[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-marketing] branch master updated: feedback integrati
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-marketing] branch master updated: feedback integration |
Date: |
Mon, 13 May 2019 14:43:54 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository marketing.
The following commit(s) were added to refs/heads/master by this push:
new 13e1b36 feedback integration
13e1b36 is described below
commit 13e1b363be75d9577fd19724bedd6325b189c9ee
Author: Christian Grothoff <address@hidden>
AuthorDate: Mon May 13 14:43:51 2019 +0200
feedback integration
---
presentations/comprehensive/bankademia.tex | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/presentations/comprehensive/bankademia.tex
b/presentations/comprehensive/bankademia.tex
index 05c488f..57f8b25 100644
--- a/presentations/comprehensive/bankademia.tex
+++ b/presentations/comprehensive/bankademia.tex
@@ -513,14 +513,14 @@ But of course we use modern instantiations.
\begin{frame}{Warranting deposit safety}
- Exchange has {\em another} online signing key $O = oG$:
+ Exchange has {\em another} online signing key $W = wG$:
\begin{center}
- Sends $E$, $EdDSA_o(M,H(D),FDH(C))$ to the merchant.
+ Sends $E$, $EdDSA_w(M,H(D),FDH(C))$ to the merchant.
\end{center}
This signature means that $M$ was the {\em first} to deposit
$C$ and that the exchange thus must pay $M$.
\begin{center}
- Without this, an evil exchange could reneg on the deposit
+ Without this, an evil exchange could renege on the deposit
confirmation and claim double-spending if a coin were
deposited twice, and then not pay either merchant!
\end{center}
@@ -529,8 +529,8 @@ But of course we use modern instantiations.
\begin{frame}{Online keys}
\begin{itemize}
-\item The exchange needs $d$ and $o$ to be available for online signing.
-\item The corresponding public keys $O$ and $(e,n)$ are certified using
+\item The exchange needs $d$ and $w$ to be available for online signing.
+\item The corresponding public keys $W$ and $(e,n)$ are certified using
Taler's public key infrastructure (which uses offline-only keys).
\end{itemize}
\begin{center}
@@ -565,13 +565,13 @@ But of course we use modern instantiations.
\end{frame}
-\begin{frame}{Online signing key $O$ compromise}
+\begin{frame}{Online signing key $W$ compromise}
\begin{itemize}
-\item An attacker who learns $o$ can sign deposit confirmations.
+\item An attacker who learns $w$ can sign deposit confirmations.
\item Attacker sets up two (or more) merchants and customer(s) which
double-spend
legitimate coins at both merchants.
\item The merchants only deposit each coin once at the exchange and get paid
once.
-\item The attacker then uses $o$ to fake deposit confirmations for the
double-spent
+\item The attacker then uses $w$ to fake deposit confirmations for the
double-spent
transactions.
\item The attacker uses the faked deposit confirmations to complain to the
auditor
that the exchange did not honor the (faked) deposit confirmations.
@@ -581,7 +581,7 @@ and (likely) would presume an evil exchange, forcing it to
pay both merchants.
\end{frame}
-\begin{frame}{Detecting online signing key $O$ compromise}
+\begin{frame}{Detecting online signing key $W$ compromise}
\begin{itemize}
\item Merchants are required to {\em probabilistically} report
signed deposit confirmations to the auditor.
@@ -592,7 +592,8 @@ and (likely) would presume an evil exchange, forcing it to
pay both merchants.
to the auditor {\em and} those without proof of double-spending
{\em and} those merchants reported to the auditor.
\item[$\Rightarrow$] Merchants that do not participate in reporting
- to the auditor risk their deposit permissions being voided.
+ to the auditor risk their deposit permissions being voided in
+ cases of an exchange's private key being compromised.
\end{itemize}
\end{frame}
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-marketing] branch master updated: feedback integration,
gnunet <=