Started EdDSA section

docker/Dockerfile

@@ -1,6 +1,6 @@
 FROM pandoc/latex
 
 RUN apk update && apk add texlive ghostscript
-RUN tlmgr install koma-script xpatch enumitem preprint braket algorithm2e ifoddpage relsize cancel cite
+RUN tlmgr install koma-script xpatch enumitem preprint braket algorithm2e ifoddpage relsize cancel cite algpseudocodex algorithmicx fifo-stack varwidth tabto-ltx totcount tikzmark
 
 CMD /bin/bash

thesis/Abschlussarbeit.tex

@@ -1,3 +1,4 @@
+% !TeX spellcheck = en_US
 \documentclass[
 a4paper,
 11pt, 
@@ -9,6 +10,7 @@ listof=totoc,
 ]{scrartcl}
 
 \usepackage{thesisstyle}
+\usepackage{algpseudocodex}
 
 \begin{document}
 \include{macros.tex}
@@ -76,17 +78,22 @@ abstract
 
 %Hauptteil der Arbeit 
 
+% TODO: Make citation links clickable
+
 \section{Introduction}
 
-Ed25519 is a signature scheme introduced by Bernstein, Duif, Lange, Schwabe, and Yang in 2011 \cite{JCEng:BDLSY12}. Ed25519 is a signature scheme defined for the Ed25519 twisted Edwards curve. In 2015 the paper "EdDSA for more curves" expanded the Ed25519 signature scheme to the more general EdDSA signature scheme \cite{EPRINT:BJLSY15}. Due to its high performance the EdDSA signature scheme is very popular and widely used in applications like TLS, SSH and the Signal protocol.
+Ed25519 is a signature scheme introduced by Bernstein, Duif, Lange, Schwabe, and Yang in 2012 \cite{JCEng:BDLSY12}. Ed25519 is a signature scheme defined for the Ed25519 twisted Edwards curve. In 2015 the paper "EdDSA for more curves" expanded the Ed25519 signature scheme to the more general EdDSA signature scheme \cite{EPRINT:BJLSY15}. Due to its high performance the EdDSA signature scheme is very popular and widely used in applications like TLS, SSH and the Signal protocol.
 
-Despite the wide use of EdDSA there is little security analysis of this signature scheme. The EdDSA signature scheme is based on the Schnorr signature scheme, which uses the Fiat-Schamir transformation to create a signature scheme from a secure identification scheme. Even though the EdDSA scheme is close to the original Schnorr signature scheme the standard security proof of the Schnorr signature scheme does not apply. The paper "The Provable Security of Ed25519: Theory and Practice" by Brendel et al. shows the security of Ed25519 by extracting the underlying identification scheme and proofing the security of this scheme as well as the applied Fiat-Schamir transformation \cite{SP:BCJZ21}. Due to the use of the Reset Lemma this yields a non tight security proof of the Ed25519 signature scheme.
+Despite the wide use of EdDSA there is little security analysis of this signature scheme. The EdDSA signature scheme is based on the Schnorr signature scheme, which uses the Fiat-Schamir transformation to create a signature scheme from a secure identification scheme. Even though the EdDSA scheme is close to the original Schnorr signature scheme the standard security proof of the Schnorr signature scheme does not apply. The paper "The Provable Security of Ed25519: Theory and Practice" by Brendel et al. shows the security of Ed25519 by extracting the underlying identification scheme and proofing the security of this scheme as well as the applied Fiat-Schamir transformation \cite{SP:BCJZ21}. Due to the use of the Reset Lemma this yields a non-tight security proof of the Ed25519 signature scheme.
 
 This work uses a different approach to proof the security of the EdDSA signature scheme by using the Algebraic Group Model (AGM) to directly reduce the security of EdDSA signature scheme to a special variant of the discrete logarithm problem. This approach yields a tight security proof.
 
