MuSig

Transcript

1. MuSig — Simple Schnorr Multi-Signatures with Applications to Bitcoin —

   ʲ҉߸௨՟ྠಡձ#16ʳMuSig @ 01Booster 2018/3/12 ϑϩϯςΟΞύʔτφʔζ߹ಉձࣾ ૑ۀऀ&୅දCEO United Bitcoiners Inc. ڞಉ૑ۀऀ&औక໾CTO ࠓҪਸ໵

2. ࣗݾ঺հ United Bitcoiners Inc. ڞಉ૑ۀऀˍऔక໾CTO ϑϩϯςΟΞύʔτφʔζ߹ಉձࣾ ୅දCEO ϚελϦϯάϏοτίΠϯɺ຋༁ऀ୅ද ੈքͰॳΊͯͷɺ೔ຊޠʹΑΔϏοτίΠϯɾϒϩο ΫνΣʔϯͷৄࡉٕज़ॻ(NTTग़൛ࣾ)

   2016/7/14ग़൛ ిࢠॻ੶൛(kindle)΋ ΦʔϓϯΤσΟγϣϯ൛ https://www.bitcoinbook.info

3. ࣗݾ঺հ όοΫάϥ΢ϯυ ৽ׁେֶେֶӃɹૉཻࢠཧ࿦෺ཧɹത࢜(ཧ) ΧΧΫίϜ ݕࡧΤϯδϯ։ൃɹݕࡧαʔόΫϥελߏஙӡ༻ɹେن໛σʔλॲ ཧɹػցֶशɹը૾ೝࣝ σʔλλϫʔגࣜձࣾɹ୅දऔక໾

4. ࠓճͷ࿦จ Title: Simple Schnorr Multi-Signatures with Applications to Bitcoin Author:

   Gregory Maxwell, Andrew Poelstra, Yannick Seurin, and Pieter Wuille Article: https://eprint.iacr.org/2018/068.pdf Published: January 2018

5. ࠓճͷ࿦จ ࢲͷํͰ࿦จ಺༰ͷղऍΛؒҧ͍͑ͯΔՕॴ ͕͋Δͱࢥ͍·͢ͷͰɺෆ໌఺͸ݪ࿦จͰ֬ ೝ͍͖ͯͨͩ͠·͢Α͏͓ئ͍͍ͨ͠·͢ɻ ؒҧ͍఺͸΍͘͞͠ڭ͍͚͑ͯͨͩΔͱ͋Γ ͕͍ͨͰ͢ɻ

6. ͜ͷ࿦จͷํ਑ [࿦จͷAbstract͔Β] ৽͍͠γϡϊΞ(Schnorr)ϕʔεͷϚϧνγάωνϟεΩʔϜʢ͢ͳΘͪɺॺ໊ऀͷάϧʔϓ͕ڞ௨ͷϝοηʔδʹ୹ ͍ॺ໊Λੜ੒͢Δ͜ͱΛՄೳʹ͢ΔϓϩτίϧʣΛઆ໌͓ͯ͠Γɺ؆ૉެ։伴(plain public-key)ϞσϧͷதͰূ໌Մೳ ͳ҆શੑΛ࣋ͭ΋ͷͰ͢ɻ ϓϨΠϯެ։伴Ϟσϧͱ͸ɺॺ໊ऀʹ͸ެ։伴Λ࣋ͭ͜ͱͷΈ͕ཁٻ͞Εɺϓϩτίϧʹै͏લʹɺެ։伴ʹରԠ ͢Δൿີ伴ͷ஌ࣝΛূ໌ػؔ·ͨ͸ଞͷॺ໊ऀʹ஌ΒͤΔඞཁ͕ͳ͍͜ͱΛҙຯ͠·͢ɻ ຊ࿦จ͸ɺҎԼ2ͭͷ఺ͰBellare and

