[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] manuscripts/Sigs article.rst internal.rst poss.py
From: |
Tuomas J. Lukka |
Subject: |
[Gzz-commits] manuscripts/Sigs article.rst internal.rst poss.py |
Date: |
Mon, 19 May 2003 11:40:31 -0400 |
CVSROOT: /cvsroot/gzz
Module name: manuscripts
Changes by: Tuomas J. Lukka <address@hidden> 03/05/19 11:40:31
Modified files:
Sigs : article.rst internal.rst poss.py
Log message:
more
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.109&tr2=1.110&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/internal.rst.diff?tr1=1.2&tr2=1.3&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/poss.py.diff?tr1=1.11&tr2=1.12&r1=text&r2=text
Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.109 manuscripts/Sigs/article.rst:1.110
--- manuscripts/Sigs/article.rst:1.109 Mon May 19 11:05:59 2003
+++ manuscripts/Sigs/article.rst Mon May 19 11:40:31 2003
@@ -185,12 +185,12 @@
a unique private key for each 160-bit hash.
This is done by requiring that `$q^N > 2^{160}$` and choosing
`$x$` based on the bits of the hash to be signed.
-- however, we *can* use OTS algorithms with chosen-message attacks since final
pubkey
- not known
-
-we want the full deterministic
-algorithm, for 160-bit hashes
-that, which requires `$ nN = 160 $`.
+If we use Merkle hash trees to obtain the underlying `$q$`-time scheme
+from a one-time scheme, we have for the parameters of the two algorithms
+the inequality `$ nN \ge 160 $`.
+Obtaining the minimal integral solutions of this inequality
+gives us a tradeoff where the length of the signature is approximately
+linear with `$N$` and the time to sign grows exponentially with `$n$`.
All choices produce a *linear* operation from the characteristics
of a scheme to the characteristics of the other scheme.
@@ -198,6 +198,7 @@
and the time to sign grows exponentially with `$n$` and
linearly (in the opposite direction!) with `$N$`.
+For example,
- feasible
Index: manuscripts/Sigs/internal.rst
diff -u manuscripts/Sigs/internal.rst:1.2 manuscripts/Sigs/internal.rst:1.3
--- manuscripts/Sigs/internal.rst:1.2 Mon May 19 11:06:00 2003
+++ manuscripts/Sigs/internal.rst Mon May 19 11:40:31 2003
@@ -521,6 +521,9 @@
This needs to be reasoned out carefully.
+- however, we *can* use OTS algorithms with chosen-message attacks since final
pubkey
+ not known
+
Tradeoffs in deterministic key boosting
---------------------------------------
Index: manuscripts/Sigs/poss.py
diff -u manuscripts/Sigs/poss.py:1.11 manuscripts/Sigs/poss.py:1.12
--- manuscripts/Sigs/poss.py:1.11 Mon May 19 09:35:54 2003
+++ manuscripts/Sigs/poss.py Mon May 19 11:40:31 2003
@@ -115,6 +115,12 @@
if __name__ == '__main__':
if 1:
+ printscheme(
+ key_boosting(16,
+ merkle_hashtree(10,
+ merkle_winternitz(160, 160, 2))))
+ exit(0)
+ if 1:
def pzip(names, arrs, zeros):
res = []
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gzz-commits] manuscripts/Sigs article.rst internal.rst poss.py,
Tuomas J. Lukka <=