diff options
| author | Christian Grothoff <christian@grothoff.org> | 2018-09-29 10:18:19 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2019-01-15 17:24:46 +0100 |
| commit | e4556ffd22e3b7a3ed4bc8811de9e2b2d2d04d6a (patch) | |
| tree | a760e04b4cd7ba1f91c047101917e3312c18f68f /presentations | |
| parent | f3efbc58553931844cc21eae39561cecfe6d06db (diff) | |
| download | marketing-e4556ffd22e3b7a3ed4bc8811de9e2b2d2d04d6a.tar.gz marketing-e4556ffd22e3b7a3ed4bc8811de9e2b2d2d04d6a.tar.bz2 marketing-e4556ffd22e3b7a3ed4bc8811de9e2b2d2d04d6a.zip | |
simplify
Diffstat (limited to 'presentations')
| -rw-r--r-- | presentations/comprehensive/isac.tex | 360 |
1 files changed, 0 insertions, 360 deletions
diff --git a/presentations/comprehensive/isac.tex b/presentations/comprehensive/isac.tex index 3b5a722..5d1c3ed 100644 --- a/presentations/comprehensive/isac.tex +++ b/presentations/comprehensive/isac.tex @@ -712,366 +712,6 @@ But of course we use modern instantiations. \end{frame} -\begin{frame}{Diffie-Hellman (ECDH)} - \begin{minipage}{8cm} - \begin{enumerate} - \item Create private keys $c,t \mod o$ - \item Define $C = cG$ - \item Define $T = tG$ - \item Compute DH \\ $cT = c(tG) = t(cG) = tC$ - \end{enumerate} - \end{minipage} - \begin{minipage}{6cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (t) [def, draw=none] at (0,0) {$t$}; - \node (ct) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{dh.pdf}}; - \node (c) [def, draw=none, above left= of ct] {$c$}; - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (ct) -- (c) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (ct) -- (t) node [midway, above, sloped] (TextNode) {}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Strawman solution} - \begin{minipage}{8cm} - Given partially spent private coin key $c_{old}$: - \begin{enumerate} -% \item Let $C_{old} := c_{old}G$ (as before) - \item Pick random $c_{new} \mod o$ private key - \item $C_{new} = c_{new}G$ public key - \item Pick random $b_{new}$ - \item Compute $f_{new} := FDH(C_{new})$, $m < n$. - \item Transmit $f'_{new} := f_{new} b_{new}^e \mod n$ - \end{enumerate} - ... and sign request for change with $c_{old}$. - \end{minipage} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (blinded) [def, draw=none]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - \node (planchet) [def, draw=none, above left= of blinded] {\includegraphics[width=0.15\textwidth]{planchet.pdf}}; - \node (cnew) [def, draw=none, above= of planchet] {$c_{new}$}; - \node (bnew) [def, draw=none, above right= of blinded] {$b_{new}$}; - \node (dice1) [def, draw=none, above = of cnew]{\includegraphics[width=0.2\textwidth]{dice.pdf}}; - \node (dice2) [def, draw=none, above = of bnew]{\includegraphics[width=0.2\textwidth]{dice.pdf}}; - \node (exchange) [node distance=4em and 0.5em, draw, below =of blinded]{Exchange}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (cnew) -- (dice1) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (planchet) -- (cnew) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bnew) -- (dice2) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (planchet) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bnew) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped] (TextNode) {{\small transmit}}; - \end{tikzpicture} - \end{minipage} - \pause - \vfill - {\bf Problem: Owner of $c_{new}$ may differ from owner of $c_{old}$!} -\end{frame} - - -\begin{frame}{Customer: Transfer key setup (ECDH)} - \begin{minipage}{8cm} - Given partially spent private coin key $c_{old}$: - \begin{enumerate} - \item Let $C_{old} := c_{old}G$ (as before) - \item Create random private transfer key $t \mod o$ - \item Compute $T := tG$ - \item Compute $X := c_{old}(tG) = t(c_{old}G) = tC_{old}$ - \item Derive $c_{new}$ and $b_{new}$ from $X$ - \item Compute $C_{new} := c_{new}G$ - \item Compute $f_{new} := FDH(C_{new})$ - \item Transmit $f_{new}' := f_{new} b_{new}^e$ - \end{enumerate} - \end{minipage} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (t) [def, draw=none] at (0,0) {$t$}; - \node (dice) [def, draw=none, above = of t]{\includegraphics[width=0.2\textwidth]{dice.pdf}}; - \node (dh) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (d) [def, draw=none, above left= of dh] {$c_{old}$}; - \node (cp) [def, draw=none, below left= of dh] {$c_{new}$}; - \node (bp) [def, draw=none, below right= of dh] {$b_{new}$}; - \node (blinded) [def, draw=none, below right=of cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - \node (exchange) [node distance=4em and 0.5em, draw, below =of