[Gzz-commits] manuscripts/Sigs article.rst internal.rst

[Tuomas J. Lukka]

CVSROOT:        /cvsroot/gzz
Module name:    manuscripts
Changes by:     Tuomas J. Lukka <address@hidden>        03/05/19 12:49:56

Modified files:
        Sigs           : article.rst internal.rst 

Log message:
        twids

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.114&tr2=1.115&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/internal.rst.diff?tr1=1.3&tr2=1.4&r1=text&r2=text

Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.114 manuscripts/Sigs/article.rst:1.115
--- manuscripts/Sigs/article.rst:1.114  Mon May 19 12:23:47 2003
+++ manuscripts/Sigs/article.rst        Mon May 19 12:49:56 2003
@@ -191,7 +191,8 @@
 Obtaining the minimal integral solutions of this inequality 
 gives us a tradeoff where the length of the signature is approximately
 linear with `$N$` and the time to sign grows exponentially with `$n$`.
-Table [ref-tabtradeoff]_ shows 
+Table [ref-tabtradeoff]_ shows the tradeoff in the characteristics
+of the derived schemes.
 
 
 ..  raw:: latex
Index: manuscripts/Sigs/internal.rst
diff -u manuscripts/Sigs/internal.rst:1.3 manuscripts/Sigs/internal.rst:1.4
--- manuscripts/Sigs/internal.rst:1.3   Mon May 19 11:40:31 2003
+++ manuscripts/Sigs/internal.rst       Mon May 19 12:49:56 2003
@@ -554,6 +554,18 @@
     `$t=175$`, `$k=62$`
 
 
+- Security not straightforward:
+  There is a large number of hashes used, and a collision
+  between any two could allow forging of signatures.
+  birthday attacks, ...
+
+  - Bleichenbacher-Maurer. 
+    To sign 160 bits, we need `$n=29$`.
+    Signatures are 90 hashes
+
+Supporting multiple signatures is possible e.g. in BiBa,
+but inefficient. Merkle hash trees better
+
 Conclusion
 ==========