   NevenʢACM-CCS 2006ʣ͓Αͼͦͷมछ BagarezandiΒʢACM-CCS 2008ʣ· ͨ͸MaΒʢDes. Codes Cryptogr. 2010ʣͷ࠷ઌ୺εΩʔϜΑΓ΋վળ͞Ε͍ͯ·͢ɻ ʢiʣBellare-NevenํࣜͷΑ͏ʹ3ճͰ͸ͳ͘ɺඪ४తͳγϡϊΞॺ໊ͱಉ͡伴ͱॺ໊αΠζͰ2ճͷ௨৴Λߦ͏͚ͩ ͰɺγϯϓϧͰޮ཰తͰ͢ɻ ʢiiʣ伴ू໿(ΩʔΞάϦήʔγϣϯɺkey aggregation)ΛՄೳʹ͠·͢ɻ͜Ε͸ɺॺ໊ऀͷݸʑͷެ։伴͔Βܭࢉ͢Δ ͜ͱ͕Ͱ͖Δ୯Ұͷʮू໿ʯެ։伴(aggregated public-key)ʹؔͯ͠ɺ߹ಉॺ໊(joint signature)͕ඪ४ͷγϡϊΞॺ໊ͱ ਖ਼֬ʹর߹Ͱ͖Δ͜ͱΛҙຯ͠·͢ɻ ͜Ε͸ɺඪ४తͳ཭ࢄର਺໰୊ΑΓڧ͍҆શੑԾఆΛ՝͢ϫϯϞΞ཭ࢄର਺໰୊(One More Discrete Logarithm, OMDL)Λલఏͱ͠ɺ෼྾ิ୊(ϑΥʔΩϯάϨϯϚɺForking Lemma, Spliting Lemma)ͷ2ճͷݺͼग़͠ʹΑΔΑΓ؇΍ ͔ͳηΩϡϦςΟ௿ԼΛ΋ͬͯߦΘΕ·͢ɻ Ԡ༻ͱͯ͠ɺ৽͍͠ϚϧνγάωνϟεΩʔϜ͕ϏοτίΠϯͷύϑΥʔϚϯεͱϢʔβʔͷϓϥΠόγʔͷ྆ํΛ ͲͷΑ͏ʹվળͰ͖Δ͔Λઆ໌͠·͢ɻ

7. BitcoinͷεέʔϦϯά໰୊ w 5SBOTBDUJPOT
   JO
   POF
   CMPDL
   JT
   GVMM
   w .#
   QFS
   CMPDL
   w *ODSFBTF
   PG
   #JUDPJO
   CMPDLDIBJO
   EBUB
   TJ[F
   w )JHI
   59
   GFF
   w

   FY
   
   TBUPTIJ
   
   CZUF
   w d
   
   59
   QFS
   TFDPOE
   w 
   NJO
   CMPDL
   UJNF
   w 
   .CZUFT
   
   
   CZUFT
   
   
   NJO
   
   
   TFDPOE
   
   
   59
   QFS
   TFDPOE
   w 5IJT
   CMPDL
   UJNF
   JT
   OFDFTTBSZ
   GPS
   TUBCMF
   #JUDPJO
   CMPDLDIBJO
   BOE
   JT
   FOPVHI
   GPS
   VTVBM
   CJUDPJO
   QBZNFOU
   w #VU
   JU
   JT
   WFSZ
   TMPX
   DPNQBSJOH
   XJUI
   DSFEJU
   DBSE
   PS
   /'$
   w ʜ
8. None

9. 160GB

10. 4.6tx/sec

11. https://bitcoinfees.info 4000ԁ͘Β͍/tx

12. ͍Ζ͍Ζͳղܾࡦ ΦϯνΣʔϯଆ αΠυνΣʔϯ/υϥΠϒνΣʔϯ SegWit (Segregated Witness) ϏοάϒϩοΫ γϡϊΞॺ໊(Schnorr Signature) ΦϑνΣʔϯଆ

    ϥΠτχϯάωοτϫʔΫ

13. γϡϊΞॺ໊͕ ͳͥεέʔϦϯά໰୊ʹΑ͍͔ʁ m-of-nϚϧνγάΞυϨεͷUTXOΛ࢖͏ͱ͖ʹɺunlocking script ͱredeem scriptʹͦΕͧΕmݸͷॺ໊ɺnݸͷެ։伴Λஔ͔ͳ͍ͱ͍ ͚ͳ͍ ̍ݸͰ͋Ε͹ͱΓ͍͍͕͋͑ͣɺෳ਺ͷॺ໊ɺެ։伴ΛͦΕͧΕ̍ ݸͣͭʹͰ͖Ε͹τϥϯβΫγϣϯͷσʔλαΠζΛখ͘͞Ͱ͖Δ τϥϯβΫγϣϯͷσʔλαΠζ͕খ͘͞ͳΔͱɺ̍ϒϩοΫʹೖ

