IBE

chap-conclusion.tex

@@ -62,14 +62,14 @@ Thus, a natural question may be:
 \subsection*{Cryptographic Constructions}
 
 \begin{question}
-  Does an efficient trapdoor-free (H)IBE exists?
+  Does an efficient trapdoor-free \textsf{(H)IBE} exists?
 \end{question}
 
 For instance, in the group encryption scheme of~\cref{ch:ge-lwe}, trapdoors are used in two places.
 To have a secure public key encryption scheme under adaptive chosen-ciphertext attacks and for the signature scheme.
-Both these primitives are induced by identity-based encryption: the Canetti-Halevi-Katz transform generically turns an IBE into a \textsf{IND-CCA2} \PKE~\cite{CHK04}, and signatures are directly implied from \textsf{IND-CPA-}secure IBE~\cite{BF01,BLS01}.
+Both these primitives are induced by identity-based encryption: the Canetti-Halevi-Katz transform generically turns an \textsf{IBE} into a \textsf{IND-CCA2} \PKE~\cite{CHK04}, and signatures are directly implied from \textsf{IND-CPA-}secure \textsf{IBE}~\cite{BF01,BLS01}.
 %Actually, even the question of having a trapdoorless \textsf{IND-CCA2} public key encryption scheme still remains an open question.
-Actually, a recent construction from Brakerski, Lombardi, Segev and Vaikuntanathan~\cite{BLSV18} gives a candidate which relies on garble circuits, and is fairly inefficient compared to IBEs with trapdoors.
+Actually, a recent construction from Brakerski, Lombardi, Segev and Vaikuntanathan~\cite{BLSV18} gives a candidate which relies on garble circuits, and is fairly inefficient compared to \textsf{IBE}s with trapdoors.
 Even the question of an \textsf{IND-CCA2} public key encryption still does not have a satisfactory response. 
 The construction of Peikert and Waters~\cite{PW08} is indeed trapdoor-free, but is still less efficient than trapdoor-based ones.