diff --git a/ACNS/signatures.tex b/ACNS/signatures.tex
index 6680ac157f9bdd874e043df356c16b92ed92d9d1..38db4cfa1963438d2248960f7fa36602c1d01f94 100644
--- a/ACNS/signatures.tex
+++ b/ACNS/signatures.tex
@@ -50,7 +50,9 @@ We convert the key exchange mechanism in \hyperref[fig.keygen]{Algorithm \ref{fi
     \label{fig.sign}
 \end{algorithm}
 
-A signature scheme consists of three protocols: key generation, signing and verifying. We transfer the unmodified key generation protocol from the key exchange mechnism in \hyperref[sec.kem]{Section \ref{sec.kem}} to our signature scheme. The signing protocol is derived from the decapsulation protocol (\hyperref[fig.decaps]{Algorithm \ref{fig.decaps}}) by applying the Fiat-Shamir-transformation, the verifying protocol follows straightforward. The protocols are given in \hyperref[fig.sign]{Algorithm \ref{fig.sign}} and \hyperref[fig.ver]{Algorithm \ref{fig.ver}}.
+A signature scheme consists of three protocols: key generation, signing and verifying. We transfer the unmodified key generation protocol from the key exchange mechnism in \hyperref[sec.kem]{Section \ref{sec.kem}} to our signature scheme. The signing protocol is derived from the decapsulation protocol (\hyperref[fig.decaps]{Algorithm \ref{fig.decaps}}) by applying the Fiat-Shamir-transformation, the verifying protocol follows straightforward. The protocols are given in \hyperref[fig.sign]{Algorithm \ref{fig.sign}} and \hyperref[fig.ver]{Algorithm \ref{fig.ver}}.\\
+
+\noindent \textbf{Instantiations.} As a practical instantiation, we propose the available parameter set for CSIDH-512 HHS from \cite{DBLP:conf/asiacrypt/BeullensKV19}. Currently no other instantiation of the presented schemes seems feasible in a practical sense. Furthermore, according to recent works \cite{DBLP:conf/eurocrypt/Peikert20,DBLP:conf/eurocrypt/BonnetainS20} CSIDH-512 may not reach the initially estimated security level.
 
 %Active security in our signing protocol is achieved by applying the Fiat-Shamir-transfer to the decapsulation protocol presented above. This gives us a signing protocol, in which each engaged shareholder outputs messages exactly once, making the protocol very efficient.
 % \begin{figure}
@@ -172,4 +174,4 @@ First, in the case without hashing, since the sigma protocol has special soundne
 \end{figure}
 \end{comment}
 
-\noindent \textbf{Instantiations.} As a practical instantiation, we propose the available parameter set for CSIDH-512 HHS from \cite{DBLP:conf/asiacrypt/BeullensKV19}. Currently no other instantiation of the presented schemes seems feasible in a practical sense. Furthermore, according to recent works \cite{DBLP:conf/eurocrypt/Peikert20,DBLP:conf/eurocrypt/BonnetainS20} CSIDH-512 may not reach the initially estimated security level.
+