From 91ec89c0400d5e5d14d0251675b5efc114d34882 Mon Sep 17 00:00:00 2001 From: Aaron Kaiser Date: Thu, 2 Mar 2023 10:46:40 +0100 Subject: [PATCH] fixed typo --- thesis/Abschlussarbeit.tex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/thesis/Abschlussarbeit.tex b/thesis/Abschlussarbeit.tex index 57dc9c1..9c7aea4 100644 --- a/thesis/Abschlussarbeit.tex +++ b/thesis/Abschlussarbeit.tex @@ -349,7 +349,7 @@ The adversary has to call the \ioracle oracle with a commitment $\groupelement{R \label{eq:Adlog} \end{align} -Assuming that $r_2 + 2^c c$ is invertable in $\field{L}$ (not equal to $0$) we can use both equations to calculate the discrete logarithm of $\groupelement{A}$. To ensure that $r_2 + 2^c c$ is invertable the reduction has to abort if $-r_2$ equals $2^c c$ with $c$ being randomly choosen in the \ioracle oracle. +Assuming that $r_2 + 2^c c$ is invertible in $\field{L}$ (not equal to $0$) we can use both equations to calculate the discrete logarithm of $\groupelement{A}$. To ensure that $r_2 + 2^c c$ is invertible the reduction has to abort if $-r_2$ equals $2^c c$ with $c$ being randomly chosen in the \ioracle oracle. \begin{figure} \hrule @@ -452,7 +452,7 @@ Game $G_0$ is defined in Figure \ref{fig:igamewithabort} by ignoring all boxes. To prove (\ref{eq:advbsdlog}), we define an adversary $\adversary{B}$ attacking \sdlog that simulates $\adversary{A}$'s view on $G_2$. Adversary $\adversary{B}$ formally defined in figure \ref{fig:adversarybsdlog} is run in the \sdlog game and has access to \ioracle. \ioracle is perfectly simulated. - Finally, consider $\adversary{A}$ output $s^*$. If bad is not set $r_2 + 2^c c^*$ is invertable in $\field{L}$ and $(2^c s^* - r_1)(r_2 + 2^c c^*)^{-1}$ is the discrete logarithm of $\adversary{A}$ to the basis of $\adversary{B}$ as shown in (\ref{eq:Adlog}). + Finally, consider $\adversary{A}$ output $s^*$. If bad is not set $r_2 + 2^c c^*$ is invertible in $\field{L}$ and $(2^c s^* - r_1)(r_2 + 2^c c^*)^{-1}$ is the discrete logarithm of $\adversary{A}$ to the basis of $\adversary{B}$ as shown in (\ref{eq:Adlog}). \item This proves Theorem \ref{theorem:advgamez}. \end{proof}