    ΔτϥϯβΫγϣϯͷ਺͕૿͑ɺॲཧՄೳͳτϥϯβΫγϣϯ਺ Λ૿΍ͤΔ

14. ஫ҙ ECDSA(ପԁؔ਺σδλϧॺ໊)Ͱ͸ͳ͍ ओுͦͷ΋ͷ͸m-of-nϚϧνγάωνϟͰ͸ͳ͘n-of-nϚϧν γάωνϟ ϏοτίΠϯʹ࢖͏ʹ͸ɺ·ͩௐ੔͕ඞཁ ࢀর https://blockstream.com/2018/01/23/musig-key-aggregation- schnorr-signatures.html

15. γϡϊΞॺ໊(Schnorr Signature) Schnorrॺ໊(ΦϦδφϧ) ࢀߟ: ೔޲͞Μͷઆ໌ https://blog.visvirial.com/articles/721#i-10

16. γϡϊΞॺ໊(Schnorr Signature) هड़๏ G: p࣍८ճ܈ g: Gͷੜ੒ݩ m: ॺ໊ର৅ϝοηʔδ x:

    ൿີ伴(੔਺) X: ެ։伴, X = g x H(ɾ): ϋογϡؔ਺ ॺ໊࡞੒ ཚ਺rΛબͿ([0,p-1]) R = g r mod p c = H(X, R, m) ஫: ͜Εʹҧ࿨ײΛײ͡Δํ͕͍Δͱࢥ͍·͢ɻ௨ৗ͸c = H(R, m)ɻ s = r + cx mod p ͜ͷͱ͖ɺॺ໊Λ(R, s)ͱ͢Δɻ ஫: c, s, ॺ໊ʹҧ࿨ײΛײ͡Δํ͕͍Δͱࢥ͍·͢ɻ௨ৗc = H(R, m)ɺs = r - cx ɺॺ໊͸(c, s)ɻॺ໊ʹ͍ͭͯ͸p22 Discussionʹͯٞ࿦ɻ ॺ໊ݕূ g s = RX c ͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹ॺ໊͸ਖ਼͍͠ɻ ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼ ஫: ࿦จͰ͸͜͏ͳͬͯ·͢ɻ௨ৗͱҧ͏ॺ໊ݕূ౳ࣜͰ͢ɻ ·ͨfiat-shamirม׵͸ෆཁʁͱ͍͏ͷ΋ٙ໰఺Ͱ͢ɻ

17. γϯϓϧͳ֦ுͰΑ͍ͷͰ͸ʁ લϖʔδͷγϡϊΞॺ໊Λ୯७ʹϚϧνγά ωνϟʹ֦ுͰ͖Δɻ ݁࿦Λઌʹݴ͏ͱɺ͜Ε͸੬ऑੑΛؚΜͰ͠ ·͏

18. γϡϊΞॺ໊ͷ γϯϓϧͳϚϧνγάωνϟ֦ு هड़๏ G: p࣍८ճ܈ g: Gͷੜ੒ݩ m: ॺ໊ର৅ϝοηʔδ i:

    ॺ໊ऀʹৼͬͨ൪߸([1, n]) x i : ൿີ伴, {x 1 , …, x n } X i : ެ։伴, {X 1 =g x1 , …, X n =g xn } (x1͸x 1 ͷҙຯ) H(ɾ): ϋογϡؔ਺ ॺ໊࡞੒ ཚ਺ri ΛબͿ([0,p-1]) Ri = g ri mod p R = R1 R2 …Rn X~ = X1 X2 …Xn , (X~ ͷ~͸Xͷ্ͷҙ) c = H(X~, R, m) si = ri + cxi mod p s = s1 +s2 +…+sn ͜ͷͱ͖ɺॺ໊Λ(R, s)ͱ͢Δɻ ॺ໊ݕূ g s = RX c ͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹ॺ ໊͸ਖ਼͍͠ɻ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼

19. ൺֱ ॺ໊ू໿ͳ͠ ॺ໊࡞੒ ཚ਺rΛબͿ([0,p-1]) R = g r mod p

    c = H(X, R, m) s = r + cx mod p ͜ͷͱ͖ɺॺ໊Λ(R, s)ͱ͢Δɻ ॺ໊ݕূ g s = RX c ͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹ ॺ໊͸ਖ਼͍͠ɻ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼ ॺ໊ू໿͋Γ ॺ໊࡞੒ ཚ਺r i ΛબͿ([0,p-1]) R i = g ri mod p R = R 1 R 2 …R n X~ = X 1 X 2 …X n , (X~ ͷ~͸Xͷ্ͷҙ) c = H(X~, R, m) s i = r i + cx i mod p s = s 1 +s 2 +…+s n ͜ͷͱ͖ɺॺ໊Λ(R, s)ͱ͢Δɻ ॺ໊ݕূ g s = RX c ͕੒Γཱ͔ͭͲ͏͔Λ֬ೝɻ੒Γཱͯ͹ ॺ໊͸ਖ਼͍͠ɻ੒Γཱͨͳ͚Ε͹ॺ໊͸ෆਖ਼

