pith. sign in

arxiv: 2504.16355 · v2 · submitted 2025-04-23 · 💻 cs.CR · cs.IT· cs.LG· math.IT

Property-Preserving Hashing for ell₁-Distance Predicates: Applications to Countering Adversarial Input Attacks

Hassan Asghar , Chenhan Zhang , Dali Kaafar This is my paper

Pith reviewed 2026-05-22 19:16 UTC · model grok-4.3

classification 💻 cs.CR cs.ITcs.LGmath.IT
keywords property-preserving hashingl1 distanceadversarial attacksperceptual hashingimage similaritycryptographysecurity
0
0 comments X

The pith

The first property-preserving hash for ℓ1-distance predicates allows checking image similarity in the hash domain with negligible error probability.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper constructs a property-preserving hashing scheme specifically for predicates that check if the ℓ1 distance between two inputs is at most a threshold t. This means the hash values can be used to evaluate whether the original inputs satisfy the distance condition, and the chance of error in this evaluation is negligible. Such a scheme is motivated by the need to detect similar images even when an adversary makes small changes to evade standard perceptual hashes. Because many attacks optimize for ℓ2 distance, which is related to ℓ1, selecting an appropriate t forces the attacker to introduce more visible noise to the image. The construction is efficient, taking time quadratic in t, and is demonstrated on both small grayscale and larger RGB images.

Core claim

We propose the first PPH construction for an ℓ1-distance predicate that checks if the two one-sided ℓ1-distances between two images are within a threshold t. The scheme provides a strong correctness guarantee where the probability of incorrectly evaluating the predicate in the hash domain is negligible, and it runs in O(t²) time.

What carries the argument

The property-preserving hash function for the ℓ1-distance predicate, which maps inputs to hashes such that the predicate on the originals can be evaluated on the hashes with high accuracy.

If this is right

  • The scheme can be used to counter adversarial attacks on perceptual hashing by requiring larger perturbations to bypass detection.
  • For 28x28 grayscale images with up to 1% pixel perturbation, the predicate can be evaluated in 0.0784 seconds.
  • Dividing larger 224x224 RGB images into blocks allows per-block evaluation times as low as 0.0128 seconds for small changes.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Similar constructions might extend to other distance measures like Euclidean distance for defending against a wider range of attacks.
  • The efficiency opens the door to real-time applications in content moderation systems.
  • Future work could explore combining this with machine learning models for hybrid detection methods.

Load-bearing premise

The hashing scheme preserves the ℓ1-distance predicate evaluation with only a negligible probability of error.

What would settle it

Running the scheme on many pairs of images and observing that the predicate evaluation disagrees with the true ℓ1 distance more often than a negligible fraction of the time, such as more than one error in a million trials.

Figures

Figures reproduced from arXiv: 2504.16355 by Chenhan Zhang, Dali Kaafar, Hassan Asghar.