+%TODO: result of thesis
+TODO
+
 \raggedbottom
 
-
+\newpage
 \section{Preliminaries}
 
 \subsection{Schnorr Signatures}
@@ -101,8 +108,28 @@ This work uses a different approach to proof the security of the EdDSA signature
 
 \subsection{Generic Group Model (GGM)}
 
+\newpage
 \section{EdDSA Signatures}
 
+% TODO: Referenz zum ersten Paper 2011 oder lieber zum journal paper 2012?
+
+This section takes a closer look at the existing specifications of the EdDSA signature scheme and specify a version which will be analyzed in this thesis.
+
+This work will take a closer look at the UF-CMA security of the EdDSA signature scheme. EdDSA was introduced as the Ed25519 signature scheme using the twisted Edwards curve Edwards25519, which is birationally equivalent to the Weierstrass curve Curve25519 \cite{JCEng:BDLSY12}. Later in 2015 the paper "EdDSA for more Curves" by Bernstein et al. introduces a more general version of EdDSA \cite{EPRINT:BJLSY15}. The RFC 8032 "Edwards-Curve Digital Signature Algorithm (EdDSA)" from 2017 also specifies a version of EdDSA with prehashing and the inclusion of a context \cite{josefsson_edwards-curve_2017}. This version was also included into the FIPS 186-5 "Digital Signature Standard (DSS)" standard \cite{moody_digital_2023}.
+
+\hrule
+\begin{algorithmic}[1] 
+	\Procedure{KeyGen}{pp}
+		\State Test
+		\State \Return key
+	\EndProcedure
+	\Statex
+	\Procedure{Sign}{key, message}
+	\EndProcedure
+\end{algorithmic}
+\hrule
+
+\newpage
 \section{The Security of EdDSA in a Single-User Setting}
 
 \section{The Security of EdDSA in a Multi-User Setting}
@@ -121,7 +148,7 @@ This work uses a different approach to proof the security of the EdDSA signature
 
 \addcontentsline{toc}{section}{References}
 \bibliographystyle{ieeetr}
-\bibliography{cryptobib/abbrev0,cryptobib/crypto}
+\bibliography{cryptobib/abbrev0,cryptobib/crypto,./citation}
 
 \newpage\
 

thesis/citation.bib

@@ -41,16 +41,24 @@
 	file = {Bernstein et al. - High-speed high-security signatures.pdf:/home/rixxc/Zotero/storage/2JAYEHFU/Bernstein et al. - High-speed high-security signatures.pdf:application/pdf},
 }
 
-@article{bernstein_high-speed_nodate-1,
-	title = {High-speed high-security signatures},
-	abstract = {This paper shows that a \$390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 108000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128 security level. Public keys are 32 bytes, and signatures are 64 bytes. These performance figures include strong defenses against software sidechannel attacks: there is no data flow from secret keys to array indices, and there is no data flow from secret keys to branch conditions.},
-	language = {en},
-	author = {Bernstein, Daniel J and Duif, Niels and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin},
-	file = {Bernstein et al. - High-speed high-security signatures.pdf:/home/rixxc/Zotero/storage/K6N4TY6P/Bernstein et al. - High-speed high-security signatures.pdf:application/pdf},
-}
-
 @article{bernstein_eddsa_nodate,
 	title = {{EdDSA} for more curves},
 	author = {Bernstein, Daniel J. and Josefsson, Simon and Lange, Tanja and Schwabe, Peter and Yang, Bo-Yin},
 	file = {eddsa-20150704.pdf:/home/rixxc/Zotero/storage/JK693Q38/eddsa-20150704.pdf:application/pdf},
 }
+
+@techreport{josefsson_edwards-curve_2017,
+	type = {Request for {Comments}},
+	title = {Edwards-{Curve} {Digital} {Signature} {Algorithm} ({EdDSA})},
+	url = {https://datatracker.ietf.org/doc/rfc8032},
+	abstract = {This document describes elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). The algorithm is instantiated with recommended parameters for the edwards25519 and edwards448 curves. An example implementation and test vectors are provided.},
+	number = {RFC 8032},
+	urldate = {2023-02-22},
+	institution = {Internet Engineering Task Force},
+	author = {Josefsson, Simon and Liusvaara, Ilari},
+	month = jan,
+	year = {2017},
+	doi = {10.17487/RFC8032},
+	note = {Num Pages: 60},
+	file = {Full Text PDF:/home/rixxc/Zotero/storage/U24MZYBY/Josefsson and Liusvaara - 2017 - Edwards-Curve Digital Signature Algorithm (EdDSA).pdf:application/pdf},
+}