rixxc/masterthesis
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Minor changes

Browse Source
This commit is contained in:
Aaron Kaiser
2023-06-14 16:30:09 +02:00
parent 97e842892c
commit fe577651cd
4 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
thesis/sections/introduction.tex
View File

@@ -12,7 +12,6 @@ In a 2020 paper, Brendel et al. showed that Ed25519 satisfies EUF-CMA and SUF-CM
Tightness is a property of a security proof. A security proof is said to be tight if the probability of success of an adversary $\adversary{B}$ attacking problem B, constructed from adversary $\adversary{A}$ attacking problem A, is at most smaller than the probability of success of $\adversary{A}$ by a small constant factor.
%TODO: Umschreiben
Tight security proofs are desirable because they provide a better approximation of the bit security of a signature scheme when instantiated with concrete primitives (such as groups or hash functions)\cite{SAC:ChaMenSar11}. A better approximation results in smaller parameters (such as the size of the group) yielding better bit security. This means that, with tighter security proofs, smaller primitives can be used to achieve the same level of security, and smaller primitives often result in more faster computations and therefore more efficient cryptographic schemes.
For the Schnorr signature scheme, a tight security reduction can be achieved by using the algebraic group model and the random oracle model to directly show the EUF-CMA security under the discrete logarithm assumption, as shown by Fuchsbauer et al. \cite{EC:FucPloSeu20}.