Figure 1
Figure 1. Figure 1: Choosing 𝑦 as the mid-point. ≤ 𝑡 = 𝑞/2 from 𝑥. Of course, if 𝑡 is smaller than 𝑞/2, the probability decreases. We therefore find the probability over uniform random choices of x that the vector y = (𝑞/2, . . . , 𝑞/2) is within distance 𝑡 = 𝛾𝑛 of x. Proposition 6. Let x be a vector sampled uniformly at random from Z 𝑛 𝑞 . Let y ∈ Z 𝑛 𝑞 be the vector each coordinate of which is 𝑞/2. Let 𝐷 denote the random v… view at source ↗
Figure 2
Figure 2. Figure 2: The lower bound in logarithmic scale of the number [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: The probability 𝑝 −𝛿 from Eq. (15) versus the empirical probability obtained after 106 runs with varying 𝑛 and 𝑝 > 𝑛. We use 𝑞 = 5 in all plots. In all cases, the empirical probability is lower than 𝑝 −𝛿 . Tuples are the values (𝑛, 𝑝, 𝑡, 𝑡+, 𝑡−). Construction 1: An (𝑚, 𝑛)-PPH for the Asymmetric ℓ1- Distance Predicate Parameters : Security parameter 𝜆, positive integers 𝑛 = 𝑛(𝜆) and 𝑞 ≥ 2 for Z 𝑛 𝑞 , positi… view at source ↗
Figure 4
Figure 4. Figure 4: The empirical error on the Imagenette dataset [PITH_FULL_IMAGE:figures/full_fig_p011_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: The impact of adding noise to the image using the FGSM attack on the metrics LPIPS, pixel change ratio and NAD. [PITH_FULL_IMAGE:figures/full_fig_p012_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: Replacing the labels in the tuples a with unique labels. and so on. Thus, 𝐴𝑗 = 𝑒𝑗 (𝑎1, . . . , 𝑎𝑛) = (−1) 𝑗 𝑆 (𝑗, 𝑛). □ C FURTHER EXPERIMENTAL RESULTS [PITH_FULL_IMAGE:figures/full_fig_p018_6.png] view at source ↗
Figure 7
Figure 7. Figure 7: The impact of increasing alterations to the image through the PGD attack, brightness, and contrast, on the metrics [PITH_FULL_IMAGE:figures/full_fig_p019_7.png] view at source ↗
read the original abstract

Perceptual hashing is used to detect whether an input image is similar to a reference image with a variety of security applications. Recently, they have been shown to succumb to adversarial input attacks which make small imperceptible changes to the input image yet the hashing algorithm does not detect its similarity to the original image. Property-preserving hashing (PPH) is a recent construct in cryptography, which preserves some property (predicate) of its inputs in the hash domain. Researchers have so far shown constructions of PPH for Hamming distance predicates, which, for instance, outputs 1 if two inputs are within Hamming distance $t$. A key feature of PPH is its strong correctness guarantee, i.e., the probability that the predicate will not be correctly evaluated in the hash domain is negligible. Motivated by the use case of detecting similar images under adversarial setting, we propose the first PPH construction for an $\ell_1$-distance predicate. Roughly, this predicate checks if the two one-sided $\ell_1$-distances between two images are within a threshold $t$. Since many adversarial attacks use $\ell_2$-distance (related to $\ell_1$-distance) as the objective function to perturb the input image, by appropriately choosing the threshold $t$, we can force the attacker to add considerable noise to evade detection, and hence significantly deteriorate the image quality. Our proposed scheme is highly efficient, and runs in time $O(t^2)$. For grayscale images of size $28 \times 28$, we can evaluate the predicate in $0.0784$ seconds when pixel values are perturbed by up to $1 \%$. For larger RGB images of size $224 \times 224$, by dividing the image into 1,000 blocks, we achieve times of $0.0128$ seconds per block for $1 \%$ change, and up to $0.2641$ seconds per block for $14\%$ change.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 1 minor

Summary. The paper proposes the first property-preserving hashing (PPH) construction for a one-sided ℓ₁-distance predicate on images. It claims this enables correct evaluation of whether two images are within threshold t (with negligible error probability) in the hash domain, runs in O(t²) time, and can be used to force substantial noise in adversarial perturbations (e.g., based on ℓ₂ objectives) while providing concrete timings for 28×28 grayscale and 224×224 RGB images under 1–14% pixel changes.

Significance. If the construction and its negligible-error guarantee hold, the result would extend PPH from Hamming-distance predicates to ℓ₁ distances on continuous pixel values, offering a cryptographic tool for robust perceptual hashing that raises the cost of adversarial attacks on image similarity detection.

