Finished related work section

thesis/sections/introduction.tex

@@ -8,7 +8,7 @@ The desired security notions for the signature scheme are EUF-CMA or SUF-CMA sec
 
 In 2020, Brendel et. al. showed in the paper "The Provable Security of Ed25519: Theory and Practice" that Ed25519 satisfies EUF-CMA and SUF-CMA security, depending on which standard is used \cite{SP:BCJZ21}. They did this by extracting the underlying canonical identification scheme, proving its security, and then proving the security of the constructed signature scheme. Due to the use of the reset lemma, the provided security proof is not tight.
 
-Tight security proofs are desirable because they provide a better approximation of the bit security of a signature scheme when instantiated with concrete primitives (such as groups or hash functions). A better approximation results in smaller parameters (such as the size of the group) yielding better bit security. This means that smaller primitives can be used to achieve the same level of security, and smaller primitives often result in more efficient cryptographic schemes.
+Tight security proofs are desirable because they provide a better approximation of the bit security of a signature scheme when instantiated with concrete primitives (such as groups or hash functions). A better approximation results in smaller parameters (such as the size of the group) yielding better bit security. This means that, with tighter security proofs, smaller primitives can be used to achieve the same level of security, and smaller primitives often result in more efficient cryptographic schemes.
 
 This thesis achieves a tight security proof by using the algebraic group model to show the relationship between the EUF/SUF-CMA security of different versions of the EdDSA signature scheme and the discrete logarithm problem. By directly reducing the EUF/SUF-CMA security of the EdDSA signature scheme to the discrete logarithm, a tight security proof can be achieved since the reset lemma is not used for this approach.