1 Introduction
Firstgeneration quantum computers will be implemented in the “cloud” style, since only few groups, such as governments or huge companies, will be able to possess such expensive and highmaintenance machines. In fact, IBM has recently opened their 16qubit machine for a cloud service
[34]. In a future when many companies provide their own quantum cloud computing services, a malicious company might emerge who is trying to palm a user off with a wrong result forged from their fake quantum computer. In addition, even if a fortunate user is interacting with a honest server, some noises in the server’s gate operations might change the result. How can a user verify the correctness of the server’s quantum computation? If the user has his/her own quantum computer, the user can of course check the server’s result, but in this case the user may not need the cloud service in the first place. If the solution of the problem is easily verifiable (e.g., integer factoring), the user can naturally verify the correctness of the server’s result, but many problems considered in quantum computing are not believed to have this property. Verifying classically and efficiently a server’s quantum computation is indeed in general highly nontrivial.It is known that if at least two servers, who are entangled but not communicating with each other, are allowed, then any problem solvable in quantum polynomial time can be verified by a classical polynomialtime user who exchanges classical messages with the servers [20, 24, 27]. However, the assumption that servers are not communicating with each other is somehow unrealistic: how can the user guarantee that remote servers are not communicating with each other?
Whether the number of the servers can be reduced to one is a wellknown open problem [4]. For certain computational problems solvable in quantum polynomial time, it is known that this can be done. Simon’s problem [31] and factoring [30] are trivial examples, since the answer can be directly checked in classical polynomial time. It is known that recursive Fourier sampling [10], which was the first problem that separates efficient quantum and classical computing, can be verified by a polynomial number of message exchanges with a single quantum server [23]. Moreover, it was shown that certain promise problems related to quantum circuits in the second level of the Fourier hierarchy [29] are verifiable by a classical polynomialtime user interacting with a single quantum server who sends only a single message to the user [12, 26].
Our results. In this paper we consider the problem of computing the order, i.e., the number of elements, of a finite group given as a blackbox group (the concept of blackbox groups is defined in Section 2). This problem is central in computational group theory, especially since the ability of computing the order makes possible to decide membership in subgroups. This problem has also been the subject of several investigations in computational complexity [1, 6, 7, 9, 32, 33]. The seminal result by Babai [6], especially, which put this problem in the complexity class AM, has been one of the fundamental motivations behind the concept of interactive proofs. Note that this is clearly a hard problem for classical computation: it is easy to show that no polynomialtime classical algorithm exists in the blackbox setting, even if the input is an abelian group [9].
Most of the known quantum algorithms that achieve exponential speedups with respect to the best known classical algorithms are for grouptheoretic problems, and especially problems over abelian groups. Shor’s algorithm for factoring [30], for instance, actually computes the order of a cyclic blackbox group. Watrous has shown that the group order problem can be solved in quantum polynomial time when the input group is solvable [33]. Since the class of solvable groups, defined in Section 2, is a large^{1}^{1}1It is known (see for instance [11]) that
In this paper we show that the group order problem over solvable groups is also verifiable with a single server. More formally, in Section 2, where we introduce the relevant model of interactive protocols, we will introduce the notation to denote the class of computational problems that are verifiable by a classical polynomialtime user interacting in messages with a server who works in quantum polynomial time. Our main result is as follows. The solvable group order problem is in the complexity class . Moreover, if the set of prime factors of the order is also given as input, then the solvable group order problem is in . This result shows that for this important computational problem, the number of servers can be reduced to one as well, using a small number of messages. Note that assuming, in the second part of Theorem 1, that the set of prime factors of the order is known corresponds to several practical situations. An important example is computing the order of groups^{2}^{2}2A (finite) group, where is a prime, is a group of order for some integer . A basic result from group theory shows that any group is solvable. with known, which cannot be done in polynomial time in the classical setting [9]. The main open question is whether the number of messages can also be reduced to 2 without any assumption on the prime factors.
