diff options
author | Florian Dold <florian.dold@gmail.com> | 2018-09-25 16:05:41 +0200 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2018-09-25 16:05:41 +0200 |
commit | 0e5c388866db068a9dec4f80c81a10ca427c078e (patch) | |
tree | 1c480e5e6dfbd74cca84e9ca15513b6da791fa4b /taler-fc19 | |
parent | ec02729cee5d9a3df253d090e9834c18603e63fc (diff) | |
download | papers-0e5c388866db068a9dec4f80c81a10ca427c078e.tar.gz papers-0e5c388866db068a9dec4f80c81a10ca427c078e.tar.bz2 papers-0e5c388866db068a9dec4f80c81a10ca427c078e.zip |
typos
Diffstat (limited to 'taler-fc19')
-rw-r--r-- | taler-fc19/paper.tex | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/taler-fc19/paper.tex b/taler-fc19/paper.tex index 1200ae7..7d34165 100644 --- a/taler-fc19/paper.tex +++ b/taler-fc19/paper.tex @@ -805,14 +805,14 @@ We require the following security properties to hold for $\textsc{CoinSignKx}$: \item \emph{key exchange completeness}:
Any probabilistic polynomial-time adversary has only negligible chance to find
- a degenerate key pair $(\V{sk}_A, \V{sk}_B)$ such that for some
+ a degenerate key pair $(\V{sk}_A, \V{pk}_A)$ such that for some
honestly generated key pair
$(\V{sk}_B, \V{pk}_B) \leftarrow \algo{KeyGen}_{CSK}(1^\lambda)$
the key exchange fails, that is
\begin{equation*}
\algo{Kex}_{CSK}(\V{sk}_A, \V{pk}_B) \neq \algo{Kex}_{CSK}(\V{sk}_B, \V{pk}_A),
\end{equation*}
- but the adversary can still produce a pair $(m, \sigma)$ such that $\algo{Verify}_{BS}(\V{pk}_A, m, \sigma) = 1$.
+ while the adversary can still produce a pair $(m, \sigma)$ such that $\algo{Verify}_{BS}(\V{pk}_A, m, \sigma) = 1$.
\item \emph{key exchange security}: The output of $\algo{Kx}_{CSK}$ must be computationally
indistinguishable from a random shared secret of the same length, for inputs that have been
|