 Level annuities Chapter 3 Varying annuities

Table of contents Chapter 1 Interest rates and factors Chapter 2 Level annuities Chapter 3 Varying annuities Table of conens Chaper 1 Ineres raes and facors 1 1.1 Ineres 2 1.2 Simple ineres 4 1.3 Compound ineres 6 1.4 Accumulaed value 10 1.5 Presen value 11 1.6 Rae of discoun 13 1.7 Consan force of ineres 17

More information

Module 3 Design for Strength. Version 2 ME, IIT Kharagpur

Module 3 Design for Strength. Version 2 ME, IIT Kharagpur Module 3 Design for Srengh Lesson 2 Sress Concenraion Insrucional Objecives A he end of his lesson, he sudens should be able o undersand Sress concenraion and he facors responsible. Deerminaion of sress

More information

1.2 Goals for Animation Control

1.2 Goals for Animation Control A Direc Manipulaion Inerface for 3D Compuer Animaion Sco Sona Snibbe y Brown Universiy Deparmen of Compuer Science Providence, RI 02912, USA Absrac We presen a new se of inerface echniques for visualizing

More information

Distributing Human Resources among Software Development Projects 1

Distributing Human Resources among Software Development Projects 1 Disribuing Human Resources among Sofware Developmen Proecs Macario Polo, María Dolores Maeos, Mario Piaini and rancisco Ruiz Summary This paper presens a mehod for esimaing he disribuion of human resources

More information

Measuring macroeconomic volatility Applications to export revenue data, 1970-2005

Measuring macroeconomic volatility Applications to export revenue data, 1970-2005 FONDATION POUR LES ETUDES ET RERS LE DEVELOPPEMENT INTERNATIONAL Measuring macroeconomic volailiy Applicaions o expor revenue daa, 1970-005 by Joël Cariolle Policy brief no. 47 March 01 The FERDI is a

More information

Answer, Key Homework 2 David McIntyre 45123 Mar 25, 2004 1

Answer, Key Homework 2 David McIntyre 45123 Mar 25, 2004 1 Answer, Key Homework 2 Daid McInyre 4123 Mar 2, 2004 1 This prin-ou should hae 1 quesions. Muliple-choice quesions may coninue on he ne column or page find all choices before making your selecion. The

More information

CRISES AND THE FLEXIBLE PRICE MONETARY MODEL. Sarantis Kalyvitis

CRISES AND THE FLEXIBLE PRICE MONETARY MODEL. Sarantis Kalyvitis CRISES AND THE FLEXIBLE PRICE MONETARY MODEL Saranis Kalyviis Currency Crises In fixed exchange rae regimes, counries rarely abandon he regime volunarily. In mos cases, raders (or speculaors) exchange

More information

The Real Business Cycle paradigm. The RBC model emphasizes supply (technology) disturbances as the main source of

The Real Business Cycle paradigm. The RBC model emphasizes supply (technology) disturbances as the main source of Prof. Harris Dellas Advanced Macroeconomics Winer 2001/01 The Real Business Cycle paradigm The RBC model emphasizes supply (echnology) disurbances as he main source of macroeconomic flucuaions in a world

More information

Information Theoretic Evaluation of Change Prediction Models for Large-Scale Software

Information Theoretic Evaluation of Change Prediction Models for Large-Scale Software Informaion Theoreic Evaluaion of Change Predicion Models for Large-Scale Sofware Mina Askari School of Compuer Science Universiy of Waerloo Waerloo, Canada maskari@uwaerloo.ca Ric Hol School of Compuer

More information

Distributed Online Localization in Sensor Networks Using a Moving Target

Distributed Online Localization in Sensor Networks Using a Moving Target Disribued Online Localizaion in Sensor Neworks Using a Moving Targe Aram Galsyan 1, Bhaskar Krishnamachari 2, Krisina Lerman 1, and Sundeep Paem 2 1 Informaion Sciences Insiue 2 Deparmen of Elecrical Engineering-Sysems

More information

9. Capacitor and Resistor Circuits

9. Capacitor and Resistor Circuits ElecronicsLab9.nb 1 9. Capacior and Resisor Circuis Inroducion hus far we have consider resisors in various combinaions wih a power supply or baery which provide a consan volage source or direc curren

More information

Forecasting, Ordering and Stock- Holding for Erratic Demand

Forecasting, Ordering and Stock- Holding for Erratic Demand ISF 2002 23 rd o 26 h June 2002 Forecasing, Ordering and Sock- Holding for Erraic Demand Andrew Eaves Lancaser Universiy / Andalus Soluions Limied Inroducion Erraic and slow-moving demand Demand classificaion

More information

4. International Parity Conditions

4. International Parity Conditions 4. Inernaional ariy ondiions 4.1 urchasing ower ariy he urchasing ower ariy ( heory is one of he early heories of exchange rae deerminaion. his heory is based on he concep ha he demand for a counry's currency

More information

11/6/2013. Chapter 14: Dynamic AD-AS. Introduction. Introduction. Keeping track of time. The model s elements

