commit 7f143ee9658354204a710adbdf311a21de687e19
parent c82f2416def906165370bb5975ed54d8b9049463
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 11 Dec 2022 10:48:23 +0100
-spacing
Diffstat:
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/presentations/comprehensive/main.tex b/presentations/comprehensive/main.tex
@@ -1602,7 +1602,7 @@ with the following goals:
\begin{frame}{Formal Function Signatures}
-\small
+\small
Searching for functions \uncover<2->{with the following signatures}
\begin{align*}
&\bf \Commit\uncover<2->{:
@@ -1707,9 +1707,9 @@ Searching for functions \uncover<2->{with the following signatures}
Simple use of $\Derive()$ and $\Compare()$ is problematic.
\begin{itemize}
- \item<2-> Calling $\Derive()$ iteratively generates sequence
+ \item<2-> Calling $\Derive()$ iteratively generates sequence
$(\commitment_0, \commitment_1, \dots)$ of commitments.
- \item<2-> Exchange calls $\Compare(\commitment_i, \commitment_{i+1}, .)$
+ \item<2-> Exchange calls $\Compare(\commitment_i, \commitment_{i+1}, .)$
\item[$\implies$]\uncover<3->{\bf Exchange identifies sequence}
\item[$\implies$]\uncover<3->{\bf Unlinkability broken}
\end{itemize}
@@ -1723,14 +1723,14 @@ Searching for functions \uncover<2->{with the following signatures}
Sketch:
\small
\begin{enumerate}
- \item $\Child$ derives commitments $(\commitment_1,\dots,\commitment_\kappa)$
+ \item $\Child$ derives commitments $(\commitment_1,\dots,\commitment_\kappa)$
from $\commitment_0$ \\
by calling $\Derive()$ with blindings $(\beta_1,\dots,\beta_\kappa)$
\item $\Child$ calculates $h_0:=H\left(H(\commitment_1, \beta_1)||\dots||H(\commitment_\kappa, \beta_\kappa)\right)$
\item $\Child$ sends $\commitment_0$ and $h_0$ to $\Exchange$
\item $\Exchange$ chooses $\gamma \in \{1,\dots,\kappa\}$ randomly
\item $\Child$ reveals $h_\gamma:=H(\commitment_\gamma, \beta_\gamma)$ and all $(\commitment_i, \beta_i)$, except $(\commitment_\gamma, \beta_\gamma)$
- \item $\Exchange$ compares $h_0$ and
+ \item $\Exchange$ compares $h_0$ and
$H\left(H(\commitment_1, \beta_1)||...||h_\gamma||...||H(\commitment_\kappa, \beta_\kappa)\right)$\\
and evaluates $\Compare(\commitment_0, \commitment_i, \beta_i)$.
\end{enumerate}
@@ -1803,7 +1803,7 @@ Searching for functions \uncover<2->{with the following signatures}
% \item[$\Child$:]
% \begin{enumerate}
% \setcounter{enumi}{7}
-%
+%
% \scriptsize
% \itemsep0.3em
% \item $h'_\gamma \leftarrow \Hash(\commitment_\gamma, \beta_\gamma)$
@@ -1830,7 +1830,7 @@ Searching for functions \uncover<2->{with the following signatures}
\begin{frame}{Basic Requirements}
- Candidate functions
+ Candidate functions
\[ (\Commit, \Attest, \Verify, \Derive, \Compare) \]
must first meet \textit{basic} requirements:
@@ -1850,7 +1850,7 @@ Searching for functions \uncover<2->{with the following signatures}
\begin{align*}
\Forall_{\age\in\N_\Age \atop \omega \in \Omega}:
\Commit(\age, \omega) =: (\commitment, \pruf)
- \implies
+ \implies
\Attest(\minage, \commitment, \pruf) =
\begin{cases}
\attest \in \Attests, \text{ if } \minage \leq \age\\
@@ -1962,9 +1962,9 @@ Searching for functions \uncover<2->{with the following signatures}
\[\langle(q_1, p_1),\dots,(q_\Age,p_\Age)\rangle\]
\item<3-> Guardian then \textbf{drops} all private keys
$p_i$ for $i > \age$:
- \[\Big \langle(q_1, p_1),\dots,
- (q_\age, p_\age),
- (q_{\age +1}, \red{\Nil}),\dots,
+ \[\Big \langle(q_1, p_1),\dots,
+ (q_\age, p_\age),
+ (q_{\age +1}, \red{\Nil}),\dots,
(q_\Age, \red{\Nil})\Big\rangle\]
\begin{itemize}
@@ -1981,7 +1981,7 @@ Searching for functions \uncover<2->{with the following signatures}
\begin{frame}{Instantiation with ECDSA}
\framesubtitle{Definitions of Attest and Verify}
- Child has
+ Child has
\begin{itemize}
\item ordered public-keys $\Vcommitment = (q_1, \dots, q_\Age) $,
\item (some) private-keys $\Vpruf = (p_1, \dots, p_\age, \Nil, \dots, \Nil)$.
@@ -1994,7 +1994,7 @@ Searching for functions \uncover<2->{with the following signatures}
\vfill
\uncover<3->{
- Merchant gets
+ Merchant gets
\begin{itemize}
\item ordered public-keys $\Vcommitment = (q_1, \dots, q_\Age) $
\item Signature $\sigma$
@@ -2009,8 +2009,8 @@ Searching for functions \uncover<2->{with the following signatures}
\begin{frame}{Instantiation with ECDSA}
\framesubtitle{Definitions of Derive and Compare}
- Child has
- $\Vcommitment = (q_1, \dots, q_\Age) $ and
+ Child has
+ $\Vcommitment = (q_1, \dots, q_\Age) $ and
$\Vpruf = (p_1, \dots, p_\age, \Nil, \dots, \Nil)$.
\begin{description}
\item<2->[To \blue{Derive} new $\Vcommitment'$ and $\Vpruf'$:]
@@ -2053,7 +2053,7 @@ Searching for functions \uncover<2->{with the following signatures}
% \begin{frame}{Instantiation with ECDSA}
% \framesubtitle{Full definitions}
% \scriptsize
-%
+%
% \begin{align*}
% \Commit_{E,\FDHg{\cdot}}(\age, \omega) &:= \Big\langle
% \overbrace{(q_1,\ldots,q_\Age)}^{= \Vcommitment},\;
@@ -2113,7 +2113,7 @@ Searching for functions \uncover<2->{with the following signatures}
\framesubtitle{Binding age restriction to coins}
To bind an age commitment $\commitment$ to a coin $C_p$, instead of
- signing $\FDH(C_p)$, $\Exchange$ now blindly signs
+ signing $\FDH(C_p)$, $\Exchange$ now blindly signs
\begin{center}
$\FDH(C_p, \orange{H(\commitment)})$
\end{center}
@@ -2191,7 +2191,7 @@ Searching for functions \uncover<2->{with the following signatures}
\begin{frame}{Related Work}
\begin{itemize}
\item Current privacy-perserving systems all based on attribute-based credentials (Koning et al., Schanzenbach et al., Camenisch et al., Au et al.)
- \item Attribute-based approach lacks support:
+ \item Attribute-based approach lacks support:
\begin{itemize}
\item Complex for consumers and retailers
\item Requires trusted third authority