20. ΩʔΞάϦήʔγϣϯͰ໰୊ͱͳΔ߈ܸ — Rogue Key ߈ܸ — Rogue Key߈ܸ Alice(ળਓ): ެ։伴X

    a ɺBob(ѱਓ): ެ։伴X b ू໿ެ։伴Λ࡞Δͱ͖ʹɺAlice͸Bobʹެ։伴ΛૹΔɻ ࣍ʹɺBob͸X b ΛAliceʹૹΔͷͰ͸ͳ͘ɺX b /X a ΛBobͷެ։伴ͱͯ͠ૹΔɻ Alice͸ू໿ެ։伴(ຊ౰͸X a X b ɺ͔͠͠X b /X a *X a = X b ʹͳ͍ͬͯΔ)Λ࡞੒͠ɺ͜ͷΞυϨε΁ͷࢧ෷͍ ͱͯ͠τϥϯβΫγϣϯΛϒϩʔυΩϟετ Bob͸X b ʹରԠͨ͠ൿີ伴x b Λ࢖͖ͬͯ͞΄ͲͷτϥϯβΫγϣϯʹର͢Δॺ໊Λ࡞੒͠ɺAliceʹແஅ ͰτϥϯβΫγϣϯΛ࢖͑ͯ͠·͏ ؆қతͳղܾํ๏ Bob͕ૹ͖ͬͯͨެ։伴ʹର͢Δൿີ伴ΛBob͕ؒҧ͍ͳ͍࣋ͬͯ͘Δ͜ͱΛূ໌͢ΔखஈΛ࣋ͭ͜ͱ (ೝূػؔ౳)

21. ͜ͷ؆қղܾ๏͸໘౗ ͍͍ͪͪൿີ伴ͷอ࣋Λ֬ೝ͠ͳ͍ͱ͍͚ͳ͍ͷ͸໘ ౗ ެ։伴ͷอ͚࣋ͩͰΑ͍Α͏ʹ͠ͳ͍ͱ͍͚ͳ͍ ެ։伴ͷอ͚࣋ͩͰΑ͘ɺൿີ伴ͷอ࣋ͷ֬ೝΛෆཁ ʹ͢ΔલఏʹཱͭϞσϧΛɺ؆ૉެ։伴(Plain Public- Key)Ϟσϧͱݴ͍ɺ͜ͷ࿦จͷओு͕ຬͨ͢΂͖લఏ

22. ͪΐͬͱԣಓ(key prefixed) ௨ৗͷγϡϊΞॺ໊ʹग़ͯ͘Δͷ͸ҎԼͷܗ c = H(R, m) ͜ͷ࿦จͰ͸͜͏ɻ c =

    H(X, R, m) ͜ΕΛkey prefixedεΩʔϜͱ͍͏ɻ

23. ຊ࿦จͰͷఏҊํ๏

24. γϯϓϧͳ΋ͷͱԿ͕ҧ͏ʁ ϋογϡؔ਺Λ̎छྨ༻ҙ H0 ɺH1 cΛҎԼʹมߋ c = H1 (X~, R,

    m) ू໿ެ։伴ΛҎԼʹมߋ X~ = X1 a1 X2 a2 …Xn an ai = H0 (<L>, Xi ) L = {X1 , …, Xn } <L> = unique encoding(L) ࿦จϦϑΝϨϯε[BN06]ͷΑ͏ͳ༧උతίϛο τϝϯτϑΣΠζΛͳͨ͘͠ OMDL(ϫϯϞΞ཭ࢄର਺໰୊, One More Discrete Logarithm)Λલఏͱ͠ͳ͍ͱ͍͚ͳ ͍(ղऍΛؒҧ͍͑ͯΔ͔΋͠Ε·ͤΜ) ͜Ε͸௨ৗͷ཭ࢄର਺໰୊ΑΓ΋ɺΑΓղ ͖೉͍໰୊ cͷܭࢉΛ̎ͭʹ෼͚Δ͜ͱͰɺϋογϡؔ਺ ͕̎ͭʹͳΓɺηΩϡϦςΟূ໌Ͱ෼྾ิ୊ (Forking Lemma)Λ̎ճ࢖Θͳ͍ͱ͍͚ͳ͍ ͜ΕʹΑͬͯɺূ໌Ͱ͖ΔηΩϡϦςΟڧ ౓͕Լ͕ͬͯ͠·͏(ղऍΛؒҧ͍͑ͯΔ͔ ΋͠Ε·ͤΜɻ͜ͷ৔߹ͷηΩϡϦςΟڧ ౓ͷఆ͕ٛ·ͩࣗ෼ͷதͰ͋΍;΍Ͱ͢)

