diff options
| author | Jeff Burdges <burdges@gnunet.org> | 2018-04-21 18:47:26 +0200 |
|---|---|---|
| committer | Jeff Burdges <burdges@gnunet.org> | 2018-04-21 18:47:26 +0200 |
| commit | 7b1ceb21c5464f7d2c76d97914b101deb639b713 (patch) | |
| tree | 601e478e2c4eb29e39c4942b52552368019d0715 /games | |
| parent | 4f892c80407d985bbc600fe65184ac62e00c065f (diff) | |
| download | papers-7b1ceb21c5464f7d2c76d97914b101deb639b713.tar.gz papers-7b1ceb21c5464f7d2c76d97914b101deb639b713.tar.bz2 papers-7b1ceb21c5464f7d2c76d97914b101deb639b713.zip | |
Explain proof better
Diffstat (limited to 'games')
| -rw-r--r-- | games/games.tex | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/games/games.tex b/games/games.tex index ba0ed58..778f756 100644 --- a/games/games.tex +++ b/games/games.tex @@ -764,16 +764,16 @@ a non-negligible advantage for winning the unforgeability game % \cite[Definition 3]{RSA-FDH-KTIvCTI} % or \cite[Definition 6.1]{OneMoreInversion}. % won by $\cal A$. -We let $C_{\ell+1}, \ldots, C_m$ denote all the spent coins arising +We assume $\cal A$ made at most $l$ withdrawal and refresh oracle +queries to obtain the $l+1$ coins $C_1, \ldots, C_\ell$ in the game. +Also let $C_{\ell+1}, \ldots, C_m$ denote all the spent coins arising from the operation of $\cal A$. % Also let $C_{m+1}, ..., C_n$ denote % the unsigned planchets used by refresh oracle call. % Now set $Y_i = FDA_N(C_i)$ for $0 \le i \le n$. % DISCUSS: We could exploit some of the power of RSA-CTI to dispose % of these planchets. I think this seems unnecessary, but maybe it % might refines our usage of ROM or something. -We know $\cal A$ made at most $l$ withdrawal and refresh oracle -queries to obtain the $l+1$ coins $C_1, \ldots, C_\ell$, so -$\cal A$ made at most $m$ withdrawal and refresh oracle +We now know $\cal A$ made at most $m$ withdrawal and refresh oracle queries to obtain the $m+1$ RSA signatures %, aka inversions, on the $Y_i := \textrm{FDH}_N(C_i)$ with $0 \le i \le m$. % |