Skip to content
Snippets Groups Projects
Commit 1d1bf2ea authored by Philipp Muth's avatar Philipp Muth
Browse files

minor

parent 741af6ed
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
ACNS/presentation/key_exchange.tex
+ 13
3
View file @ 1d1bf2ea
...@@ -2,18 +2,28 @@ ...@@ -2,18 +2,28 @@
\section{Actively Secure Key Exchange} \section{Actively Secure Key Exchange}
\begin{frame} \begin{frame}
\frametitle{Measures for Active Security} \frametitle{Measures for Active Security}
\begin{definition}[Zero-knowledge Proof of Knowledge in HHS \(\left(\mathcal E,\mathcal G\right)\)] \begin{definition}[Zero-knowledge Proof of Knowledge in \(\left(\mathcal E,\mathcal G\right)\) \cite{DBLP:conf/pqcrypto/BeullensDPV21}]
A party proves knowledge of \(s\) with A party proves knowledge of \(s\) with
\[ \left[s\right] E_i = E_i' \] \[ \left[s\right] E_i = E_i' \]
for pairs \(\left(E_i,E_i'\right) \in \mathcal E^2\), \(i=1,\ldots, m\). for pairs \(\left(E_i,E_i'\right) \in \mathcal E^2\), \(i=1,\ldots, m\).
\end{definition} \end{definition}
\begin{definition}[Piecewise Verifiable Proof] \begin{definition}[Piecewise Verifiable Proof \cite{DBLP:conf/asiacrypt/BeullensKV19}]
A party proves knowledge of a polynomial \(f\) for a statement A party proves knowledge of a polynomial \(f\) for a statement
\[x = \left(\left(E_0,E_1\right),s_1,\ldots, s_n\right),\] \[x = \left(\left(E_0,E_1\right),s_1,\ldots, s_n\right),\]
where \(E_1 = \left[f\paren* 0\right] E_0\) and \(s_i = f\paren* i\) for \(i=1,\ldots, n\). where \(E_1 = \left[f\paren* 0\right] E_0\) and \(s_i = f\paren* i\) for \(i=1,\ldots, n\).
\end{definition} \end{definition}
\end{frame} \end{frame}
\begin{frame}
\frametitle{What to do?}
\begin{itemize}
\item Transfer PVP and ZK proof to the threshold setting
\item Integrate both to decapsulation protocol to achieve active security
\item Prove, that resulting protocol is at least as secure as original decapsulation
\end{itemize}
\end{frame}
\begin{frame} \begin{frame}
\frametitle{Key Generation} \frametitle{Key Generation}
\begin{pchstack}[center] \begin{pchstack}[center]
...@@ -75,6 +85,6 @@ ...@@ -75,6 +85,6 @@
\begin{itemize} \begin{itemize}
\item IND-CPA, i.e., the encapsulated key cannot be distinguished from the ciphertext, assuming the hardness of the GAIP \item IND-CPA, i.e., the encapsulated key cannot be distinguished from the ciphertext, assuming the hardness of the GAIP
\item Simulatable (as was \cite{FeoM20}) \item Simulatable (as was \cite{FeoM20})
\item Actively Secure, i.e., a misbehaving shareholder can be detected, if the PVP and ZK proof are sound \item Actively secure, i.e., a misbehaving shareholder can be detected, if the PVP and ZK proof are sound
\end{itemize} \end{itemize}
\end{frame} \end{frame}
ACNS/presentation/motivation.tex
+ 1
1
View file @ 1d1bf2ea
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
\begin{frame}[allowframebreaks] \begin{frame}[allowframebreaks]
\frametitle{Where are we?} \frametitle{Where are we?}
\begin{block}{Hard Homogeneous Spaces} \begin{block}{Hard Homogeneous Spaces (Couveignes \cite{DBLP:journals/iacr/Couveignes06})}
A hard homogeneous space \(\left(\mathcal E,\mathcal G\right)\) is A hard homogeneous space \(\left(\mathcal E,\mathcal G\right)\) is
\begin{itemize} \begin{itemize}
\item a set \(\mathcal E\), \item a set \(\mathcal E\),
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment