Removed line numbers in figures
This commit is contained in:
@@ -15,7 +15,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\hrule
|
||||
\vspace{1mm}
|
||||
\large
|
||||
\begin{algorithmic}[1]
|
||||
\begin{algorithmic}
|
||||
\Statex \underline{\game \somdl}
|
||||
\State \textbf{for} $i \in \{1,2,...,N\}$
|
||||
\State \quad $a_i \randomsample \{ 2^{n-1}, 2^{n-1} + 2^c, ..., 2^{n} - 2^c \}$
|
||||
@@ -25,7 +25,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\State \Return $(a_1, a_2, ..., a_N) \test (a'_1, a'_2, ..., a'_N) \wedge I < N$
|
||||
\end{algorithmic}
|
||||
\vspace{2mm}
|
||||
\begin{algorithmic}[1]
|
||||
\begin{algorithmic}
|
||||
\Statex \underline{\oracle $DL(i \in \{1,2,...,N\})$}
|
||||
\vspace{1mm}
|
||||
\State $I \assign I + 1$
|
||||
@@ -41,7 +41,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\label{theorem:adv_omdl'}
|
||||
Let $\adversary{A}$ be an adversary against \igame with $\group{G}$ being a cyclic group of prime order $L$, making at most $\oraclequeries$ oracle queries. Then
|
||||
|
||||
\[ \advantage{\group{G},\adversary{A}}{\text{MU-\igame}}(\secparamter) \leq \advantage{\group{G},\adversary{B}}{\somdl}(\secparamter) + \frac{\oraclequeries N}{2^{-\log_2(\lceil \frac{2^{2b} - 1}{L} \rceil 2^{-2b})}} \].
|
||||
\[ \advantage{\group{G},\adversary{A}}{\text{MU-\igame}}(\secparamter) \leq \advantage{\group{G},\adversary{B}}{\somdl}(\secparamter) + \frac{\oraclequeries N}{2^{-\log_2(\lceil \frac{2^{2b} - 1}{L} \rceil 2^{-2b})}}. \]
|
||||
\end{theorem}
|
||||
|
||||
\paragraph{\underline{Proof Overview}} In the multi-user setting the adversary gets access to not only the generator $\groupelement{B}$ and one public key $\groupelement{A}$ but rather a set of public keys $\groupelement{A_1}$ to $\groupelement{A_N}$. For this reason the representation of a group element, the adversary has to provide looks the following: $\groupelement{R} = r_1 \groupelement{B} + r_2 \groupelement{A_1} + ... + r_{N+1} \groupelement{A_N}$. Since there are multiple group elements with unknown discrete logarithms it is not possible to directly calculate the discrete logarithm of one of the public keys given a valid forgery of a signature. Upon receiving a valid solution the \textit{DL} oracle can be used to get the discrete logarithm of all the public keys except the one for which the solution is valid. This way it again possible to construct a representation looking like $\groupelement{R} = r_1 \groupelement{B} + r_2 \groupelement{A_i}$. Then it is again possible to calculate the discrete logarithm of $\groupelement{A_i}$ and win the \somdl game.
|
||||
@@ -52,7 +52,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\hrule
|
||||
\large
|
||||
\vspace{1mm}
|
||||
\begin{algorithmic}[1]
|
||||
\begin{algorithmic}
|
||||
\Statex \underline{\game $G_0$ / \textcolor{blue}{$G_1$} / \textcolor{red}{$G_2$}}
|
||||
\State \textbf{for} $i \in \{1,2,...,N\}$
|
||||
\State \quad $a_i \randomsample \{2^{n-1}, 2^{n-1} + 2^c, ..., 2^n - 2^c\}$
|
||||
@@ -61,7 +61,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\State \Return $\exists (\groupelement{R}^*, \ch^*) \in \pset{Q}, i \in \{1,2,...,N\}: \groupelement{R}^* = 2^c s^* \groupelement{B} - 2^c \ch^* \groupelement{A_i}$
|
||||
\end{algorithmic}
|
||||
\vspace{2mm}
|
||||
\begin{algorithmic}[1]
|
||||
\begin{algorithmic}
|
||||
\Statex \underline{\oracle \ioracle($\agmgroupelement{R}{r} \in \group{G}$)}
|
||||
\State Let $\groupelement{R} = r_1 \groupelement{B} + r_2 \groupelement{A_1} + ... + r_{N+1} \groupelement{A_N}$
|
||||
\State $\ch \randomsample \{0,1\}^{2b}$
|
||||
@@ -105,7 +105,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\hrule
|
||||
\large
|
||||
\vspace{1mm}
|
||||
\begin{algorithmic}[1]
|
||||
\begin{algorithmic}
|
||||
\Statex \underline{\textbf{Adversary} $\adversary{B}^{\textit{DL}(\inp)}(\groupelement{A_1}, \groupelement{A_2}, ..., \groupelement{A_N})$}
|
||||
\State $s^* \randomassign \adversary{A}^{\ioracle(\inp)}(\groupelement{A_1}, \groupelement{A_2}, ..., \groupelement{A_N})$
|
||||
\State \textbf{If} $\nexists (\agmgroupelement{R^*}{r^*}, \ch^*) \in Q, i \in \{1,2,...,N\}: \groupelement{R^*} = 2^c s^* \groupelement{B} - 2^c \ch^* \groupelement{A_i}$ \textbf{then}
|
||||
@@ -121,7 +121,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
|
||||
\State \Return $(a_1, a_2, ..., a_N)$
|
||||
\end{algorithmic}
|
||||
\vspace{2mm}
|
||||
\begin{algorithmic}[1]
|
||||
\begin{algorithmic}
|
||||
\Statex \underline{\oracle \ioracle($\agmgroupelement{R}{r} \in \group{G}$)}
|
||||
\vspace{1mm}
|
||||
\State Let $\groupelement{R} = r_1 \groupelement{B} + r_2 \groupelement{A_1} + ... + r_{N+1} \groupelement{A_N}$
|
||||
|
||||
Reference in New Issue
Block a user