rixxc/masterthesis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Start of single user proof

Browse Source
This commit is contained in:
Aaron Kaiser
2023-02-23 22:12:39 +01:00
parent 754c05fd58
commit ca1e2c10cb
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
thesis/Abschlussarbeit.tex
View File

@@ -216,11 +216,22 @@ The EdDSA signature scheme is defined using a twisted Edwards curve. Twisted Edw
\section{The Security of EdDSA in a Single-User Setting}
This section takes a look at the single-user security of EdDSA. This is done by showing the UF-CMA security of EdDSA assuming the security of a special version of the DLog problem. This special version is derived from the key generation procedure. Section \ref{sec:dlog'} provides a concrete bound on the security of this version of the DLog problem.
% TODO: Ichform?
% TODO: richtige Richtung?
% TODO: "onto which I will reduce the UF-NMA security" kann man das so schreiben?
The proof starts by replacing some calls to hash function $H$ with calls to a pseudo random function and pseudo random generator. After replacing some calls to the hash function I show that the UF-CMA security of EdDSA implies UF-NMA security of EdDSA in the Random Oracle Model. Next I introduce an intermediate game on which I will reduce the UF-NMA security. At last I will show that this intermediate game implies security regarding the special version of the DLog problem.
\subsection{UF-CMA $=>$ UF-NMA (ROM)}
\section{The Security of EdDSA in a Multi-User Setting}
\section{The Ed-GGM}
\subsection{Bounds on Dlog'}
\subsection{Bounds on Dlog'} \label{sec:dlog'}
\subsection{Bounds on OMDlog'}