blinded]{Exchange}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped] (TextNode) {{\small transmit}}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Cut-and-Choose} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (t) [def, draw=none] at (0,0) {$t_1$}; - \node (dice) [def, draw=none, above = of t]{\includegraphics[width=0.2\textwidth]{dice.pdf}}; - \node (dh) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (d) [def, draw=none, above left= of dh] {$c_{old}$}; - \node (cp) [def, draw=none, below left= of dh] {$c_{new,1}$}; - \node (bp) [def, draw=none, below right= of dh] {$b_{new,1}$}; - \node (blinded) [def, draw=none, below right=of cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - \node (exchange) [node distance=4em and 0.5em, draw, below =of blinded]{Exchange}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped] (TextNode) {{\small transmit}}; - \end{tikzpicture} - \end{minipage} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (t) [def, draw=none] at (0,0) {$t_2$}; - \node (dice) [def, draw=none, above = of t]{\includegraphics[width=0.2\textwidth]{dice.pdf}}; - \node (dh) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (d) [def, draw=none, above left= of dh] {$c_{old}$}; - \node (cp) [def, draw=none, below left= of dh] {$c_{new,2}$}; - \node (bp) [def, draw=none, below right= of dh] {$b_{new,2}$}; - \node (blinded) [def, draw=none, below right=of cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - \node (exchange) [node distance=4em and 0.5em, draw, below =of blinded]{Exchange}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped] (TextNode) {{\small transmit}}; - \end{tikzpicture} - \end{minipage} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (t) [def, draw=none] at (0,0) {$t_3$}; - \node (dice) [def, draw=none, above = of t]{\includegraphics[width=0.2\textwidth]{dice.pdf}}; - \node (dh) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (d) [def, draw=none, above left= of dh] {$c_{old}$}; - \node (cp) [def, draw=none, below left= of dh] {$c_{new,3}$}; - \node (bp) [def, draw=none, below right= of dh] {$b_{new,3}$}; - \node (blinded) [def, draw=none, below right=of cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - \node (exchange) [node distance=4em and 0.5em, draw, below =of blinded]{Exchange}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (t) -- (dice) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (t) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (exchange) -- (blinded) node [midway, above, sloped] (TextNode) {{\small transmit}}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Exchange: Choose!} - \begin{center} - \item Exchange sends back random $\gamma \in \{ 1, 2, 3 \}$ to the customer. - \end{center} -\end{frame} - - -\begin{frame}{Customer: Reveal} - \begin{enumerate} - \item If $\gamma = 1$, send $t_2$, $t_3$ to exchange - \item If $\gamma = 2$, send $t_1$, $t_3$ to exchange - \item If $\gamma = 3$, send $t_1$, $t_2$ to exchange - \end{enumerate} -\end{frame} - - -\begin{frame}{Exchange: Verify ($\gamma = 2$)} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (h) [def, draw=none] at (0,0) {$t_1$}; - \node (dh) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (d) [def, draw=none, above left= of dh] {$C_{old}$}; - \node (cp) [def, draw=none, below left= of dh] {$c_{new,1}$}; - \node (bp) [def, draw=none, below right= of dh] {$b_{new,1}$}; - \node (blinded) [def, draw=none, below right=of cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (h) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {}; - \end{tikzpicture} - \end{minipage} - \begin{minipage}{4cm} - \ - \end{minipage} - \begin{minipage}{4cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (h) [def, draw=none] at (0,0) {$t_3$}; - \node (dh) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (d) [def, draw=none, above left= of dh] {$C_{old}$}; - \node (cp) [def, draw=none, below left= of dh] {$c_{new,3}$}; - \node (bp) [def, draw=none, below right= of dh] {$b_{new,3}$}; - \node (blinded) [def, draw=none, below right=of cp]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (dh) -- (d) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (h) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (cp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (blinded) -- (bp) node [midway, above, sloped] (TextNode) {}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Exchange: Blind sign change (RSA)} - \begin{minipage}{6cm} - \begin{enumerate} - \item Take $f_{new,\gamma}'$. - \item Compute $s' := f_{new,\gamma}'^d \mod n$. - \item Send signature $s'$. - \end{enumerate} - \end{minipage} - \begin{minipage}{6cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (hammer) [def, draw=none] at (0,0) {\includegraphics[width=0.15\textwidth]{hammer.pdf}}; - \node (signed) [def, draw=none, below left=of hammer]{\includegraphics[width=0.2\textwidth]{sign.pdf}}; - \node (blinded) [def, draw=none, above left=of signed]{\includegraphics[width=0.15\textwidth]{blinded.pdf}}; - \node (customer) [node distance=4em and 0.5em, draw, below =of signed]{Customer}; - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (signed) -- (hammer) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (signed) -- (blinded) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (customer) -- (signed) node [midway, above, sloped] (TextNode) {{\small transmit}}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Customer: Unblind change (RSA)} - \begin{minipage}{6cm} - \begin{enumerate} - \item Receive $s'$. - \item Compute $s := s' b_{new,\gamma}^{-1} \mod n$. - \end{enumerate} - \end{minipage} - \begin{minipage}{6cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 2em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (b) [def, draw=none] at (0,0) {$b_{new,\gamma}$}; - \node (coin) [def, draw=none, below left=of b]{\includegraphics[width=0.2\textwidth]{coin.pdf}}; - \node (signed) [def, draw=none, above left=of coin]{\includegraphics[width=0.15\textwidth]{sign.pdf}}; - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (coin) -- (b) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (coin) -- (signed) node [midway, above, sloped] (TextNode) {}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Exchange: Allow linking change} - \begin{minipage}{7cm} - \begin{center} - Given $C_{old}$ - - \vspace{1cm} - - return $T_\gamma$, $s := s' b_{new,\gamma}^{-1} \mod n$. - \end{center} - \end{minipage} - \begin{minipage}{5cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 3em and 0.5em, inner sep=0.5em, outer sep=.3em]; - \node (co) [def, draw=none] at (0,0) {$C_{old}$}; - \node (T) [def, draw=none, below left=of co]{$T_\gamma$}; - \node (sign) [def, draw=none, below right=of co]{\includegraphics[width=0.15\textwidth]{sign.pdf}}; - \node (customer) [def, draw, below right=of T] {Customer}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (T) -- (co) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (sign) -- (co) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (customer) -- (T) node [midway, above, sloped] (TextNode) {link}; - \draw [<-, C] (customer) -- (sign) node [midway, above, sloped] (TextNode) {link}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - -\begin{frame}{Customer: Link (threat!)} - \begin{minipage}{6.3cm} - \begin{enumerate} - \item Have $c_{old}$. - \item Obtain $T_\gamma$, $s$ from exchange - \item Compute $X_\gamma = c_{old}T_\gamma$ - \item Derive $c_{new,\gamma}$ and $b_{new,\gamma}$ from $X_\gamma$ - \item Unblind $s := s' b_{new,\gamma}^{-1} \mod n$ - \end{enumerate} - - \end{minipage} - \begin{minipage}{5.7cm} - \begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.5em and 0.5em, inner sep=0em, outer sep=.3em]; - \node (T) [def, draw=none] at (0,0) {$T_\gamma$}; - \node (exchange) [def, inner sep=0.5em, draw, above left=of T] {Exchange}; - \node (signed) [def, draw=none, below left=of T]{\includegraphics[width=0.15\textwidth]{sign.pdf}}; - \node (dh) [def, draw=none, below right=of T]{\includegraphics[width=0.2\textwidth]{ct.pdf}}; - \node (bp) [def, draw=none, below left= of dh] {$b_{new,\gamma}$}; - \node (co) [def, draw=none, above right= of dh] {$c_{old}$}; - \node (cp) [def, draw=none, below= of dh] {$c_{new,\gamma}$}; - \node (coin) [def, draw=none, below left = of bp]{\includegraphics[width=0.2\textwidth]{coin.pdf}}; - \node (psign) [def, node distance=2.5em and 0em, draw=none, below = of cp]{\includegraphics[width=0.2\textwidth]{planchet-sign.pdf}}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (dh) -- (co) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (dh) -- (T) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bp) -- (dh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (coin) -- (signed) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (coin) -- (bp) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (T) -- (exchange) node [midway, above, sloped] (TextNode) {link}; - \draw [<-, C] (signed) -- (exchange) node [midway, below, sloped] (TextNode) {link}; - \draw [<-, C, double] (psign) -- (cp) node [midway, below, sloped] (TextNode) {}; - \end{tikzpicture} - \end{minipage} -\end{frame} - - \begin{frame}{Refresh protocol summary} \begin{itemize} \item Customer asks exchange to convert old coin to new coin |