diff --git a/ACNS/presentation/key_exchange.tex b/ACNS/presentation/key_exchange.tex index dcac799dc350226b08c297c785406052afa65e7b..eacdcb1019afe21f4d4ced4ab84bbee163e8f055 100644 --- a/ACNS/presentation/key_exchange.tex +++ b/ACNS/presentation/key_exchange.tex @@ -2,18 +2,28 @@ \section{Actively Secure Key Exchange} \begin{frame} \frametitle{Measures for Active Security} - \begin{definition}[Zero-knowledge Proof of Knowledge in HHS \(\left(\mathcal E,\mathcal G\right)\)] + \begin{definition}[Zero-knowledge Proof of Knowledge in \(\left(\mathcal E,\mathcal G\right)\) \cite{DBLP:conf/pqcrypto/BeullensDPV21}] A party proves knowledge of \(s\) with \[ \left[s\right] E_i = E_i' \] for pairs \(\left(E_i,E_i'\right) \in \mathcal E^2\), \(i=1,\ldots, m\). \end{definition} - \begin{definition}[Piecewise Verifiable Proof] + \begin{definition}[Piecewise Verifiable Proof \cite{DBLP:conf/asiacrypt/BeullensKV19}] A party proves knowledge of a polynomial \(f\) for a statement \[x = \left(\left(E_0,E_1\right),s_1,\ldots, s_n\right),\] where \(E_1 = \left[f\paren* 0\right] E_0\) and \(s_i = f\paren* i\) for \(i=1,\ldots, n\). \end{definition} \end{frame} +\begin{frame} + \frametitle{What to do?} + \begin{itemize} + \item Transfer PVP and ZK proof to the threshold setting + \item Integrate both to decapsulation protocol to achieve active security + \item Prove, that resulting protocol is at least as secure as original decapsulation + \end{itemize} + +\end{frame} + \begin{frame} \frametitle{Key Generation} \begin{pchstack}[center] @@ -75,6 +85,6 @@ \begin{itemize} \item IND-CPA, i.e., the encapsulated key cannot be distinguished from the ciphertext, assuming the hardness of the GAIP \item Simulatable (as was \cite{FeoM20}) - \item Actively Secure, i.e., a misbehaving shareholder can be detected, if the PVP and ZK proof are sound + \item Actively secure, i.e., a misbehaving shareholder can be detected, if the PVP and ZK proof are sound \end{itemize} \end{frame} diff --git a/ACNS/presentation/motivation.tex b/ACNS/presentation/motivation.tex index 02f05b63dae78ab8287d37a369a41d09ac845cf7..0eaf1219e439dc8a65495f1f20c1da71d79e002a 100644 --- a/ACNS/presentation/motivation.tex +++ b/ACNS/presentation/motivation.tex @@ -2,7 +2,7 @@ \begin{frame}[allowframebreaks] \frametitle{Where are we?} - \begin{block}{Hard Homogeneous Spaces} + \begin{block}{Hard Homogeneous Spaces (Couveignes \cite{DBLP:journals/iacr/Couveignes06})} A hard homogeneous space \(\left(\mathcal E,\mathcal G\right)\) is \begin{itemize} \item a set \(\mathcal E\),