major comments (2)
  1. [Abstract] Abstract: the claim that the predicate is evaluated correctly with negligible error probability (i.e., 2^{-λ} or smaller) is asserted without an explicit bound, reduction, or proof sketch showing that the underlying sampling/sketching construction (adapted from Hamming PPH) yields error negligible in the security parameter rather than merely inverse-polynomial in t or image dimension. This is load-bearing for the strong correctness property.
  2. [Construction] Construction and efficiency claims: the O(t²) runtime and preservation of the one-sided ℓ₁ predicate are stated, but without the explicit scheme (including how continuous pixel values and one-sided distances are handled) it is unclear whether additional error terms arise or whether the runtime remains O(t²) after any necessary amplification to achieve negligibility.
minor comments (1)
  1. [Experiments] Experimental section: the reported runtimes (0.0784 s for 28×28 at 1 %, 0.0128–0.2641 s per block for 224×224) would be strengthened by stating the number of trials and any variance.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their thorough review and valuable comments on our manuscript. We address each of the major comments below, providing clarifications and indicating planned revisions to strengthen the presentation.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the claim that the predicate is evaluated correctly with negligible error probability (i.e., 2^{-λ} or smaller) is asserted without an explicit bound, reduction, or proof sketch showing that the underlying sampling/sketching construction (adapted from Hamming PPH) yields error negligible in the security parameter rather than merely inverse-polynomial in t or image dimension. This is load-bearing for the strong correctness property.

    Authors: We appreciate this observation. The construction in the paper adapts the sampling-based approach from prior Hamming-distance PPH works, where the error probability is made negligible in the security parameter λ through standard Chernoff bounds and union bounds over the sampled coordinates, independent of t and the image dimension (which are treated as fixed for the application). The abstract summarizes the result but does not include the full proof sketch for brevity. In the revised manuscript, we will update the abstract to explicitly reference the negligible error in λ and add a brief proof sketch or pointer to the relevant theorem in the main body to address this concern directly. revision: yes

  2. Referee: [Construction] Construction and efficiency claims: the O(t²) runtime and preservation of the one-sided ℓ₁ predicate are stated, but without the explicit scheme (including how continuous pixel values and one-sided distances are handled) it is unclear whether additional error terms arise or whether the runtime remains O(t²) after any necessary amplification to achieve negligibility.

    Authors: The explicit construction is provided in Section 3 of the full manuscript, including the discretization of continuous pixel values into a finite domain for sketching and the definition of the one-sided ℓ₁ predicate as the predicate that outputs 1 if the ℓ₁ distance is at most t in one direction. The base sampling procedure runs in O(t²) time, and to achieve negligible error, we employ a constant number of repetitions (or logarithmic in λ, which is absorbed into the big-O notation for fixed λ in practice). No additional asymptotic error terms arise beyond those already bounded in the analysis. We will revise the manuscript to include a more detailed exposition of the scheme, explicitly discussing the handling of continuous values, the one-sided aspect, and confirming that the runtime remains O(t²) post-amplification. revision: yes

Circularity Check

0 steps flagged

No significant circularity; new construction presented without reduction to inputs or self-citations

full rationale

The paper claims a novel first PPH construction for the one-sided ℓ1-distance predicate, with strong correctness (negligible error probability) and O(t²) runtime. No equations, parameter fits, or self-citation chains are visible in the provided abstract or claims that would make any prediction or result equivalent to its inputs by construction. The derivation is self-contained as an original cryptographic proposal, with no load-bearing steps reducing to fitted data, renamed known results, or author-overlapping uniqueness theorems. This matches the default expectation for a construction paper without exhibited circular reductions.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

Based on abstract only; the work extends existing PPH definitions to a new predicate but does not introduce visible free parameters, new entities, or ad-hoc axioms beyond standard cryptographic correctness guarantees.

axioms (1)
  • domain assumption PPH constructions exist with negligible error probability for distance predicates
    Abstract invokes this as a key feature of PPH and applies it to the new ℓ1 predicate.

pith-pipeline@v0.9.0 · 5910 in / 1183 out tokens · 37766 ms · 2026-05-22T19:16:02.634346+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

37 extracted references · 37 canonical work pages · 1 internal anchor

  1. [1]

    Learning to break deep perceptual hashing: The use case neuralhash,

    L. Struppek, D. Hintersdorf, D. Neider, and K. Kersting, “Learning to break deep perceptual hashing: The use case neuralhash, ” inProceedings of the 2022 ACM Conference on Fairness, Accountability, and Transparency , 2022, pp. 58–69

    work page 2022

  2. [2]

    phash: The open source perceptual hash library,

    E. Klinger and D. Starkweather, “phash: The open source perceptual hash library, ” 2013

    work page 2013

  3. [3]

    It’s not what it looks like: Manipulating perceptual hashing based applications,

    Q. Hao, L. Luo, S. T. Jan, and G. Wang, “It’s not what it looks like: Manipulating perceptual hashing based applications, ” inProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security , 2021, pp. 69–85

    work page 2021

  4. [4]

    Approximate nearest neighbors: towards removing the curse of dimensionality,

    P. Indyk and R. Motwani, “Approximate nearest neighbors: towards removing the curse of dimensionality, ” inProceedings of the thirtieth annual ACM symposium on Theory of computing , 1998, pp. 604–613

    work page 1998

  5. [5]

    Implementation and benchmarking of perceptual image hash func- tions,

    C. Zauner, “Implementation and benchmarking of perceptual image hash func- tions, ” 2010

    work page 2010

  6. [6]

    Nearly optimal property preserving hashing,

    J. Holmgren, M. Liu, L. Tyner, and D. Wichs, “Nearly optimal property preserving hashing, ” inAnnual International Cryptology Conference . Springer, 2022, pp. 473–502

    work page 2022

  7. [7]

    Optimal lower bounds for locality-sensitive hashing (except when q is tiny),

    R. O’Donnell, Y. Wu, and Y. Zhou, “Optimal lower bounds for locality-sensitive hashing (except when q is tiny), ” ACM Transactions on Computation Theory (TOCT), vol. 6, no. 1, pp. 1–13, 2014

    work page 2014

  8. [8]

    Adversarially robust property preserving hash functions,

    E. Boyle, R. LaVigne, and V. Vaikuntanathan, “Adversarially robust property preserving hash functions, ”Cryptology ePrint Archive, 2018

    work page 2018

  9. [9]

    Robust property-preserving hash functions for hamming distance and more,

    N. Fleischhacker and M. Simkin, “Robust property-preserving hash functions for hamming distance and more, ” inAnnual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2021

    work page 2021

  10. [10]

    Property-preserving hash func- tions for hamming distance from standard assumptions,

    N. Fleischhacker, K. G. Larsen, and M. Simkin, “Property-preserving hash func- tions for hamming distance from standard assumptions, ” inAnnual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2022

    work page 2022

  11. [11]

    Towards deep learning models resistant to adversarial attacks,

    A. Madry, A. Makelov, L. Schmidt, D. Tsipras, and A. Vladu, “Towards deep learning models resistant to adversarial attacks, ” in International Conference on Learning Representations , 2018. [Online]. Available: https: //openreview.net/forum?id=rJzIBfZAb

    work page 2018

  12. [12]

    Towards evaluating the robustness of neural networks,

    N. Carlini and D. Wagner, “Towards evaluating the robustness of neural networks, ” in 2017 ieee symposium on security and privacy (sp) . Ieee, 2017, pp. 39–57

    work page 2017

  13. [13]

    On l 1-distance error control codes,

    L. G. Tallini and B. Bose, “On l 1-distance error control codes, ” in 2011 IEEE International Symposium on Information Theory Proceedings . IEEE, 2011, pp. 1061–1065

    work page 2011

  14. [14]

    Galois: A performant NumPy extension for Galois fields,

    M. Hostetter, “Galois: A performant NumPy extension for Galois fields, ” 11 2020. [Online]. Available: https://github.com/mhostetter/galois

    work page 2020

  15. [15]

    Imagenette: A smaller subset of 10 easily classified classes from imagenet,

    J. Howard and S. Gugger, “Imagenette: A smaller subset of 10 easily classified classes from imagenet, ” 2019. [Online]. Available: https://github.com/fastai/ imagenette

    work page 2019

  16. [16]