25. γϯϓϧͳ΋ͷͱԿ͕ҧ͏ʁ ࣭໰Ͱࢦఠ͕͋ͬͨͷͰهࡌ ͳͥຊ࿦จͷఏҊํ๏ͩͱRogue Key߈ܸ͕ޮ͔ͳ͍͔ʁ શͯͷa i ͸શެ։伴ͷ৘ใΛؚΉLͱɺa i ʹରԠͨ͠X i

    ͕ͳ͍ͱ࡞Εͳ͍͕ɺଞͷਓͷެ։伴Λ ड͚औͬͨͷͪʹRogue Key߈ܸͷͨΊʹX i Λِ૷ͯ͠ӕͷ΋ͷʹม͑ͨͱͯ͠΋ɺX i Λม͑ͯ ͠·͏ͱa i ͚ͩͰͳ͘ଞͷa j≠i ΋มΘͬͯ͠·͏ͨΊɺ͏·͘߈ܸ͕੒ޭ͢ΔΑ͏ͳX i ͕બ΂ͳ ͍ σΟʔϓϥʔχϯά(χϡʔϥϧωοτϫʔΫ)ͰͷӅΕ૚ͷஞ࣍తॏΈߋ৽ͷΑ͏ͳํ๏Ͱ߈ܸ͕੒ ޭ͢ΔΑ͏ͳX i ͕બ΂ͦ͏ͳؾ͕͕ͨ͠ɺҎԼͷ఺ͰͰ͖ͳ͍ a i ͸ϋογϡؔ਺H 0 Λ௨ܾͯ͠·ΔͷͰɺҾ਺Λͪΐͬͱ͚ͩม͑ͯ΋a i ͸େ෯ʹ஋͕มΘΔ ͜ͷͨΊɺԾܾΊͨ͠X i ΛϕʔεʹX i ->a i ->X i ’->a i ’’->X i ’’->…ͷΑ͏ʹஞ࣍ߋ৽͍ͯͬͯ͠΋̎ ͭͷύϥϝʔλʔ͕ঃʑʹऩଋ͢ΔΑ͏ʹ͸ͳΒͳ͍

26. ECDSAͩͱॺ໊ू໿͸Ͱ͖ͳ͍ʁ ͜ͷ࿦จͰͷγϡϊΞεΩʔϜॺ໊Ͱॺ໊ू໿Λ΍ͬ ͯΈΔ 2ਓͷॺ໊ऀ͕͍ΔɻͦΕͧΕެ։伴ɺൿີ伴Λ࣋ ͭɻ ͔͜͜Βू໿ެ։伴Λ࡞੒ͨ͠৔߹ɺ֎෦ͷਓ͕ݸʑ ͷॺ໊ऀͷެ։伴Λ஌Δ͜ͱͳ͘ɺू໿ެ։伴͚ͩ Λ༻͍ͯॺ໊ݕূͰ͖Δ͔

27. ECDSAͩͱॺ໊ू໿͸Ͱ͖ͳ͍ʁ 2ਓͷॺ໊ऀ s1 , R1 , c, a1 , x1

    , X1 s2 , R2 , c, a2 , x2 , X2 ͜ͷͱ͖ɺҎԼ͕੒Γཱͭ g s1 =R1 X1 a1*c , g s2 =R2 X2 a2*c s=s1 +s2 , R=R1 R2 , X~=X1 a1 X2 a2 ͱ͢Δͱɺลʑಉ࢜Λ͔͚ͯ g s =R1 X1 a1*c R2 X2 a2*c =R1 R2 X1 a1*c X2 a2*c =R(X1 a1 X2 a2 ) c =RX~ c (͜ͷٯͷূ໌΋ඞཁͳ͸ͣɻٯ͸੒ཱ͠ͳ͍ʁ)

