[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] manuscripts/Sigs article.rst
From: |
Benja Fallenstein |
Subject: |
[Gzz-commits] manuscripts/Sigs article.rst |
Date: |
Mon, 19 May 2003 18:24:32 -0400 |
CVSROOT: /cvsroot/gzz
Module name: manuscripts
Changes by: Benja Fallenstein <address@hidden> 03/05/19 18:24:32
Modified files:
Sigs : article.rst
Log message:
twid
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.153&tr2=1.154&r1=text&r2=text
Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.153 manuscripts/Sigs/article.rst:1.154
--- manuscripts/Sigs/article.rst:1.153 Mon May 19 18:05:53 2003
+++ manuscripts/Sigs/article.rst Mon May 19 18:24:32 2003
@@ -63,7 +63,7 @@
their operation does not rely on
trapdoor functions, whose strength is based on
unproven number-theoretic assumptions such as the
-difficulty of factoring large integers [XXX].
+difficulty of factoring large integers.
Unlike signature schemes based on trapdoor functions,
one-time signatures can withstand a long-time
@@ -278,13 +278,22 @@
}
\end{table*}
-For example, using the Merkle signature scheme [XXX],
-with X long sigs and X ...
+To sign `$b$` bits, the Merkle signature scheme uses
+`$k=(b+\\lfloor \\log{2} b \\rfloor+1)$` numbers of length
+`$h$` as the private key. Therefore, `$k$` calls
+to the oracle are needed to generate a new private key.
+To generate a public key from a private key,
+the Merkle scheme needs `$k$` calls to the hash function.
+Signing only consists of revealing random numbers
+from the private key and doesn't use the hash function.
+Verification needs at most `$k$` hash function
+invocations. Therefore, we get `$t_s'=0$` and
+`$t_v'=k$`; for the generation of the key pair,
+we get `$t_0'=2k$`.
-
-with `$N=32$` and `$n=5$` and a 160-bit hash,
+With `$N=32$` and `$n=5$` and a 160-bit hash,
we obtain a signature scheme
-with 110.0KB signatures and uses
+with 110 KB signatures and uses
`$2.1\\cdot 10^{5}$`
hash invocations for signing and `$5.6\\cdot 10^3$`
hash invocations for verification.
@@ -299,8 +308,8 @@
ts=2.02e+05 [~1009.76ms],
tv=5.57e+03 [~27.84ms])
-The private keys in these schemes is only 160 bits long;
-the random oracle is used to generate all the other private keys.
+The private keys in these schemes need only be 160 bits long;
+the random oracle can be used to generate all the other private keys.
Practical Variants
- [Gzz-commits] manuscripts/Sigs article.rst, (continued)
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst,
Benja Fallenstein <=
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Benja Fallenstein, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/19
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/20
- [Gzz-commits] manuscripts/Sigs article.rst, Tuomas J. Lukka, 2003/05/20