    Shurman et al., Calculus and analysis in euclidean space

    J. Shurman et al., Calculus and analysis in euclidean space . Springer, 2016

    work page 2016

  17. [17]

    Fuzzy extractors: How to gener- ate strong keys from biometrics and other noisy data,

    Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, “Fuzzy extractors: How to gener- ate strong keys from biometrics and other noisy data, ”SIAM Journal on Computing, vol. 38, no. 1, pp. 97–139, 2008

    work page 2008

  18. [18]

    Discrete hit-and-run for sampling points from arbitrary distributions over subsets of integer hyperrectangles,

    S. Baumert, A. Ghate, S. Kiatsupaibul, Y. Shen, R. L. Smith, and Z. B. Zabinsky, “Discrete hit-and-run for sampling points from arbitrary distributions over subsets of integer hyperrectangles, ”Operations Research, vol. 57, no. 3, pp. 727–739, 2009

    work page 2009

  19. [19]

    Mitzenmacher and E

    M. Mitzenmacher and E. Upfal, Probability and computing: Randomization and probabilistic techniques in algorithms and data analysis . Cambridge university press, 2017

    work page 2017

  20. [20]

    Shoup, A computational introduction to number theory and algebra , 2nd ed

    V. Shoup, A computational introduction to number theory and algebra , 2nd ed. Cambridge university press, 2009

    work page 2009

  21. [21]

    The theory of error-correcting codes,

    F. MacWilliams, “The theory of error-correcting codes, ”Elsevier Science Publishers BV google schola, vol. 2, pp. 39–47, 1977

    work page 1977

  22. [22]

    Imagenet: A large-scale hierarchical image database,

    J. Deng, W. Dong, R. Socher, L.-J. Li, K. Li, and L. Fei-Fei, “Imagenet: A large-scale hierarchical image database, ” in2009 IEEE conference on computer vision and pattern recognition. Ieee, 2009, pp. 248–255

    work page 2009

  23. [23]

    The unreasonable effectiveness of deep features as a perceptual metric,

    R. Zhang, P. Isola, A. A. Efros, E. Shechtman, and O. Wang, “The unreasonable effectiveness of deep features as a perceptual metric, ” inCVPR, 2018

    work page 2018

  24. [24]

    Explaining and Harnessing Adversarial Examples

    I. J. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples, ”arXiv preprint arXiv:1412.6572, 2014

    work page internal anchor Pith review Pith/arXiv arXiv 2014

  25. [25]

    The mnist database of handwritten digits,

    Y. LeCun, C. Cortes, and C. Burges, “The mnist database of handwritten digits, ”

    work page

  26. [26]

    Available: http://yann.lecun.com/exdb/mnist/

    [Online]. Available: http://yann.lecun.com/exdb/mnist/

    work page

  27. [27]

    Block mean value based image perceptual hashing,

    B. Yang, F. Gu, and X. Niu, “Block mean value based image perceptual hashing, ” in 2006 International Conference on Intelligent Information Hiding and Multimedia . IEEE, 2006, pp. 167–172

    work page 2006

  28. [28]

    A robust content based digital signature for image authentication,

    M. Schneider and S.-F. Chang, “A robust content based digital signature for image authentication, ” inProceedings of 3rd IEEE international conference on image processing, vol. 3. IEEE, 1996, pp. 227–230

    work page 1996

  29. [29]

    Efficient search for approximate nearest neighbor in high dimensional spaces,

    E. Kushilevitz, R. Ostrovsky, and Y. Rabani, “Efficient search for approximate nearest neighbor in high dimensional spaces, ” inProceedings of the thirtieth annual ACM symposium on Theory of computing , 1998, pp. 614–623

    work page 1998

  30. [30]

    Lattice (list) decoding near minkowski’s inequality,

    E. Mook and C. Peikert, “Lattice (list) decoding near minkowski’s inequality, ” IEEE Transactions on Information Theory , vol. 68, no. 2, pp. 863–870, 2021

    work page 2021

  31. [31]

