5-results.tex (7504B)
1 \section{\faIcon{gem} Results} 2 % Discussion 3 \begin{frame}{\faIcon{gem} Security Assumptions} 4 \framesubtitle{RSA Blind Signature's \& Clause Blind Schnorr Signature's} 5 Scheme comparison: 6 \begin{itemize} 7 \item \faIcon{hashtag} Number of blinding secrets 8 \item \faIcon{exchange-alt} Number of round trips 9 \item \faIcon{calculator} CS signatures do most computations twice 10 \end{itemize} 11 Security assumptions 12 \begin{itemize} 13 \item Both Schemes are considered \textbf{perfectly blind} 14 \item RSA depends on factoring large numbers being hard. 15 \item Schnorr Signatures depends on computing the discrete logarithm being hard 16 \item Clause Blind Schnorr Signatures additionally rely on the modified ROS problem being hard 17 \item ROS is a recent research topic, and not as well researched 18 \end{itemize} 19 \end{frame} 20 21 \begin{frame}{\faIcon{gem} CPU Performance} 22 \begin{center} 23 \resizebox{0.7\textwidth}{!}{\begin{minipage}{\textwidth} 24 \begin{bfhBox}[BFH-MediumBlue]{Setup} 25 CPU: 8-core AMD Ryzen 7 PRO 5850U \\ 26 OS: Ubuntu 21.10 Linux 5.13.0-25-generic \\ 27 \end{bfhBox} 28 \end{minipage}} 29 \resizebox{0.8\textwidth}{!}{\begin{minipage}{\textwidth} 30 \vspace{0.5cm} 31 \begin{table}[ht] 32 \centering 33 \colorlet{BFH-table}{BFH-MediumBlue!10} 34 \colorlet{BFH-tablehead}{BFH-MediumBlue!50} 35 \setupBfhTabular 36 \begin{tabular}{lrrr} 37 \rowcolor{BFH-tablehead} 38 \textbf{Operation} & \textbf{CS} & \textbf{RSA 1024 bit} & \textbf{RSA 3072 bit} \\\hline 39 10x key generation & 0.204 ms & 126 ms & 2684 ms \\\hline 40 10x blind & 3.870 ms & 1.282 ms & 5 ms \\\hline 41 10x signing & 0.077 ms & 7 ms & 86 ms \\\hline 42 10x unblinding & 0.001 ms & 2.991 ms & 24 ms \\\hline 43 10x verifying & 1.358 ms & 0.876 ms & 3.075 ms \\\hline 44 \end{tabular} 45 \end{table} 46 \end{minipage}} 47 \end{center} 48 \end{frame} 49 50 \begin{frame}{\faIcon{gem} Disk Space \& Bandwidth} 51 \begin{center} 52 Signatures: {\footnotesize $\langle s,R \rangle$}\\ 53 54 \vspace{0.2cm} 55 \resizebox{0.65\textwidth}{!}{\begin{minipage}{\textwidth} 56 \begin{table}[ht] 57 \centering 58 \colorlet{BFH-table}{BFH-MediumBlue!10} 59 \colorlet{BFH-tablehead}{BFH-MediumBlue!50} 60 \setupBfhTabular 61 \begin{tabular}{lccr} 62 \rowcolor{BFH-tablehead} 63 \textbf{Signature Scheme} & \textbf{Disk Space} & \textbf{Factor} & \textbf{Disk Space 1M signatures} \\\hline 64 CS & 512 bits & 1x & 64 MB \\\hline 65 RSA 1024 bit & 1024 bits & 2x & 128 MB \\\hline 66 RSA 2048 bit & 2048 bits & 4x & 256 MB \\\hline 67 RSA 3072 bit & 3072 bits & 6x & 384 MB \\\hline 68 RSA 4096 bit & 4096 bits & 8x & 512 MB \\\hline 69 \end{tabular} 70 \end{table} 71 \end{minipage}} 72 \\Wallet disk space: {\footnotesize $\langle c_s,s,R_0,R_1,D_p \rangle$}\\ 73 74 \vspace{0.2cm} 75 \resizebox{0.65\textwidth}{!}{\begin{minipage}{\textwidth} 76 \begin{table}[ht] 77 \centering 78 \colorlet{BFH-table}{BFH-MediumBlue!10} 79 \colorlet{BFH-tablehead}{BFH-MediumBlue!50} 80 \setupBfhTabular 81 \begin{tabular}{lccr} 82 \rowcolor{BFH-tablehead} 83 \textbf{Signature Scheme} & \textbf{Disk Space} & \textbf{Factor} & \textbf{Disk Space 1M coins} \\\hline 84 CS 256 bits & 150 bytes & 1x & 160 MB \\\hline 85 RSA 1024 bit & 416 bytes & 2.6x & 416 MB \\\hline 86 RSA 2048 bit & 800 bits & 5x & 800 MB \\\hline 87 RSA 3072 bit & 1184 bits & 7.4x & 1184 MB \\\hline 88 RSA 4096 bit & 1568 bits & 9.8x & 1568 MB \\\hline 89 \end{tabular} 90 \end{table} 91 \end{minipage}} 92 \end{center} 93 \end{frame} 94 95 \begin{frame}{\faIcon{gem} Latency} 96 \begin{itemize} 97 \item CS introduces an additional round trip 98 \item A coin should not be spent immediately after withdrawal or refresh 99 \item Additional round trip is therefore \textit{negligible} 100 \end{itemize} 101 \end{frame} 102 103 \begin{frame}{\faIcon{gem} Comparison Conclusion} 104 \begin{itemize} 105 \item \faIcon{bolt} CS has overall better performance regarding speed, disk space and bandwidth 106 \item \faIcon{exchange-alt} Additional round-trip is negligible 107 \item \faIcon{calculator} CS has an additional, newer security assumption called ROS 108 \item \faIcon{bomb} Risk can be calculated and capped by denomination key lifetime 109 \end{itemize} 110 % Risk etc. 111 % better overall 112 \end{frame} 113 114 \begin{frame}{\faIcon{gem} Acknowledgement} 115 \begin{itemize} 116 \item Christian Grothoff 117 \item Jeffrey Burdges 118 \item Jacob Appelbaum 119 \item Florian Dold 120 \vspace{0.5cm} 121 {\\We would also like to thank Mr. Benoist and Mr. Voisard for the guidance during our thesis.} 122 \end{itemize} 123 \end{frame} 124 125 \begin{frame}{\faIcon{gem} Future Work} 126 \begin{itemize} 127 \item Refresh and other protocols (tipping, deposit, refund, etc.) 128 \item Wallet 129 \item Merchant 130 \item Security Audit 131 \item CS implementation on other curves 132 \item Exchange API documentation 133 \item Exchange operator guideline for when to use CS 134 \end{itemize} 135 \end{frame} 136 137 \begin{frame}{\faIcon{gem} Personal Conclusion} 138 \begin{itemize} 139 \item \faIcon{sort-amount-down-alt} From high-level down to code 140 \item \faIcon{swimmer} Challenging at times, pushed through with persistence 141 \item \faIcon{wind} Motivation grew with every completed step 142 \item \faIcon{code} C: 143 \begin{itemize} 144 \item Respect from it, but went well (cough macros cough) 145 \item Well designed APIs 146 \item Integrate new variables without RSA-counterpart 147 \end{itemize} 148 \item \faIcon{piggy-bank} Hope to pay with own code in the future! 149 \end{itemize} 150 \end{frame}