Minor improvements on the GGM proofs

thesis/sections/edggm.tex

@@ -1,8 +1,10 @@
 \section{The Ed-GGM}
 
-The subsequent section will determine specific bounds on the difficulty of particular variations of the discrete logarithm and one-more discrete logarithm problems introduced in previous proofs. These proofs are carried out in the generic group model. In the generic group model, group elements are represented as random bitstrings, and the adversary can only execute group operations by invoking an oracle.
+The following section gives specific bounds on the difficulty of certain variations of the discrete logarithm and one-more discrete logarithm problems introduced in the previous proofs. These proofs are given in the generic group model. In the generic group model, group elements are represented as random bit strings, and the adversary can only perform group operations by invoking an oracle.
 
-In order to establish a generic group model for twisted Edwards curves, it's essential to examine the group structure. As demonstrated in Section \ref{sec:sdlog_imlies_igame}, a twisted Edwards curve can be broken down into a collection of cyclic subgroups. The generating set for this twisted Edwards curve is defined as a set of generators for these cyclic subgroups. With a fixed generating set, every point on the twisted Edwards curve can be uniquely expressed as a linear combination of the generators in that set. Consequently, the adversary is given the entire generator set as the description of the twisted Edwards curve. Additionally, the adversary has access to a group operation oracle, GOp, which, when supplied with two labels and a bit indicating whether the group elements should be added or subtracted, outputs the label of the resulting group element.
+In order to build a generic group model for twisted Edwards curves, it's essential to examine the group structure. As shown in section \ref{sec:sdlog_imlies_igame}, a twisted Edwards curve can be decomposed into a collection of cyclic subgroups. The generating set for this twisted Edwards curve is defined as a set of generators for these cyclic subgroups. With a fixed generating set, any point on the twisted Edwards curve can be uniquely expressed as a linear combination of the generators in that set. Consequently, the adversary is given the entire generator set as a description of the twisted Edwards curve. In addition, the adversary has access to a group operation oracle, GOp, which, given two labels and a bit indicating whether the group elements should be added or subtracted, returns the label of the resulting group element.
+
+The labels are bit string of length $\lceil \log_2(L) \rceil$, with $L$ being the order of the group.
 
 \input{sections/edggm/sdlog}
 \input{sections/edggm/omdl}

thesis/sections/edggm/sdlog.tex

@@ -1,6 +1,6 @@
 \subsection{Bounds on \sdlog} \label{sec:sdlog}
 
-This section concentrates on establishing a lower bound for the hardness of a modified version of the discrete logarithm problem in the generic group model. This variation is introduced in definition \ref{def:sdlog} and functions similarly to the original discrete logarithm problem, with the exception of the secret scalar generation, which is derived from the EdDSA signature scheme's key generation algorithm. The subsequent proof is carried out in the generic group model for twisted Edwards curves.
+This section focuses on establishing a lower bound on the hardness of a modified version of the discrete logarithm problem in the generic group model. This variant is introduced in the definition \ref{def:sdlog} and works similarly to the original discrete logarithm problem, except for the secret scalar generation, which is derived from the key generation algorithm of the EdDSA signature scheme. The following proof is given in the generic group model for twisted Edwards curves.
 
 \begin{theorem}
 	\label{theorem:sdlog_ggm}