summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorJeffrey Burdges <burdges@gnunet.org>2017-05-22 15:20:48 +0200
committerJeffrey Burdges <burdges@gnunet.org>2017-05-22 15:20:48 +0200
commit91e31719824ef0607dcb73d9a5c42d8687dca819 (patch)
tree7fbfcc74c92e152893f8db438944c1b7311b2159 /doc
parenta838af7dda84731e65e0da93d4568bd62b2d2e0c (diff)
downloadexchange-91e31719824ef0607dcb73d9a5c42d8687dca819.tar.gz
exchange-91e31719824ef0607dcb73d9a5c42d8687dca819.tar.bz2
exchange-91e31719824ef0607dcb73d9a5c42d8687dca819.zip
minor TODO
Diffstat (limited to 'doc')
-rw-r--r--doc/paper/taler.tex6
1 files changed, 4 insertions, 2 deletions
diff --git a/doc/paper/taler.tex b/doc/paper/taler.tex
index 8448ba767..ba4d3fa23 100644
--- a/doc/paper/taler.tex
+++ b/doc/paper/taler.tex
@@ -1408,7 +1408,9 @@ Diffie-Hellman key exchange on curve25519.
\begin{proof}
We work with the usual instantiation of the random oracle model as
returning a random string and placing it into a database for future
-queries.
+queries.
+% TODO: this paragraph seems superfluous since its kinda sucked into
+% the reference.
We have a shared secret $k$ derived from an ECDH from which we derive
the encryption key used in the old protocol to encrypt the new coin's
@@ -1418,7 +1420,7 @@ keyed by $k$. We can do this because first the data is encrypted and
second revealing the new coin's blinding factor or public or private
keys later reveals nothing about $k$, thanks to \cite[Theorem 4.1]{Rudich88}.
-After this modfication, our real KDF scheme with the KDF instantiated
+After this modification, our real KDF scheme with the KDF instantiated
by the random oracle $R$ gives the same result as our scheme that
encrypts data produced by $R$. We now observe the encryption has
becomes superfluous and may be omitted, as another party who learns