diff options
authorChristian Grothoff <>2017-05-18 15:05:28 +0200
committerChristian Grothoff <>2017-05-18 15:05:37 +0200
commit57fef70492e9d6c0a88d025e8a716ab1db9ad202 (patch)
parent998858bc8f95eb1966e3edacb6583c5af4dd46d2 (diff)
inline FC reviews/responses in main paper
2 files changed, 13 insertions, 2 deletions
diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex
index 5e8f0392..ccdc5444 100644
--- a/doc/paper/taler.tex
+++ b/doc/paper/taler.tex
@@ -58,7 +58,8 @@
% Copyright
@@ -1868,6 +1869,16 @@ data being persisted are represented in between $\langle\rangle$.
\item[$\overline{C^{(i)}_p}$]{Public coin keys computed from $\overline{c_s^{(i)}}$ by the verifier}
+\section{Supplemental: Reviews and Responses from Financial Cryptography}
+\subsection{FC 2016}
+\subsection{FC 2017}
diff --git a/doc/paper/taler_FC2017.txt b/doc/paper/taler_FC2017.txt
index de1c64a3..66f8560a 100644
--- a/doc/paper/taler_FC2017.txt
+++ b/doc/paper/taler_FC2017.txt
@@ -21,7 +21,7 @@ be insecure.
> We added a section with proofs
I find two (possible) attacks against the refresh protocol. As the
-exchange does not check the validity of the public key Cp′ , the attacker can
+exchange does not check the validity of the public key Cp', the attacker can
send an arbitrary public key to the exchange that will accept, and obtain a
fresh coin. The attacker can spend partially a coin multiple times via
refreshing the coin and obtaining a fresh coin in turn, as the refresh protocol