diff options
authorChristian Grothoff <>2018-09-25 11:56:19 +0200
committerChristian Grothoff <>2018-09-25 11:56:19 +0200
commit525fc09dc5d69441ae4ccfb7c0e56669b7ec2bdb (patch)
parentc1dc251de5065984ad010801ef6b21c1e74e9f46 (diff)
alg not prot
1 files changed, 4 insertions, 4 deletions
diff --git a/taler-fc19/paper.tex b/taler-fc19/paper.tex
index 43b72ac..3fdc1ce 100644
--- a/taler-fc19/paper.tex
+++ b/taler-fc19/paper.tex
@@ -997,7 +997,7 @@ Using these primitives, we now instantiate the syntax:
signed commit message $(\V{sig}_1, \pi_1)$, the transfer public key
$T_\gamma$, the signature $\V{sig}_{3}$, the blinded signature $\overline{\sigma}_\gamma$, and the
transcript $\mathcal{T}_{(B*,\gamma)}$ of the customer's and exchange's messages
- during the \algo{Blind} protocol execution.
+ during the $\algo{Blind}^*_{BS}$ protocol execution.
The following logic is repeated by the customer for each response:
@@ -1006,15 +1006,15 @@ Using these primitives, we now instantiate the syntax:
\item Verify that $\V{sig}_1$ is a valid signature on $\pi_1$ by $\V{pkCoin}_0$, abort otherwise.
\item Re-compute the transfer secret and the new coin's key pair as
- x_\gamma &\leftarrow \algo{Kx}_{CSK}(\V{skCoin}_0, T_\gamma)\\
- (\V{skCoin}_\gamma, \V{pkCoin}_\gamma) &\leftarrow \algo{KeyGen}_{CSK}^*(x_\gamma, 1^\lambda).
+ x_\gamma &:= \algo{Kx}_{CSK}(\V{skCoin}_0, T_\gamma)\\
+ (\V{skCoin}_\gamma, \V{pkCoin}_\gamma) &:= \algo{KeyGen}_{CSK}^*(x_\gamma, 1^\lambda).
\item Simulate the blinding protocol with the message transcript received from the exchange to obtain
$(\overline{m}_\gamma, r_\gamma)$.
\item Check that $\algo{Verify}_{CSK}(\V{pkCoin}_0,
\V{pkD}_u, \V{skCoin}_0,(\mathcal{T}_{(B*,\gamma)}, \overline{m}_\gamma), \V{sig}_{3})$
indicates a valid signature, abort otherwise.
- \item Unblind the signature to obtain $\sigma_\gamma \leftarrow \algo{UnblindSig}(r_\gamma, \V{pkCoin}_\gamma, \overline{\sigma}_\gamma)$
+ \item Unblind the signature to obtain $\sigma_\gamma := \algo{UnblindSig}(r_\gamma, \V{pkCoin}_\gamma, \overline{\sigma}_\gamma)$.
\item (Re-)add the coin $(\V{skCoin}_\gamma, \V{pkCoin}_\gamma, \V{pkD}_u, \sigma_\gamma)$ to the customer's wallet.