Other related works. In addition to the introduction of multiple servers mentioned above, there are other approaches considered in the literature for constructing verification systems for quantum computation.
First, if the user is allowed to be “slightly quantum”, any problem solvable in quantum polynomial time can be efficiently verified with a single quantum server. For example, Refs. [2, 14] assume that the user can generate randomlyrotated singlequbit states, and Refs. [13, 16, 25] assume that the user can measure singlequbit states.
Second, since the class BQP (the class of decision problems that can be solved in quantum polynomialtime) is trivially in PSPACE and [21, 28], any problem in BQP can be classically verified using generic interactive proof protocols for PSPACE. In such protocols, however, the server has unbounded computational power. A tempting approach is to try to specialize these generic protocols to the class BQP, with the hope that the server’s necessary computational power may be reduced. Ref. [3] made an significant first step in this direction.
Finally, it has been shown very recently that assuming that the learning with errors problem is intractable for polynomialtime quantum computation, any problem solvable in quantum polynomial time can be efficiently verified with a single quantum server and a single classical user [22].
2 Preliminaries
In this paper we assume that the reader is familiar with the standard notions of group theory (we refer to, e.g., [18] for a good introduction). All the groups considered will be finite. Given a group , we use to denote its order (i.e., the number of elements in ), and use to denote its identity element. Given elements , we denote the subgroup of generated by .
Blackbox groups. We now describe the model of blackbox groups. This concept, in which each group element is represented by a string and each group operation is implemented using an oracle, was first introduced by Babai and Szemerédi [9] to describe grouptheoretic algorithms in the most general way, without having to concretely specify how the elements are represented and how groups operations are implemented. Indeed, any efficient algorithm in the blackbox group model gives rise to an efficient concrete algorithm whenever the oracle operations can be replaced by efficient procedures. Especially, performing group operations can be done directly on the elements in polynomial time for many natural groups, including permutation groups and matrix groups where the group elements are represented by permutations and matrices, respectively. In the quantum setting, blackbox groups have first been considered by Ivanyos et al. [19] and Watrous [32, 33].
A blackbox group is a representation of a group where each element of is uniquely encoded by a binary string of a fixed length , which is called the encoding length. The encoding length is known. In order to be able to express the complexity of blackbox group algorithms in terms of the group order , and not in terms of the encoding length, we make the standard assumption that . Oracles are available to perform group operations. More precisely, two oracles are available. A first oracle performs the group product: given two strings representing two group elements and , the oracle outputs the string representing . The second oracle performs inversion: given a string representing an element , the oracle outputs the string representing the element . Note that the two oracles may behave arbitrarily on strings not corresponding to elements in ; this is not a problem since our protocols will never use the oracles on such strings. We say that a group is input as a blackbox if a set of strings representing generators of with is given as input and queries to the oracles can be done at cost 1.^{3}^{3}3The assumption is standard. Indeed, every group has a generating set of size . Additionally, a set of generators of any size can be converted efficiently into a set of generators of size by taking random products of elements [5]. The input length is thus .
To be able to take advantage of the power of quantum computation when dealing with blackbox groups, the oracles performing the group operations have to be able to deal with quantum superpositions. Concretely, this is done as follows (see [19, 32, 33]). Let denote the encoding of elements as binary strings. We assume that a quantum oracle is available, such that for any two elements , and behaving in an arbitrary way on other inputs (i.e., strings not in ). Another quantum oracle is also available, such that for any and again behaving in an arbitrary way on other inputs.
Approximate sampling in blackbox groups. Babai [5] proved the following result for general groups, which shows that elements of a blackbox group can be efficiently sampled nearly uniformly. ([5]) Let be a blackbox group. For any , there exists a classical randomized algorithm running in time polynomial in and that outputs an element of such that each
is output with probability in range
.Solvable groups. Before discussing solvable groups, let us introduce the following concept of polycyclic generating sequences (see [17] for details). Let be a group. A polycyclic generating sequence of is a sequence of elements from , for some integer , such that:

