From 7ab5f8759ff93e8152b88eda5e14fad7a925c43f Mon Sep 17 00:00:00 2001 From: Jeff Burdges Date: Sat, 15 Sep 2018 15:41:28 +0200 Subject: Add sigma to blindness property --- taler-fc19/paper.tex | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'taler-fc19') diff --git a/taler-fc19/paper.tex b/taler-fc19/paper.tex index fde7bf4..8ea12ed 100644 --- a/taler-fc19/paper.tex +++ b/taler-fc19/paper.tex @@ -780,10 +780,20 @@ We require the following two security properties for $\textsc{BlindSign}$: \begin{itemize} \item \emph{blindness}: Let $M$ be the set of all possible messages and $\overline{M}$ be the set of all possible blinded messages. Then the distribution of - \[ \left\{ (m, \overline{m}) \,\middle| m\, \randsel M, \overline{m} \leftarrow \algo{Blind}_{BS}(\mathcal{S}(\V{sk}), m) \right\} \] + \[ \left\{ (m, \simga, \overline{m}, \overline{\simga}) \,\middle| + m\, \randsel M, + \overline{m} \leftarrow \algo{Blind}_{BS}(\mathcal{S}(\V{sk}), m), + \overline{\simga} \leftarrow \algo{Sign}_{BS}(\V{sk}, \overline{m}), + \sigma \leftarrow \algo{UnblindSig}_{BS}(r, m, \overline{\sigma}) + \right\} \] must be computationally indistinguishable from - \[ \left\{ (m, x) \,\middle|\, m \randsel M, x \randsel \overline{M} \right\}. \] + \[ \left\{ (m, \simga, x, \simga_x) \,\middle|\, + m \randsel M, + \sigma \eftarrow \algo{UnblindSig}_{BS}(r, m, \algo{Sign}_{BS}(\V{sk}, \algo{Blind}_{BS}(\mathcal{S}(\V{sk}), m)) ) + x \randsel \overline{M}, + \sigma_x \leftarrow \algo{UnblindSig}_{BS}(r, x, \algo{Sign}_{BS}(\V{sk}, \algo{Blind}_{BS}(\mathcal{S}(\V{sk}), x)) ) + \right\}. \] \item \emph{unforgeability}: An adversary that requests $k$ signatures with $\algo{Sign}_{BS}$ is unable to produce $k+1$ valid signatures with non-negligible probability. \end{itemize} -- cgit v1.2.3