28. ECDSAͩͱॺ໊ू໿͸Ͱ͖ͳ͍ʁ https://ja.wikipedia.org/wiki/ପԁۂઢDSA ย΍ٯ਺ɺย΍࿨ͳͷͰ ୯७ʹ͸ॺ໊ू໿Ͱ͖ͳͦ͏Ͱ͕͢ɺ ݫີূ໌͸ʁ ࿦จϦϑΝϨϯε[MR01, GGN16, Lin17]

29. ΋ͬͱγϯϓϧʹ͸Ͱ͖ͳ͍ʁ a i = 1͸μϝ ͜ͷ৔߹͸୯७ͳ֦ுʹҰகͯ͠͠·͍ɺRogue Key߈ܸ͔Β੬ऑʹͳΔ a i =

    H 0 (X i )΋μϝ ѱਓॺ໊ऀ਺͕े෼େ͖͍ͱɺ߈ܸऀ͸WargnerͷΞϧΰϦζϜ(࿦จϦϑΝϨϯε [Wag02])Λ࢖ͬͯॺ໊Λِ଄ͯ͠ળਓऀͷ͓ۚΛ౪ΊΔɻ ߈ܸʹ͔͔Δ࣌ؒܭࢉྔΦʔμʔ͸O(2 2√k ) k͸८ճ܈GͷҐ਺pͷbit௕ ϥϯμϜ஋ r i ͷ࢖͍ճ͠͸ݫې ू໿伴ͷੜ੒աఔͰɺଞͷॺ໊ऀʹൿີ伴͕๫͔Εͯ͠·͍·͢

30. ϏοτίΠϯ΁ͷద༻

31. Ͱ΋ɺϏοτίΠϯʹରͯ͠ॺ໊ू໿ʹޮՌ͕͋Δͷ͸ ෳ਺ͷॺ໊ऀ͕͍Δͱ͖͚ͩͰ͸ʁ MuSig͸ɺෳ਺ͷΠϯϓοτͷॺ໊Λ̍ͭʹ·ͱΊΔ͜ ͱ΋೦಄ʹஔ͍͍ͯΔ Πϝʔδͱͯ͠͸ɺ૬ޓతू໿ॺ໊(IASɺInteractive Aggregated Signature)Λ࢖͏ɻ࿦จϦϑΝϨϯε[BN06] ͸ɺ͋ΒΏΔϚϧνγάωνϟεΩʔϜΛIASʹ֦ு͢ Δํ๏ΛఏҊ͍ͯ͠Δ [BN06]͸black

    boxεΩʔϜ

32. non black-box ૬ޓతू໿ॺ໊ ͔͠͠ɺ؆ૉެ։伴Ϟσϧ্Ͱͷblackbox ૬ޓతू ໿ॺ໊͸͏·͍͔͘ͳ͍ Appendix AͰ͜ΕΛূ໌ ͜ͷͨΊɺຊ࿦จͰ͸؆ૉެ։伴Ϟσϧ্Ͱͷnon black-box

    ૬ޓతू໿ॺ໊ΛఏҊ ͨͩ͠ɺ۩ମతͳఏҊ಺༰͸ͳ͠

33. ϏοτίΠϯ΁ͷద༻ m-of-nϚϧνγάωνϟ΁ͷద༻ n-of-nϚϧνγάωνϟ্ʹm-of-nϚϧνγάωνϟΛ࡞ΔͨΊ ʹɺϚʔΫϧπϦʔΛ࢖͏ํ๏͕͋Δ ू໿ެ։伴Λඞཁͳެ։伴Λ૊Έ߹Θͤ෼࡞ΓɺϚʔΫϧπ Ϧʔͷ༿ʹ഑ஔ͢ΔɻτϥϯβΫγϣϯʹஔ͍͓ͯ͘ͷ͸͜ͷ ϚʔΫϧϧʔτɻ ϚʔΫϧπϦʔͷࢬ෼ذΛ࡞Δͱ͖ʹɺू໿ެ։伴ͷ࡞Γ ํΛ࢖͏ʁ

34. ݸਓϦϑΝϨϯε աڈϓϨθϯࢿྉ https://www.slideshare.net/lawmn/presentations https://www.slideshare.net/takayaimai/presentations Linkedin https://www.linkedin.com/in/takaya-imai-4a915310

35. fin.