Corrections

chap-conclusion.tex

@@ -2,18 +2,18 @@
 \section %hack for vim-latexsuite
 \end{comment}
 
-In this thesis, we presented new cryptographic schemes that relies on lattice or pairing assumptions.
+In this thesis, we presented new cryptographic schemes that rely on lattice or pairing assumptions.
 These contributions focus on the design and analysis of new cryptographic schemes that target privacy-preserving applications.
 
-In pairing-related cryptography, we propose a practical dynamic group signature scheme, for which security is well understood.
-It relies on broadly used assumptions with simple statements that exists for more than ten years.
-This work is also supported by an implementation in C.
+In pairing-based cryptography, we propose a practical dynamic group signature scheme, for which security is well understood.
+It relies on broadly used assumptions with simple statements which exist for more than ten years.
+This work is also supported by an implementation in \texttt{C}.
 
-Our work in the lattice work give rise of three fundamental schemes that were missing in the landscape of lattice-based privacy-preserving primitives.
+Our work in the lattice setting gives rise to three fundamental schemes that were missing in the landscape of lattice-based privacy-preserving cryptography.
 Even if these schemes suffer from some efficiency issues due to their novelty, we do believe that it's one step toward a quantum-secure privacy-friendly world.
 
-In the way of doing it, improvements have been made in the state of zero-knowledge proofs in the lattice setting as well as providing building blocks that, we believe, are of independent interest.
-As of our signature with efficient protocols, which have been used to provide a lattice-based e-cash system~\cite{LLNW17}.
+In the way of doing it, improvements have been made in the state of the art of zero-knowledge proofs in the lattice setting as well as providing building blocks that, we believe, are of independent interest.
+As of our signature with efficient protocols, it has already been used to design a lattice-based e-cash system~\cite{LLNW17}.
 
 All these works are proven under strong security model within simple assumptions.
 This made a breeding ground for new theoretical constructions, as well as going toward practicality.
@@ -21,16 +21,16 @@ This made a breeding ground for new theoretical constructions, as well as going
 \section*{Open Problems}
 
 The path of providing new cryptographic primitives and proving them is disseminated with pitfalls.
-The most obvious questions that stem from this work are about how to tackle the compromises we made in the design of those primitives.
+The most obvious questions that stem from this work are about how to tackle the trade-offs we made in the design of those primitives.
 
 \begin{question}
   Is it possible to build an adaptive oblivious transfer with access control secure under $\LWE$ with polynomially large modulus?
 \end{question}
 
 In other words, is it possible to avoid the use of smudging to guarantee message-privacy in the oblivious transfer scheme of~\cref{ch:ot-lwe}.
-As is, this problem arises from the use of Regev's encryption scheme, which does not guarantee this message privacy.
+As is, this issue arises from the use of Regev's encryption scheme, which does not guarantee this message privacy.
 However, finer analysis on GSW ciphertexts~\cite{GSW13} seems promising to achieve this at reasonable cost~\cite{BDPMW16}.
-Then, the main difficulty is to have compatible zero-knowledge proof with the access control and the encryption layers.
+Then, the main difficulty is to have zero-knowledge proofs compatible with the access control and the encryption layers.
 
 \subsection*{Zero-Knowledge Proofs}
 
@@ -39,7 +39,7 @@ Then, the main difficulty is to have compatible zero-knowledge proof with the ac
 \end{question}
 
 Extending the work of Groth, Ostrovsky and Sahai~\cite{GOS06} in the lattice setting would be a great improvement for lattice-based privacy-preserving cryptography.
-Recent line of work goes toward this direction~\cite{RSS18}, but relies on non-existing primitive yet ($\NIZK$ proofs for a variant of the bounded decoding distance problem).
+Recent line of work goes toward this direction~\cite{RSS18}, but relies on primitives that do not exist yet ($\NIZK$ proofs for a variant of the bounded decoding distance problem).
 
 The Stern-like proof system we work on in during this thesis, despite being flexible enough to prove a large variety of statements, suffers from the stiffness of being combinatorial.
 The choice of permutations used to ensure zero-knowledgeness (and so witness-indistinguishability) is quite strict, and force the challenge space to be ternary.
@@ -73,8 +73,8 @@ Actually, even the question of having a trapdoorless \textsf{IND-CCA2} public ke
   Can we achieve better security proofs for cryptographic schemes?
 \end{question}
 
-Our work during this thesis also focus on the proof of cryptographic schemes.
+Our work during this thesis also focuses on the security proofs of cryptographic schemes.
 As explained in~\cref{ch:proofs}, it is important to rely on simple assumptions to prove strong security notions.
-Given the advances in cryptographic proofs~\cite{Hof16,KMP16,Hof17}, it is now possible to attain stronger security notions than what was claim before~\cite{DSYC18}.
-Another line of work looks at the quality of the reduction, aiming for \textit{tight security}~\cite{GHKW16,AHN+17}.
-This improves the understanding of the link between the cryptographic scheme and the security assumption, leading to more reliable schemes.
+Given recent advances in cryptographic proofs~\cite{Hof16,KMP16,Hof17}, it is now possible to attain stronger security notions than what was claim before~\cite{DSYC18}.
+Another line of work targets the quality of the reduction, aiming for \textit{tight security}~\cite{GHKW16,AHN+17}.
+This improves the understanding of the links between cryptographic schemes and security assumptions, leading to more reliable constructions.