Theorem 5 Clause Samples

Theorem 5. There exists a deterministic polynomial-time algorithm that, given a finite ring R and two finite R-modules M and N, one of which is projective, deter- mines whether there exists a surjection M → N. If one exists, the algorithm exhibits one such.

Theorem 5. There exists a deterministic polynomial-time algorithm that, given a finite ring R and a finite R-module M, outputs a projective cover of M.

Theorem 5. 2. Assume that δ > 0 or δ = 0, γ − r > σ2 and 0 ≤ k ≤ h( q ). Then the value of stock loan with automatic termination clause, cap and margin is given by ( 5.6) and (5.7). Moreover, if L > b then the stopping time τb ∧ τL is the optimal exercise time. If L ≤ b then τL is the optimal

Theorem 5. There exists a deterministic polynomial-time algorithm that, given a finite ring R and a R-module M, together with a generating set of cardinality d, for some d Z 0, determines if M is R-projective or not, and if it is, produces a splitting of the natural surjection Rd → M. Proof. Recall that M is projective if and only if the natural surjection f : Rd → M has a left inverse. The latter can be tested using Proposition 2.5.1, which will also produce a left inverse. 68 Algorithms for finite rings Second proof. Another way to determine whether M is projective comes as a conse- quence of Theorem 4.1.1, since M is projective if and only if M is a direct summand of Rd. We compute the largest isomorphic common direct summand of Rd and M , say S. If M =~ S, then M is projective and the isomorphism M S, which is also produced by the algorithm, induces a splitting of ▇▇ ▇ . Otherwise the algorithms concludes that M is not projective.

Theorem 5. If Mm is a von Mangoldt plane with a point where Gm < 0 and such that lim inf m(r) > 0, then

Theorem 5. For any USKE scheme uske = (UEnc, UDec) and hash function H, let the encryption scheme uske′ = (UEnc′, UDec′) be defined as follows: 1. It samples ks, kd randomly for its initial key k0′ = (ks, kd). 2. Then, the first time it uses UEnc′ or UDec′, it computes k0 dprf(ks, kd), and uses k0 as the first input to UEnc, UDec, with the corresponding message or ciphertext. 3. Then, for the next use of UEnc′ (resp. UDec′), it uses the key k1 (resp. k1′ ) output by ▇▇▇▇ (resp. UDec) in (2) above as input to UEnc (resp. UDec) again; and proceeds like l−12 If uske is (t, εcpa∗)-CPA* secure and dprf is modelled as a random oracle H, then uske′ is (t, εGSD)-adaptive GSD secure, where εGSD = 2N 2 εcpa∗ + mN , with N the number of nodes, m the number of oracle queries to H, l the length of The theorem can be proved almost identically to that of [3, Theorem 3]. We provide a sketch below for exposition. Proof (Sketch). We prove GSD security by a sequence of hybrids inerpolating between the real game GSD0 where the challenge query is answered with real key ky(= (ky, ky)) and the random game GSD1 where it is answered with an 0 s d independent uniformly random key in 2 (where we assume the dPRF key space is the same as the USKE key space). – Define G0 := GSD0, the real GSD game. – Let k′ ∈ K2 and v be the challenge node. For 1 ≤ i ≤ indeg(v) we define the hybrid game Gi as follows: The game is similar to Gi−1 except that the i-th query of the form (encrypt, u, v) is answered by UEnc(ku, k′(= (ks′ , k′ )).

Theorem 5. For every bivariate non-confluent Ore–Sato coefficient ϕ with generic parameters and every connected component M of c (ϕ) there is a pure Puiseux series basis fM,i, i = 1, . . . , rank(Horn(ϕ)), of the solution space of Horn(ϕ) such that the recession cone of the support of fM,i is contained in −CM∨ .

Theorem 5. For all k ≥ 2, the number of k-regular partitions of n ∈ N is given by 2π pk(n) = ΣD|k Σ gcd(k,m)=D s<ΣJ(k,D) pj(s)A(m, k − 1, n, s, D)L(m, k − 1, n, s, D).

Theorem 5. If Pke is IND-CCA2 secure, Sig is SEUF-CMA secure and calls to H1, H2, H and Mac AS KS are replaced by calls to a random oracle G, then MLS-Cutoff securely realizes (FI I , FCGKA) in the (FAS, FKS, G)-hybrid model. We provide some intuition on why the result holds. As MLS-Cutoff closely resembles MLS we are able to largely rely of the security proof of [AJM22]. The recent work of ▇▇▇▇▇▇▇ et al. [CGWZ25] shows that the signature scheme used must be SEUF-CMA secure rather than just EUF-CMA secure as originally stated in [AJM22], though their security proof already made use of SEUF-CMA security implicitly. We note that while in MLS-Cutoff update proposals lead to modifications to ratchet tree nodes beyond users’ personal leaves, it preserves the following property. For an update issuing user u denote their leaf by v0, consider their update path (v1, . . . , ▇▇), and assume that the keys of nodes v1, . . . , vk have been replaced after processing a commit to the update proposal and vk+1, . . . , ▇▇ have been blanked. Then all sub-trees rooted at the nodes sib(v0), ..., sib(vk) must be in the same state as they were when the update proposal was issued. Indeed, would this not be the case for one of the nodes, then it would have caused a collision of update proposals and been blanked. This has the consequence that, on the one hand, keys being added to the tree cannot be encrypted under a public key that was concurrently being replaced, and, on the other hand, that the added nodes are compatible with the parent hash mechanism.