Skip to content
Snippets Groups Projects
Commit 44ef2b48 authored by Philipp Muth's avatar Philipp Muth
Browse files

added conclusion slide, minor

parent 183903ee
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
ACNS/presentation/key_exchange.tex
+ 3
3
View file @ 44ef2b48
...@@ -10,14 +10,14 @@ ...@@ -10,14 +10,14 @@
\begin{definition}[Piecewise Verifiable Proof \cite{DBLP:conf/asiacrypt/BeullensKV19}] \begin{definition}[Piecewise Verifiable Proof \cite{DBLP:conf/asiacrypt/BeullensKV19}]
A party proves knowledge of a polynomial \(f\) for a statement A party proves knowledge of a polynomial \(f\) for a statement
\[x = \left(\left(E_0,E_1\right),s_1,\ldots, s_n\right),\] \[x = \left(\left(E_0,E_1\right),s_1,\ldots, s_n\right),\]
where \(E_1 = \left[f\paren* 0\right] E_0\) and \(s_i = f\paren* i\) for \(i=1,\ldots, n\). where \(E_1 = \left[f\paren* 0\right] E_0\) and \(s_i = f\paren* i \in \ZZ_p\) for \(i=1,\ldots, n\).
\end{definition} \end{definition}
\end{frame} \end{frame}
\begin{frame} \begin{frame}
\frametitle{What to do?} \frametitle{What to do?}
\begin{itemize} \begin{itemize}
\item Transfer PVP and ZK proof to the threshold setting \item Transfer PVP proof to threshold setting
\item Integrate both to decapsulation protocol to achieve active security \item Integrate both to decapsulation protocol to achieve active security
\item Prove, that resulting protocol is at least as secure as original decapsulation \item Prove, that resulting protocol is at least as secure as original decapsulation
\end{itemize} \end{itemize}
...@@ -61,7 +61,7 @@ ...@@ -61,7 +61,7 @@
\frametitle{A Shareholder \(P_i\)'s Turn in the Decapsulation Protocol} \frametitle{A Shareholder \(P_i\)'s Turn in the Decapsulation Protocol}
Let \(S^\ast\) be a superauthorised set of shareholders executing the decapsulation protocol. Let \(S^\ast\) be a superauthorised set of shareholders executing the decapsulation protocol.
\begin{enumerate} \begin{enumerate}
\item Ascertain \(E^{k-1} \in \mathcal E\), where \(E^{k-1}\) is previous shareholder's output. \item Ascertain \(E^{k-1} \in \mathcal E\), where \(E^{k-1}\) is previous shareholder's output of \(E^0 = c\)
\item Sample \(R_k \sample \mathcal E\), compute \(R_k'\gets \left[L_{i,S^\ast}s_i\right] R_k\). \item Sample \(R_k \sample \mathcal E\), compute \(R_k'\gets \left[L_{i,S^\ast}s_i\right] R_k\).
\item Compute and publish \item Compute and publish
\begin{align*} \begin{align*}
......
ACNS/presentation/main.tex
+ 10
0
View file @ 44ef2b48
...@@ -28,6 +28,16 @@ ...@@ -28,6 +28,16 @@
\input{generalsss} \input{generalsss}
\begin{frame}
\frametitle{Conclusion}
\begin{itemize}
\item Transfer PVP to threshold setting
\item Actively secure key exchange mechanism
\item Transformed into signature scheme
\item Define, which field of secret sharing schemes is compatible
\end{itemize}
\end{frame}
\section{References} \section{References}
\begin{frame}[allowframebreaks] \begin{frame}[allowframebreaks]
\bibliographystyle{amsalpha} \bibliographystyle{amsalpha}
......