11/6/2013. Chapter 14: Dynamic AD-AS. Introduction. Introduction. Keeping track of time. The model s elements Inroducion Chaper 14: Dynamic D-S dynamic model of aggregae and aggregae supply gives us more insigh ino how he economy works in he shor run. I is a simplified version of a DSGE model, used in cuing-edge

More information

The Greek financial crisis: growing imbalances and sovereign spreads. Heather D. Gibson, Stephan G. Hall and George S. Tavlas

The Greek financial crisis: growing imbalances and sovereign spreads. Heather D. Gibson, Stephan G. Hall and George S. Tavlas The Greek financial crisis: growing imbalances and sovereign spreads Heaher D. Gibson, Sephan G. Hall and George S. Tavlas The enry The enry of Greece ino he Eurozone in 2001 produced a dividend in he

More information

The Impact of Surplus Distribution on the Risk Exposure of With Profit Life Insurance Policies Including Interest Rate Guarantees.

The Impact of Surplus Distribution on the Risk Exposure of With Profit Life Insurance Policies Including Interest Rate Guarantees. The Impac of Surplus Disribuion on he Risk Exposure of Wih Profi Life Insurance Policies Including Ineres Rae Guaranees Alexander Kling 1 Insiu für Finanz- und Akuarwissenschafen, Helmholzsraße 22, 89081

More information

Predicting Stock Market Index Trading Signals Using Neural Networks

Predicting Stock Market Index Trading Signals Using Neural Networks Predicing Sock Marke Index Trading Using Neural Neworks C. D. Tilakarane, S. A. Morris, M. A. Mammadov, C. P. Hurs Cenre for Informaics and Applied Opimizaion School of Informaion Technology and Mahemaical

More information

As widely accepted performance measures in supply chain management practice, frequency-based service

As widely accepted performance measures in supply chain management practice, frequency-based service MANUFACTURING & SERVICE OPERATIONS MANAGEMENT Vol. 6, No., Winer 2004, pp. 53 72 issn 523-464 eissn 526-5498 04 060 0053 informs doi 0.287/msom.030.0029 2004 INFORMS On Measuring Supplier Performance Under

More information

Improvement of a TCP Incast Avoidance Method for Data Center Networks

Improvement of a TCP Incast Avoidance Method for Data Center Networks Improvemen of a Incas Avoidance Mehod for Daa Cener Neworks Kazuoshi Kajia, Shigeyuki Osada, Yukinobu Fukushima and Tokumi Yokohira The Graduae School of Naural Science and Technology, Okayama Universiy

More information

PATHWISE PROPERTIES AND PERFORMANCE BOUNDS FOR A PERISHABLE INVENTORY SYSTEM

PATHWISE PROPERTIES AND PERFORMANCE BOUNDS FOR A PERISHABLE INVENTORY SYSTEM PATHWISE PROPERTIES AND PERFORMANCE BOUNDS FOR A PERISHABLE INVENTORY SYSTEM WILLIAM L. COOPER Deparmen of Mechanical Engineering, Universiy of Minnesoa, 111 Church Sree S.E., Minneapolis, MN 55455 billcoop@me.umn.edu

More information

The Impact of Surplus Distribution on the Risk Exposure of With Profit Life Insurance Policies Including Interest Rate Guarantees

The Impact of Surplus Distribution on the Risk Exposure of With Profit Life Insurance Policies Including Interest Rate Guarantees 1 The Impac of Surplus Disribuion on he Risk Exposure of Wih Profi Life Insurance Policies Including Ineres Rae Guaranees Alexander Kling Insiu für Finanz- und Akuarwissenschafen, Helmholzsraße 22, 89081

More information

ARCH 2013.1 Proceedings

ARCH 2013.1 Proceedings Aricle from: ARCH 213.1 Proceedings Augus 1-4, 212 Ghislain Leveille, Emmanuel Hamel A renewal model for medical malpracice Ghislain Léveillé École d acuaria Universié Laval, Québec, Canada 47h ARC Conference

More information

Model-Based Monitoring in Large-Scale Distributed Systems

Model-Based Monitoring in Large-Scale Distributed Systems Model-Based Monioring in Large-Scale Disribued Sysems Diploma Thesis Carsen Reimann Chemniz Universiy of Technology Faculy of Compuer Science Operaing Sysem Group Advisors: Prof. Dr. Winfried Kalfa Dr.

More information

BALANCE OF PAYMENTS AND FINANCIAL MA REPORT 2015. All officiell statistik finns på: www.scb.se Statistikservice: tfn 08-506 948 01

BALANCE OF PAYMENTS AND FINANCIAL MA REPORT 2015. All officiell statistik finns på: www.scb.se Statistikservice: tfn 08-506 948 01 RKET BALANCE OF PAYMENTS AND FINANCIAL MA REPORT 2015 All officiell saisik finns på: www.scb.se Saisikservice: fn 08-506 948 01 All official saisics can be found a: www.scb.se Saisics service, phone +46

More information