slides done (hopefully)

741af6ed · Philipp Muth · 3b1cdd90 · 741af6ed · 741af6ed · 741af6ed
Commit 741af6ed authored 2 years ago by Philipp Muth
--- a/ACNS/presentation/generalsss.tex
+++ b/ACNS/presentation/generalsss.tex

-\section{General Access Structures and Secret Sharing Schemes}
+\section{General Secret Sharing Schemes}
 \begin{frame}
+	\frametitle{Necessary Characteristics for Compatibility}
+	\begin{itemize}
+		\item Independent reconstruction: a shareholder's input in reconstructing a secret is independent of other shares
+		\item Self-contained reconstruction: the shares of a secret live in the same space as the secret to enable two-level sharing
+		\item Compatibility with zero-knowledge proof and the piecewise verifiable proof in the HHS 
+	\end{itemize}
+\end{frame}
+
+\begin{frame}
+	\frametitle{Examples}
+	\begin{itemize}
+		\item Shamir's polynomial secret sharing: compatible (our protocol was initially based on it)
+		\item Tassa's hierarchical threshold secret sharing \cite{DBLP:conf/tcc/Tassa04}: compatible (extension of Shamir's approach)
+		\item Damgard and Thorbek's linear integer secret sharing \cite{DBLP:conf/pkc/DamgardT06}: incompatible, since it is only computationally hiding
+		\item Additive secret sharing: incompatible, because superauthorised sets of shareholders do not exist
+	\end{itemize}
 \end{frame}
--- a/ACNS/presentation/main.tex
+++ b/ACNS/presentation/main.tex
@@ -31,6 +31,6 @@
 \section{References}
 \begin{frame}[allowframebreaks]
 	\bibliographystyle{amsalpha}
-	\bibliography{pqc}
+	\bibliography{pqc,local_bib}
 \end{frame}
 \end{document}
--- a/ACNS/presentation/motivation.tex
+++ b/ACNS/presentation/motivation.tex
@@ -38,9 +38,17 @@

 \begin{frame}
 	\frametitle{Secret Sharing Schemes}
+	\begin{itemize}
+		\item Distribute a secret \(s\) among \(n\) shareholders via 
+			\[ \mathcal S.\share\paren* s\]
+		\item Reconstruct a shared secret via
+			\[ \SH.\rec\paren*{\set{s_i}_{P_i \in S'}} \]
+			for an authorised set \(S'\in \Gamma\). 
+	\end{itemize}

-	\begin{definition}[Superauthorises Sets]
-
+	\begin{definition}[Superauthorised Sets]
+		A \highlight{superauthorised set} of shareholders is a set \(S^\ast\), so that
+		\[\forall P \in S^\ast \colon S^\ast \setminus\set{P} \in \Gamma.\]
 	\end{definition}

 \end{frame}

--- a/ACNS/presentation/preamble.tex
+++ b/ACNS/presentation/preamble.tex
@@ -117,6 +117,7 @@
 \newcommand\decaps{\mathsf{Decaps}}
 \newcommand\encaps{\mathsf{Encaps}}
 \newcommand\keygen{\mathsf{KeyGen}}
+\providecommand\highlight[1]{\emph{#1}}

 \DeclarePairedDelimiter{\paren}{\lparen}{\rparen}
 \DeclarePairedDelimiter{\bracket}{[}{]}

--- a/ACNS/presentation/signatures.tex
+++ b/ACNS/presentation/signatures.tex

 \section{Deriving a Signature Scheme}
 \begin{frame}
+	\begin{block}{Why actively secure signature schemes?}
+		Correctness of a signature is easily verified with the public key and the signed message.
+
+		BUT: An incorrect signature does not identify the misbehaving shareholder.
+	\end{block}
+	\begin{block}{Signature Scheme}
+		\begin{itemize}
+			\item \(\keygen\): Keep \(\keygen\) of the key exchange mechanism, i.e., the secret key is two-level shared among parties \(P_1,\ldots,P_n\)
+			\item \(\sign\): Apply Fiat-Shamir-transform \cite{C:FiaSha86} to the decapsulation protocol, resulting in a signing protocol with secret shared secret key
+			\item \(\verify\): Arises naturally from the Fiat-Shamir-transformation
+		\end{itemize}
+	\end{block}
 \end{frame}