fmouhart/thesis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Typos

Browse Source
This commit is contained in:
Fabrice Mouhartem 2018-06-14 18:14:38 +02:00
parent fda27d8a06
commit f79065eb70
2 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
chap-ZK.tex
View File

@ -267,7 +267,7 @@ Quasi-adaptive \NIZK (\QANIZK)~\cite{JR13} are \NIZK where the common reference
\end{figure}
\index{Zero Knowledge!Schnorr's protocol}
Schnorr's methodology to construct proofs is based on the $\Sigma$-protocol technique to design zero-knowledge proofs.
Schnorr's methodology~\cite{Sch96} to construct proofs is based on the $\Sigma$-protocol technique to design zero-knowledge proofs.
It has been introduced in order to prove the knowledge of a discrete logarithm (which can bee seen at the relation $R_{\mathsf{dlog}} = \{ (h, a) \in \GG \times \ZZ_p \mid h = g^a \}$ with $\GG = \langle g \rangle$ be a cyclic group of prime order $p > 2$) and is described in Figure~\ref{fig:schnorr-dlog}.
An interpretation of this methodology is the following: given a commitment scheme $(\Setup, \Commit, \Verify)$, where the randomness $r$ used in $\Commit$ is made explicit, the first move of the prover $P$ consists in binding the randomness used in the commitment scheme $r$ using the transmitted value $\rho = g^r$, then the verifier asks the prover to commit to a challenge message $c$ using the randomness carried by $\rho$, and the prover sends the opening for this commitment $\open$.

3
chap-sigmasig.tex
View File

@ -2,9 +2,8 @@
% \addcontentsline{tof}{chapter}{\protect\numberline{\thechapter} Signatures de groupe dynamique à base de couplages}
% \label{ch:sigmasig}
%-------------------------------------------------
In this chapter, we aim at lifting the \textit{signature with efficient protocols} from~\cite{LPY15} into the random oracle model in order to get an efficient construction~\cite{BR93}.
Signatures with efficient protocols in the Camenish and Lysyanskaya fashion~\cite{CL04a} are digital signatures which come with companion zero-knowledge proofs that allow a signature holder to prove knowledge of the signature of a commited message as well as proving possession of a hidden message-signature pair in a zero-knowledge manner.
Signatures with efficient protocols in the Camenish and Lysyanskaya fashion~\cite{CL04a} are digital signatures which come with two companion protocols: a protocol whereby a signer can obliviously sign a committed message known only to the user and a zero-knowledge proof to efficiently attest possession of a hidden message-signature pair.
This building block proved useful in the design of many efficient anonymity-related protocols such as anonymous credentials~\cite{Cha85,CL01}, which are similar to group signatures except that anonymity is irrevocable (meaning that there is no opening authority).
In other words, an anonymous credential scheme involves one (or more) credential issuer(s) and a set of users who have a long term secret key which can be seen as their digital identity, and pseudonyms that can be seen as commitments to their secret key.