;

for each , the subgroup is normal in .
There are many equivalent definitions of solvable groups in the literature (see, e.g., [17] for a thorough discussion). In this paper we will use the following characterization: a finite group is solvable if and only if it has a polycyclic generating sequence. This characterization, which was already used by Watrous [33], is the most convenient for our purpose. As discussed in [33], for any finite solvable group given as a black box, a polycyclic generating sequence with can be computed classically in polynomial time with high probability using for instance the randomized algorithm by Babai et al. [8].
Watrous showed that the order of a solvable blackbox group can be computed in polynomial time in the quantum setting. We state this result in the following theorem.
([33]) Let be a solvable group given as a blackbox group. There exists a quantum algorithm running in time that outputs with probability at least .
Let be a solvable group and be a polycyclic generating sequence of . In the following we will write for each , and for convenience write . Since is obtained from by adding one generator, the factor group is cyclic. Let us write its order . Note that the order of is thus the product . A fundamental (and easy to show) property of polycyclic generating sequences is the following: For any , any element can be written, in a unique way, as with integers for . We call this sequence the decomposition of over . Watrous [33] showed that the decomposition of any element can be computed efficiently in the quantum setting, which immediately leads to an efficient algorithm for membership testing in the subgroups . We state these two results, separately, in the following theorem.
([33]) Let be a solvable group given as a blackbox group and let be a polycyclic generating sequence of with . There exist two quantum algorithms and running in time polynomial in as follows.

Algorithm receives an integer and an element , and outputs with probability at least the decomposition of over .

Algorithm receives an integer and an element , and decides whether or not. The decision is correct with probability at least .
Interactive proofs with efficient quantum prover. Interactive proof systems are typically described as protocols for decision problems. In this paper it will be more convenient to consider interactive proofs for computing functions, since we are interesting in computing the order of the input group.^{4}^{4}4In order to be completely rigorous, we should actually define this concept for functional problems where the input is represented using oracles (since we are dealing with blackbox groups where the group operation is represented by oracles). We nevertheless omit this purely technical point in the exposition. The definition we give below is inspired by [15].
Let be a function, where is a finite set. We consider protocols between a prover and a verifier, who both receives as input an element and can exchange classical messages of polynomial length. At the end of the protocol, the verifier outputs either some or one special element . We say that the function has a message polynomialtime interactive proof if there exists a message protocol in which the verifier works in classical polynomial time, such that the following properties hold:

(completeness) there is a prover such that the verifier’s output satisfies with probability at least when interacting with ;

(soundness) for any prover , the verifier’s output satisfies with probability at least when interacting with .
The prover in the completeness condition is called the honest prover.
The above definition makes no assumption on the computational powers of the provers. Our main definition is obtained by restricting the computational power of the honest prover, i.e., the prover in the completeness condition. A function is in the class if it has a message polynomialtime interactive proof where the honest prover works in quantum polynomial time. The notation comes from its definition as a message interactive protocol with a prover working in quantum polynomial time (when honest). We stress that in Definition 2 there is no assumption on the computational power of for the soundness.
3 2Message Protocol with Known Prime Factors
In this section we assume that the prime factors of the order of the blackbox group are known. We present a 2message protocol in this case, which proves the second part of Theorem 1.
3.1 Preliminaries
We will need the following result in our protocol.
Let be a solvable group given as a blackbox group. Let denote the prime factors of and assume that the set is also given as input. There exists a classical algorithm running in time polynomial in that outputs elements , with , and prime numbers such that, with probability at least , the following conditions hold:

is a polycyclic generating sequence of ;

