[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-exchange] 02/02: Try to make this justification stro
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-exchange] 02/02: Try to make this justification stronger and more precise |
|
Date: |
Tue, 16 May 2017 16:43:19 +0200 |
This is an automated email from the git hooks/post-receive script.
burdges pushed a commit to branch master
in repository exchange.
commit 3efde62c446dfe875aa9eb5ff2153ad2ef6f47b5
Author: Jeffrey Burdges <address@hidden>
AuthorDate: Tue May 16 16:42:11 2017 +0200
Try to make this justification stronger and more precise
---
doc/paper/rom.bib | 18 ++++++++++++++++++
doc/paper/taler.tex | 11 ++++++++++-
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/doc/paper/rom.bib b/doc/paper/rom.bib
index d85b2e8..cd41052 100644
--- a/doc/paper/rom.bib
+++ b/doc/paper/rom.bib
@@ -72,3 +72,21 @@
}
+
+
address@hidden,
+ author="Abdalla, Michel and Bellare, Mihir",
+ editor="Okamoto, Tatsuaki",
+ title="Increasing the Lifetime of a Key: A Comparative Analysis of the
Security of Re-keying Techniques",
+ bookTitle="Advances in Cryptology --- ASIACRYPT 2000: 6th International
Conference on the Theory and Application of Cryptology and Information Security
Kyoto, Japan, December 3--7, 2000 Proceedings",
+ year="2000",
+ publisher="Springer Berlin Heidelberg",
+ address="Berlin, Heidelberg",
+ pages="546--559",
+ isbn="978-3-540-44448-0",
+ doi="10.1007/3-540-44448-3_42",
+ doi_url="http://dx.doi.org/10.1007/3-540-44448-3_42";,
+ url="https://link.springer.com/chapter/10.1007/3-540-44448-3_42";
+}
+
+
diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex
index 488f01d..bdc60e1 100644
--- a/doc/paper/taler.tex
+++ b/doc/paper/taler.tex
@@ -1335,7 +1335,7 @@ exchange can even invent coins whole cloth.
We may now remove the encrpytion by appealing to the random oracle
model~\cite{BR-RandomOracles}.
-\begin{lemma}[\cite{??}]
+\begin{lemma}%[\cite{??}]
Consider a protocol that commits to random data by encrypting it
using a secret derived from a Diffe-Hellman key exchange.
In the random oracle model, we may replace this encryption with
@@ -1345,6 +1345,11 @@ functions to the same secret.
% TODO: Too general probably?
% TODO: IND-CPA again?
+Indeed, we expect doing so to increase practical security as in
+\cite{Abdalla2000}, and adding the random oracle assumption need not
+reduce security if it focuses more attention on the usage of hash
+functions throughout the protocol.
+
\begin{proof}
We work with the usual instantiation of the random oracle model as
returning a random string and placing it into a database for future
@@ -1356,6 +1361,10 @@ that we encrypt in the old encryption based version of
Taler.
Now our random oracle scheme with $R$ gives the same result as our
scheme that encrypts random data, so the encryption becomes
superfluous and may be omitted.
+
+We require the security of the original encryption operation reduced
+to the security of the Diffe-Hellman key exchange, which remains a
+requirement of the derived protocol.
\end{proof}
We may now conclude that Taler remains unlinkable even with the refresh
protocol.
--
To stop receiving notification emails like this one, please contact
address@hidden