    On a new class of error control codes and symmetric functions,

    L. G. Tallini and B. Bose, “On a new class of error control codes and symmetric functions, ” in2008 IEEE International Symposium on Information Theory . IEEE, 2008, pp. 980–984

    work page 2008

  32. [32]

    O’Searcoid, Metric spaces

    M. O’Searcoid, Metric spaces. Springer Science & Business Media, 2006

    work page 2006

  33. [33]

    D. S. Mitrinović, J. E. Pečarić, and A. M. Fink, Bernoulli’s Inequality . Dordrecht: Springer Netherlands, 1993, pp. 65–81. [Online]. Available: https://doi.org/10.1007/978-94-017-1043-5_3

    work page doi:10.1007/978-94-017-1043-5_3 1993

  34. [34]

    Algebraic attacks on human identification protocols,

    H. J. Asghar, R. Steinfeld, S. Li, M. A. Kaafar, and J. Pieprzyk, “Algebraic attacks on human identification protocols, ”Cryptology ePrint Archive, 2014

    work page 2014

  35. [35]

    Brualdi, Introductory Combinatorics, ser

    R. Brualdi, Introductory Combinatorics, ser. Pearson Education. Pearson Prentice Hall, 2012. A SOME USEFUL RESULTS Metrics. Let 𝑆 be a set. A function 𝑑 : 𝑆 × 𝑆 → R is called a metric on 𝑆 if for all 𝑥, 𝑦, 𝑧 ∈ 𝑆, (1) 𝑑 (𝑥, 𝑦) ≥ 0 with equality if and only if 𝑥 = 𝑦, (2) 𝑑 (𝑥, 𝑦) = 𝑑 (𝑦, 𝑥), and (3) 𝑑 (𝑥, 𝑦) ≤ 𝑑 (𝑥, 𝑧) + 𝑑 (𝑧, 𝑦) [31]. In this case 𝑆 is cal...

    work page arXiv 2012

  36. [36]

    See for example [34, §5]

    The recurrence relation 𝐶′ (𝑡, 𝑛) ≤ 𝑛 + 𝑡 𝑡 + 𝐶′ (𝑡, 𝑛 − 1), implies that 𝐶 (𝑡, 𝑛) ≤ 𝐶′ (𝑡, 𝑛) ≤ 𝑛 + 𝑡 𝑡 + 𝑛 − 1 + 𝑡 𝑡 + · · · + 𝑡 𝑡 = 𝑛 + 𝑡 + 1 𝑡 + 1 , where the last equality is the so-called hockey-stick identity. See for example [34, §5]. □ B.5 Proof of Proposition 6 Proof. For 𝑖 ∈ [ 𝑛], let 𝐷𝑖 be the random variable denoting the distance |𝑥𝑖 − 𝑦𝑖 |. ...

    work page

  37. [37]

    This polynomial can be written as: 𝜎x (𝑧) = 𝐴𝑚𝑧𝑚 + · · · +𝐴𝑡 +1𝑧𝑡 +1 + · · · +𝐴1𝑧 + 1, where 𝐴𝑖 ∈ F

    Let 𝑚 = deg(𝜎x). This polynomial can be written as: 𝜎x (𝑧) = 𝐴𝑚𝑧𝑚 + · · · +𝐴𝑡 +1𝑧𝑡 +1 + · · · +𝐴1𝑧 + 1, where 𝐴𝑖 ∈ F. Now, all the divisors of 𝑧𝑡 +1 are 𝑧𝑖 for 0 ≤ 𝑖 ≤ 𝑡 + 1. Pick any 𝑧𝑖 with 𝑖 > 0. Then dividing 𝜎x by 𝑧𝑖 leaves the remainder 𝐴𝑖 −1𝑧𝑖 −1 + · · · +𝐴1𝑧 + 1, where 𝐴0 = 1. This is non-zero regardless of the 𝐴𝑖’s. Therefore, the gcd is 1. □ B.1...

    work page