diff --git a/ACNS/introduction.tex b/ACNS/introduction.tex
index 69445157539be77af55652d4d04d4a6a41e87ce3..24d66e865486f02f2caa1348dc5332120fd39566 100644
--- a/ACNS/introduction.tex
+++ b/ACNS/introduction.tex
@@ -35,7 +35,7 @@ Secret sharing schemes were first introduced by Blakley \cite{Blakley:1979:SCK}
 %To share \(s\in \Z_p\) among \(n\) sharholders, so that \(t\) or more shareholders are able to reconstruct it, a dealer samples a polynomial \(f \in \Z_p\left[ X\right]\) of degree \(t-1\) with constant term \(s\). The share of a shareholder with index \(i \in \left[ 1,\ldots, n\right]\) is \(f\paren* i\). To reconstruct a secret, a set of \(t\) or more shareholders interpolates the original polynomial \(f\) via Lagrange interpolation. Blakley takes a similar, yet distinct approach.
 Damg{\aa}rd and Thorbek \cite{DBLP:conf/pkc/DamgardT06} presented a secret sharing scheme with secret space \(\Z\). Thorbek \cite{DBLP:journals/iacr/Thorbek09} later improved their scheme Yet their scheme is only computationally confidential, compared to the information theoretical confidentiality of Shamir and Blakley's schemes.
 Tassa \cite{DBLP:conf/tcc/Tassa04} opened Shamir's scheme to a more general application by utilising the derivatives of the sharing polynomial to construct a hierarchical access structure,.
-These basic secret sharing schemes rely on the dealer providing honestly generated shares to the shareholders. Verifiable secret sharing schemes eliminate this drawback by providing the shareholders with the means to verify the correctness of the received shares with varying overhead. Examples of these are \cite{DBLP:conf/ccs/BethKO93,DBLP:conf/asiacrypt/BackesKP11,DBLP:conf/crypto/Pedersen91,DBLP:conf/eurocrypt/Stadler96}. With minor efficiency losses, Herranz and S{\'a}ez \cite{DBLP:conf/fc/HerranzS03} were able to achieve verifiable secret sharing for generalised access structures. %A more recent advancement was made in \cite{DBLP:conf/icits/TraversoDB16}, in which the author presented a method to add and remove shareholders in  a verifiable secret sharing setting.
+These basic secret sharing schemes rely on the dealer providing honestly generated shares to the shareholders. Verifiable secret sharing schemes eliminate this drawback by providing the shareholders with the means to verify the correctness of the received shares with varying overhead. Examples of these are \cite{DBLP:conf/ccs/BethKO93,DBLP:conf/crypto/Pedersen91,DBLP:conf/eurocrypt/Stadler96}. With minor efficiency losses, Herranz and S{\'a}ez \cite{DBLP:conf/fc/HerranzS03} were able to achieve verifiable secret sharing for generalised access structures. %A more recent advancement was made in \cite{DBLP:conf/icits/TraversoDB16}, in which the author presented a method to add and remove shareholders in  a verifiable secret sharing setting.
 Traverso et al. \cite{DBLP:conf/africacrypt/TraversoD018} proposed an approach for evaluating arithmetic circuits on secret shared in Tassa's scheme, that also enabled auditing the results. 
 Cozzo and Smart \cite{DBLP:conf/ima/CozzoS19} investigated the possibility of constructing shared secret schemes based on the Round 2 candidate signature schemes in the NIST standardization process\footnote{\url{https://csrc.nist.gov/Projects/post-quantum-cryptography/Post-Quantum-Cryptography-Standardization}}.
 Based on CSI-FiSh \cite{DBLP:conf/asiacrypt/BeullensKV19}, De Feo and Meyer \cite{FeoM20} introduced threshold variants of passively secure encryption and signature schemes in the Hard Homogeneous Spaces (HHS) setting. Cozzo and Smart \cite{DBLP:conf/pqcrypto/CozzoS20} presented  the  first  actively  secure  but not robust distributed  signature  scheme based on isogeny assumptions. In \cite{DBLP:conf/pqcrypto/BeullensDPV21}, the authors presented CSI-RAShi, a robust and actively secure distributed key generation protocol based on Shamir's secret sharing in the setting of HHS, which necessitates all shareholders to participate.\\