ACNS/presentation/motivation.tex
+ 40
14
View file @ 44ef2b48
...@@ -39,7 +39,7 @@ ...@@ -39,7 +39,7 @@
\begin{frame} \begin{frame}
\frametitle{Secret Sharing Schemes} \frametitle{Secret Sharing Schemes}
\begin{itemize} \begin{itemize}
\item Distribute a secret \(s\) among \(n\) shareholders via \item Distribute a secret \(s\) among shareholders \(P_1,\ldots, P_n\) via
\[ \mathcal S.\share\paren* s\] \[ \mathcal S.\share\paren* s\]
\item Reconstruct a shared secret via \item Reconstruct a shared secret via
\[ \SH.\rec\paren*{\set{s_i}_{P_i \in S'}} \] \[ \SH.\rec\paren*{\set{s_i}_{P_i \in S'}} \]
...@@ -53,27 +53,26 @@ ...@@ -53,27 +53,26 @@
\end{frame} \end{frame}
\begin{frame} \begin{frame}%[allowframebreaks]
\frametitle{Key Exchange Mechanisms} \frametitle{Key Exchange Mechanisms}
\begin{center} \begin{center}
\begin{tikzpicture} \begin{tikzpicture}
\begin{scope}[minimum size = .7cm] \begin{scope}[minimum size = .7cm]
\node [alice] (alice) at (-3,0){Alice}; \node [alice] (alice) at (-3,0){Alice};
\node [bob] (bob) at (3,0){Bob}; \node [bob] (bob) at (3,0){Bob};
\end{scope} \end{scope}
\pause %\pause
\node [left = .5 of alice] (pair) {$\left(\sk,\pk\right)$}; \node [left = .5 of alice] (pair) {$\left(\sk,\pk\right)$};
%\node [above = 3 of alice] (pk) {$\pk$}; %\node [above = 3 of alice] (pk) {$\pk$};
%\draw [->] (alice) -- (pk); %\draw [->] (alice) -- (pk);
\pause %\pause
\node [above = 2.5 of bob] (encaps) {$\encaps \paren* \pk$}; \node [above = 2.5 of bob] (encaps) {$\encaps \paren* \pk$};
\node [above = 0.5 of bob] (keybob) {$\key$}; \node [above = 0.5 of bob] (keybob) {$\key$};
%\node [above = 2.5 of alice] (cipher) {$c$}; %\node [above = 2.5 of alice] (cipher) {$c$};
\node (cipher) at ($(encaps)+(-6,0)$) {$c$}; \node (cipher) at ($(encaps)+(-6,0)$) {$c$};
\draw [->] (encaps) -- (cipher); \draw [->] (encaps) -- (cipher);
\draw [->] (encaps) -- (keybob); \draw [->] (encaps) -- (keybob);
\pause %\pause
\node [above = 1.5 of alice] (decaps) {$\decaps\paren *{\sk,c}$}; \node [above = 1.5 of alice] (decaps) {$\decaps\paren *{\sk,c}$};
\draw [->] (cipher) -- (decaps); \draw [->] (cipher) -- (decaps);
...@@ -87,6 +86,30 @@ ...@@ -87,6 +86,30 @@
\end{center} \end{center}
\end{frame} \end{frame}
\begin{frame}
\frametitle{Key Exchange Mechanisms in a HHS}
\begin{pchstack}[center,space=2em]
\procedure[space=auto]{$\keygen()$}{
\sk \sample \ZZ_p\\
\pk \gets \left[\sk\right] E_0\\
\pcreturn \left(\sk,\pk\right)
}
\vspace{1em}
\procedure[space=auto]{$\encaps\paren* \pk$}{
b \sample \mathcal G\\
\key \gets b \ast \pk\\
c \gets b \ast E_0\\
\pcreturn \left(\key,c\right)
}
\vspace{1em}
\procedure[space=auto]{$\decaps\paren*{\sk,c}$}{
\key \gets \left[\sk\right] c\\
\pcreturn \key
}
\end{pchstack}
\end{frame}
\begin{frame} \begin{frame}
\frametitle{A Decapsulation Protocol with Shared Secret Key \cite{FeoM20}} \frametitle{A Decapsulation Protocol with Shared Secret Key \cite{FeoM20}}
...@@ -104,14 +127,14 @@ ...@@ -104,14 +127,14 @@
\draw [help lines] (sk) edge (sh1) edge (sh2) edge (sh3) edge (sh4); \draw [help lines] (sk) edge (sh1) edge (sh2) edge (sh3) edge (sh4);