the order of is either 1 or for each , where we denote for and .
Before proving Theorem 3.1, let us discuss the main idea of the algorithm in this theorem. The approach is to start with an arbitrary polycyclic generating sequence and refine it by replacing each element by decreasing powers of it. Consider for instance the cyclic group of order 12, for which we have , , and . Assume that we start with the polycyclic generating sequence consisting of a unique element of order 12. We refine this sequence as with , and . This is a polycyclic generating sequence with , and . The difficulty is that naturally we do not know the order . Remember nevertheless that we know the encoding length of the blackbox group, which is an upper bound on . This means that the quantity is a multiple of the order , and thus we can use the same approach, working with instead of when refining the original polycyclic generating sequence.
Proof of Theorem 3.1.
Let us consider the function such that
for any . Now consider the sequence
(1) 
consisting of integers (the integers in the sequence are strictly decreasing). Define the function such that is the th integer in Sequence (1). Note that for any .
We now describe our algorithm that computes the claimed generating sequence.
We first compute a polycyclic generating sequence of with using the randomized polynomialtime algorithm from [8], already mentioned in Section 2, which succeeds with probability at least . Let us write for each , and .
We now show how to refine the polycyclic generating sequence. For each , we replace by the sequence of elements , which gives a new sequence
(2) 
of elements. Sequence (2) is a polycyclic generating sequence of since is a polycyclic generating sequence of and . For any , observe that
(3) 
for any . Similarly for any we have
(4) 
Let us rename the elements of Sequence (2) as , with . Note that . Let us write for and . For each , the order of is either 1 or , where can be determined from Equations (3) and (4). More concretely, is of the form for some (which can be immediately computed from ) when corresponds to the case of Equation (3), and when corresponds to the case of Equation (4). Note that in both cases we have , from the property mentioned before. ∎
3.2 The protocol
Let denote the set of prime factors of , which is given as an additional input. The protocol is given in Figure 1. The main idea is that the verifier can, using Theorem 3.1, compute by itself a polycyclic generating sequence and prime numbers such that for each . This is done at Step 1 of the protocol. Note that . The purpose of Steps 25 is to decide whether or , for each , by interacting with the prover. More precisely, the verifier interacts with the prover to test, for each , whether or . This requires testing nonmembership in a solvable group with a polynomialtime quantum prover, which is achieved by sending (at Step 3) to the prover the element for a random bit and a random element , and asking the prover to find the chosen bit . These tests enable the verifier to decide which of the two cases holds (at Steps 5.1 and 5.2), and then to compute at Step 6, or to detect cheating (at Step 5.3).
3.3 Analysis of the protocol
We now analyze the protocol of Figure 1. Let be the group elements and be the prime numbers computed at Step 1. The analysis below is done under the assumption that is a polycyclic generating sequence of and for all , which is true with probability at least from Theorem 3.1.
Let us first consider the correctness, i.e., showing that there exists a prover (working in quantum polynomial time) who makes the verifier able to compute with high probability. This prover acts as follows. For each , the prover checks if the element received at Step 3 is in the subgroup , using Algorithm of Theorem 2. If the prover learns that this element is in then the prover applies Algorithm of Theorem 2 to obtain a decomposition of over , and sends to the verifier the bit and these values . If the prover learns that this element is not in , then the prover sends to the verifier the bit and arbitrary values .
Let us analyze the verifier’s output when interacting with the above prover. If then we have and thus whatever the value of is. With probability at least , the prover’s message is thus and corresponding to the decomposition of over , and then the verifier sets . If then we have and thus if and only if . With probability at least , the bit sent by the prover satisfies , and thus the verifier sets (since the second part of the message cannot correspond to the decomposition of over ). In conclusion, with probability at least the output at Step 6 is
Let us now consider the soundness, i.e., showing that for any prover the verifier outputs either or with high probability. It is clear that if , then the prover cannot convince the verifier to set , since there is no set of integers such that . On the other hand, if then the prover cannot convince the verifier to set unless the prover is able to decide whether or from the element received, which cannot be done with probability larger than , where
represents the variational distance between the two probability distributions
and (seen as distributions over ). We havewhere the second inequality follows from Theorem 2 and the third inequality follows from our choice of and the upper bound . Thus, for any fixed such that , the prover cannot convince the verifier to set with probability greater than . Let us now bound the probability that the verifier’s output is either or . This corresponds to the probability that the verifier does not output an integer different from the order of . Note that the verifier can output an integer not equal to the order only if the prover forces the verifier to set for at least one index . From the above analysis, we know that this can happen with probability at most , i.e., such a cheating is detected by the verifier at Step 5.3 with probability at least , in which case the verifier immediately aborts the protocol and outputs . Thus the overall probability that the verifier’s output is either or is at least . Note finally that this probability can be amplified to reach the soundness threshold of used in Definition 2 by repeating the protocol of Figure 1 a constant number of times in parallel and deciding the output based on a standard threshold argument.
4 General 3Message Protocol
In this section we show that when the prime factors of the order of are not known, we can design a 3message protocol, which proves the first part of Theorem 1.
4.1 The protocol
Our 3message protocol, described in Figure 2, is obtained by modifying the protocol of the previous section. More precisely, Step 1 in the protocol of the previous section is replaced by two steps (Steps 0 and 1 in Figure 2): instead of having the verifier compute a polycyclic generating sequence using Theorem 3.1, which requires the knowledge of the set of factors of , in the new protocol the prover computes by itself this sequence and sends it at Step 0 to the verifier, who then checks that the sequence is really correct at Step 1. All the other steps 26 are exactly the same as for the protocol in Figure 1 (one small exception is Step 3, which is slightly rewritten since the polycyclic generating sequence does not need to be sent to the prover anymore).
4.2 Analysis of the protocol
Let us consider the correctness. In that case the prover first uses the algorithm of Theorem 2 to compute the order , then factorizes it using Shor’s algorithm [30] and collects the prime factors in a set . The prover then uses the algorithm of Theorem 3.1 using the set as input to obtain group elements and a list of integers such that with probability at least the following two conditions hold:

is a polycyclic generating sequence of , with ,

the order of is either 1 or for each ,
where as usual we use the notation for any and the convention . These two conditions are equivalent to the following:

, i.e., for each ;

for each ;

is normal in for any , i.e., for any .
Thus, with probability at least , the prover can compute the following decompositions in quantum polynomial time using Algorithm of Theorem 2:

a decomposition of over , for each ;

a decomposition of over , for each ;

a decomposition of over , for each and each .
At Step 0, the prover sends all these integers, along with the elements and the primes . All the tests performed by the verifier at Step 1 then pass. The analysis of the second part of the protocol (Steps 26) is then exactly the same as the analysis of the protocol of Section 3.
The soundness follows by observing that passing the tests performed by the verifier at Step 1 guarantees that Conditions (a)(c) of the previous paragraph hold. This guarantees that Conditions (i)(ii) hold as well, and thus the soundness analysis for the second part of the protocol (Steps 26) is exactly the same as the analysis of the protocol of Section 3.
Acknowledgments
FLG was partially supported by the JSPS KAKENHI grants No. 15H01677, No. 16H01705 and No. 16H05853. TM is supported by JST PRESTO No. JPMJPR176A, and the GrantinAid for Young Scientists (B) No. JP17K12637 of JSPS. HN was partially supported by the JSPS KAKENHI grants No. 26247016, No. 16H01705 and No. 16K00015. YT is supported by the Program for Leading Graduate Schools: Interactive Materials Science Cadet Program.
References
 [1] Scott Aaronson and Greg Kuperberg. Quantum versus classical proofs and advice. Theory of Computing, 3:129–157, 2007. doi:10.4086/toc.2007.v003a007.
 [2] Dorit Aharonov, Michael BenOr, Elad Eban, and Urmila Mahadev. Interactive proofs for quantum computations. arXiv:1704.04487, 2017.
 [3] Dorit Aharonov and Ayal Green. A quantum inspired proof of . arXiv:1710.09078, 2017.
 [4] Dorit Aharonov and Umesh Vazirani. Is quantum mechanics falsifiable? A computational perspective on the foundations of quantum mechanics. arXiv:1206.3686, 2012.
 [5] László Babai. Local expansion of vertextransitive graphs and random generation in finite groups. In Proceedings of the 23rd Annual ACM Symposium on Theory of Computing, pages 164–174, 1991. doi:10.1145/103418.103440.
 [6] László Babai. Bounded round interactive proofs in finite groups. SIAM Journal on Discrete Mathematics, 5(1):88–111, 1992. doi:10.1137/0405008.
 [7] László Babai, Robert Beals, and Ákos Seress. Polynomialtime theory of matrix groups. In Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pages 55–64, 2009. doi:10.1145/1536414.1536425.
 [8] László Babai, Gene Cooperman, Larry Finkelstein, Eugene M. Luks, and Ákos Seress. Fast monte carlo algorithms for permutation groups. Journal of Computer and System Sciences, 50(2):296–308, 1995. doi:10.1006/jcss.1995.1024.
 [9] László Babai and Endre Szemerédi. On the complexity of matrix group problems I. In Proceedings of the 25th Annual Symposium on Foundations of Computer Science, pages 229–240, 1984. doi:10.1109/SFCS.1984.715919.
 [10] Ethan Bernstein and Umesh Vazirani. Quantum complexity theory. SIAM Journal on Computing, 26:1411–1473, 1997. doi:10.1137/S0097539796300921.
 [11] Simon R. Blackburn, Peter M. Neumann, and Geetha Venkataraman. Enumeration of Finite Groups. Cambridge University Press, 2017. doi:10.1017/CBO9780511542756.
 [12] Tommaso F. Demarie, Yungkai Ouyang, and Joseph F. Fitzsimons. Classical verification of quantum circuits containing few basis changes. arXiv:1612.04914, 2016.
 [13] Joseph F. Fitzsimons, Michael Hajdušek, and Tomoyuki Morimae. Post hoc verification of quantum computation. Physical Review Letters, 120:040501, 2018. doi:10.1103/PhysRevLett.120.040501.
 [14] Joseph F. Fitzsimons and Elham Kashefi. Unconditionally verifiable blind computation. Phys. Rev. A, 96:012303, 2017. doi:10.1103/PhysRevA.96.012303.
 [15] Shafi Goldwasser, Ofer Grossman, and Dhiraj Holden. Pseudodeterministic proofs. In Proceedings of the 9th Innovations in Theoretical Computer Science Conference, pages 17:1–17:18, 2018. doi:10.4230/LIPIcs.ITCS.2018.17.
 [16] Masahito Hayashi and Tomoyuki Morimae. Verifiable measurementonly blind quantum computing with stabilizer testing. Physical Review Letters, 115:220502, 2015. doi:10.1103/PhysRevLett.115.220502.
 [17] Derek F. Holt, Bettina Eick, and Eamonn A. O’Brien. Handbook of computational group theory. Chapman & Hall/CRC, 2005. doi:10.1201/9781420035216.
 [18] I. Martin Isaacs. Finite group theory. American Mathematical Society, 2008.
 [19] Gábor Ivanyos, Frédéric Magniez, and Miklos Santha. Efficient quantum algorithms for some instances of the nonabelian hidden subgroup problem. International Journal of Foundations of Computer Science, 14(5):723–740, 2003. doi:10.1142/S0129054103001996.
 [20] Zhengfeng Ji. Classical verification of quantum proofs. In Proceedings of the 48th Annual ACM symposium on Theory of Computing, pages 885–898, 2016. doi:10.1145/2897518.2897634.
 [21] Carsten Lund, Lance Fortnow, Howard J. Karloff, and Noam Nisan. Algebraic methods for interactive proof systems. Journal of the ACM, 39(4):859–868, 1992. doi:10.1145/146585.146605.
 [22] Urmila Mahadev. Classical verification of quantum computations. arXiv:1804.01082, 2018.
 [23] Mathew McKague. Interactive proofs with efficient quantum prover for recursive fourier sampling. Chicago Journal of Theoretical Computer Science, 2012(6), 2012. doi:10.4086/cjtcs.2012.006.
 [24] Mathew McKague. Interactive proofs for BQP via selftested graph states. Theory of Computing, 12(3):1–42, 2016. doi:10.4086/toc.2016.v012a003.
 [25] Tomoyuki Morimae, Daniel Nagaj, and Norbert Schuch. Quantum proofs can be verified using only singlequbit measurements. Physical Review A, 93:022326, 2016. doi:10.1103/PhysRevA.93.022326.
 [26] Tomoyuki Morimae, Yuki Takeuchi, and Harumichi Nishimura. MerlinArthur with efficient quantum Merlin and quantum supremacy for the second level of the fourier hierarchy. arXiv:1711.10605, 2017.
 [27] Ben W. Reichardt, Falk Unger, and Umesh Vazirani. Classical command of quantum systems. Nature, 496:456–460, 2013. doi:10.1038/nature12035.
 [28] Adi Shamir. IP = PSPACE. Journal of the ACM, 39(4):869–877, 1992. doi:10.1145/146585.146609.
 [29] Yaoyun Shi. Quantum and classical tradeoffs. Theoretical Computer Science, 344:335–343, 2005. doi:10.1016/j.tcs.2005.03.053.
 [30] Peter W. Shor. Polynomialtime algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Computing, 26(5):1484–1509, 1997. doi:10.1137/S0097539795293172.
 [31] Daniel R. Simon. On the power of quantum computation. SIAM Journal on Computing, 26(5):1474–1483, 1997. doi:10.1137/S0097539796298637.
 [32] John Watrous. Succinct quantum proofs for properties of finite groups. In Proceedings of the 41st Annual Symposium on Foundations of Computer Science, pages 537–546, 2000. doi:10.1109/SFCS.2000.892141.
 [33] John Watrous. Quantum algorithms for solvable groups. In Proceedings of the 33rd Annual ACM Symposium on Theory of Computing, pages 60–67, 2001. doi:10.1145/380752.380759.
 [34] https://www03.ibm.com/press/us/en/pressrelease/52403.wss.
Comments
There are no comments yet.