rixxc/masterthesis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Finished OMDL proof in GGM

Browse Source
This commit is contained in:
Aaron Kaiser
2023-05-30 21:45:00 +02:00
parent 480b9ef80e
commit c58045b508
5 changed files with 275 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
thesis/sections/mu_security_of_eddsa/mu-gamez_implies_mu-uf-nma.tex
View File

@@ -11,7 +11,7 @@ This section shows that MU-\igame implies MU-UF-NMA security of the EdDSA signat
\[ \advantage{\adversary{A}}{\text{MU-\igame}}(\secparamter) \assign | \Pr[\text{MU-\igame}^{\adversary{A}} \Rightarrow 1] |. \]
\end{definition}
\begin{figure}
\begin{figure}[h]
\hrule
\vspace{1mm}
\large
@@ -46,7 +46,7 @@ This section shows that MU-\igame implies MU-UF-NMA security of the EdDSA signat
\paragraph{\underline{Formal Proof}}
\begin{figure}
\begin{figure}[h]
\hrule
\begin{multicols}{2}
\large
@@ -83,7 +83,7 @@ This section shows that MU-\igame implies MU-UF-NMA security of the EdDSA signat
\Pr[G_0^{\adversary{A}} \Rightarrow 1] = \advantage{\group{G}, \adversary{B}}{\text{MU-\igame}}(\secparamter). \label{eq:adv_mu-igame}
\end{align}
\begin{figure}
\begin{figure}[h]
\hrule
\vspace{1mm}
\large

6
thesis/sections/mu_security_of_eddsa/mu-uf-nma_implies_mu-suf-cma.tex
View File

@@ -15,7 +15,7 @@ Again the programmability of the random oracle together with the \simalg algorit
\paragraph{\underline{Formal Proof}}
\begin{figure}
\begin{figure}[h]
\hrule
\begin{multicols}{2}
\large
@@ -108,7 +108,7 @@ Again the programmability of the random oracle together with the \simalg algorit
\Pr[G_3^{\adversary{A}} \Rightarrow 1] = \advantage{\adversary{B}}{\text{MU-UF-NMA}}(\secparamter). \label{eq:adv_mu-uf-nma}
\end{align}
\begin{figure}
\begin{figure}[h]
\hrule
\begin{multicols}{2}
\large
@@ -174,7 +174,7 @@ This section shows that MU-UF-NMA security of EdDSA implies the MU-EUF-CMA secur
\Pr[G_3^{\adversary{A}} \Rightarrow 1] = \advantage{\adversary{B}}{\text{MU-UF-NMA}}(\secparamter). \label{eq:adv2_mu-uf-nma}
\end{align}
\begin{figure}
\begin{figure}[h]
\hrule
\begin{multicols}{2}
\large

8
thesis/sections/mu_security_of_eddsa/omdl'_implies_mu-gamez.tex
View File

@@ -5,12 +5,13 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
\paragraph{\underline{Introducing \somdl}} Similar to \sdlog being a variant of the discrete logarithm problem the \somdl is a variant of the one-more discrete logarithm problem which represents the special distribution of secret keys resulting from the key generation algorithm of the EdDSA signature scheme. The only difference to the original one-more discrete logarithm game as introduced in \cite{JC:BNPS03} is that the secret scalars are chosen from the set $\{2^{n-1}, 2^{n-1} + 8, ..., 2^{n} - 8\}$ which represents all valid secret scalars regarding the key generation algorithm. A lower bound on the hardness of the \somdl problem is further analyzed in section \ref{sec:somdl}. The \somdl game is depicted in figure \ref{fig:somdl}.
\begin{definition}[\somdl]
\label{def:somdl}
Let $n$ and $N$ be positive integer. For an adversary $\adversary{A}$ we define its advantage in the \somdl game as following:
\[ \advantage{\adversary{A}}{\text{\somdl}}(\secparamter) \assign | \Pr[\text{\somdl}^{\adversary{A}} \Rightarrow 1] |. \]
\end{definition}
\begin{figure}
\begin{figure}[h]
\hrule
\vspace{1mm}
\large
@@ -47,8 +48,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
\paragraph{\underline{Formal Proof}}
% TODO: clarify encoding of c
\begin{figure}
\begin{figure}[h]
\hrule
\large
\vspace{1mm}
@@ -101,7 +101,7 @@ This section shows that \somdl implies MU-\igame using the Algebraic Group Model
\Pr[G_2^{\adversary{A}} \Rightarrow 1] = \advantage{\group{G},\adversary{B}}{\somdl}(\secparamter). \label{eq:adv_omdl'}
\end{align}
\begin{figure}
\begin{figure}[h]
\hrule
\large
\vspace{1mm}