\pause \pause
\node [right=of sh1] (cipher) {$E_0 = c$}; \node [right=of sh1] (cipher) {$E^0 = c$};
\coordinate [left = of sh2] (bla) ; \coordinate [left = of sh2] (bla) ;
\draw [->] (cipher) -- (sh1); \draw [->] (cipher) -- (sh1);
\pause \pause
\draw [->, >=Stealth, bend right] (sh1) edge node [midway, above] {$ E^1 = \left[L_{1,S'} s_1\right] E_0$} (sh2) ; \draw [->, >=Stealth, bend right] (sh1) edge node [midway, above] {$ E^1 = \left[L_{1,S'} s_1\right] E^0$} (sh2) ;
\draw [->, >=Stealth, bend right] (sh2) edge node [midway, left] {$ E^2 = \left[L_{2,S'} s_2\right] E_1$} (sh3) ; \draw [->, >=Stealth, bend right] (sh2) edge node [midway, left] {$ E^2 = \left[L_{2,S'} s_2\right] E^1$} (sh3) ;
\draw [->, >=Stealth, bend right] (sh3) edge node [midway, below] {$ E^3 = \left[L_{3,S'} s_3\right] E_2$} (sh4) ; \draw [->, >=Stealth, bend right] (sh3) edge node [midway, below] {$ E^3 = \left[L_{3,S'} s_3\right] E^2$} (sh4) ;
\node [right = of sh4] (key) {$\key = \left[L_{4,S'} s_4\right] E^3$}; \node [right = of sh4] (key) {$\key = \left[L_{4,S'} s_4\right] E^3$};
\draw [->] (sh4) -- (key); \draw [->] (sh4) -- (key);
...@@ -121,6 +144,9 @@ ...@@ -121,6 +144,9 @@
\begin{frame} \begin{frame}
\frametitle{Features of the Protocol} \frametitle{Features of the Protocol}
\begin{block}{Threshold Group Action}
\[E^{\# S'} = \left[L_{j,S'}s_j\right] \left(\left[\ldots\right]E^{0}\right) = \left[\sum_{P_i\in S'} L_{i,S'}s_i\right] E^0 = \left[s\right] c.\]
\end{block}
\begin{block}{Advantages} \begin{block}{Advantages}
\begin{itemize} \begin{itemize}
\item Simulatable \item Simulatable
...@@ -150,14 +176,14 @@ ...@@ -150,14 +176,14 @@
\draw [help lines] (sk) edge (sh1) edge (sh2) edge (sh3) edge (sh4); \draw [help lines] (sk) edge (sh1) edge (sh2) edge (sh3) edge (sh4);
%\pause %\pause
\node [right=of sh1] (cipher) {$E_0 = c$}; \node [right=of sh1] (cipher) {$E^0 = c$};
\coordinate [left = of sh2] (bla) ; \coordinate [left = of sh2] (bla) ;
\draw [->] (cipher) -- (sh1); \draw [->] (cipher) -- (sh1);
%\pause %\pause
\draw [->, >=Stealth, bend right] (sh1) edge node [midway, above] {$ E^1 = \left[L_{1,S'} s_1\right] E_0$} (sh2) ; \draw [->, >=Stealth, bend right] (sh1) edge node [midway, above] {$ E^1 = \left[L_{1,S'} s_1\right] E^0$} (sh2) ;
\draw [->, >=Stealth, bend right] (sh2) edge node [midway, left, color = red] {$ {E^2} \neq \left[L_{2,S'} s_2\right] E_1$} (sh3) ; \draw [->, >=Stealth, bend right] (sh2) edge node [midway, left, color = red] {$ {E^2} \neq \left[L_{2,S'} s_2\right] E^1$} (sh3) ;
\draw [->, >=Stealth, bend right] (sh3) edge node [midway, below] {$ E^3 = \left[L_{3,S'} s_3\right] E_2$} (sh4) ; \draw [->, >=Stealth, bend right] (sh3) edge node [midway, below] {$ E^3 = \left[L_{3,S'} s_3\right] E^2$} (sh4) ;
\node [right = of sh4] (key) {$\key = \left[L_{4,S'} s_4\right] E^3$}; \node [right = of sh4] (key) {$\key = \left[L_{4,S'} s_4\right] E^3$};
\draw [->] (sh4) -- (key); \draw [->] (sh4) -- (key);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment