[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] manuscripts/Sigs article.rst
From: |
Tuomas J. Lukka |
Subject: |
[Gzz-commits] manuscripts/Sigs article.rst |
Date: |
Thu, 05 Jun 2003 09:05:52 -0400 |
CVSROOT: /cvsroot/gzz
Module name: manuscripts
Changes by: Tuomas J. Lukka <address@hidden> 03/06/05 09:05:52
Modified files:
Sigs : article.rst
Log message:
First alterations
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.160&tr2=1.161&r1=text&r2=text
Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.160 manuscripts/Sigs/article.rst:1.161
--- manuscripts/Sigs/article.rst:1.160 Tue May 20 05:34:57 2003
+++ manuscripts/Sigs/article.rst Thu Jun 5 09:05:51 2003
@@ -122,6 +122,11 @@
One-time Signature Key Boosting
===============================
+.. raw:: latex
+
+ \def\hash{{\bf H}}
+ \def\orac{{\bf R}}
+
Our scheme is a construction based on 1) a `$q$`-time signature
scheme, and 2) a random oracle function. We generally assume
that the random oracle is the same hash function (e.g. SHA-1 [fips-sha1]_)
@@ -131,7 +136,7 @@
Other choices such as BiBa [perrig01biba]_
are possible, but not evaluated in this article.
-The private key for the key boosted scheme is a random number
+The private key for the key boosted scheme is a random number `$K$`
from which a private key for the underlying
one-time-signature primitive can be generated
using the random oracle.
@@ -140,18 +145,18 @@
To generate a signature for the message `$m$`,
we first set `$p$` to the first private key
-generated by the random oracle.
+generated by the random oracle: `$p = \orac(K)$`.
Then, we iterate over the following steps `$N$` times:
-1. Choose the tree branch `$x \\in [1,q]$`.
+1. Use the random oracle to generate the `$q$` new private keys:
+ `$(p_1, p_2, ... p_q) = \orac(p)$`.
+
+2. Choose the tree branch `$x \\in [1,q]$`.
The exact algorithm for making this
choice parametrizes the algorithm; possible choices are discussed
below.
-2. Use the random oracle to generate the `$x$th` new private key
- `$p_x$`, based on `$p$`.
-
-3. Sign the corresponding public key with `$p$`. This does
+3. Sign the `$x$`th private key `$p_x$` with `$p$`. This does
not present
a problem for the `$q$`-time signature algorithm, since
the random oracle is deterministic and
- [Gzz-commits] manuscripts/Sigs article.rst,
Tuomas J. Lukka <=