[GNUnet-SVN] [taler-marketing] branch master updated: feedback integration

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository marketing.

The following commit(s) were added to refs/heads/master by this push:
     new 13e1b36  feedback integration
13e1b36 is described below

commit 13e1b363be75d9577fd19724bedd6325b189c9ee
Author: Christian Grothoff <address@hidden>
AuthorDate: Mon May 13 14:43:51 2019 +0200

    feedback integration
---
 presentations/comprehensive/bankademia.tex | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/presentations/comprehensive/bankademia.tex 
b/presentations/comprehensive/bankademia.tex
index 05c488f..57f8b25 100644
--- a/presentations/comprehensive/bankademia.tex
+++ b/presentations/comprehensive/bankademia.tex
@@ -513,14 +513,14 @@ But of course we use modern instantiations.
 
 
 \begin{frame}{Warranting deposit safety}
-  Exchange has {\em another} online signing key $O = oG$:
+  Exchange has {\em another} online signing key $W = wG$:
   \begin{center}
-    Sends $E$, $EdDSA_o(M,H(D),FDH(C))$ to the merchant.
+    Sends $E$, $EdDSA_w(M,H(D),FDH(C))$ to the merchant.
   \end{center}
   This signature means that $M$ was the {\em first} to deposit
   $C$ and that the exchange thus must pay $M$.
   \begin{center}
-     Without this, an evil exchange could reneg on the deposit
+     Without this, an evil exchange could renege on the deposit
      confirmation and claim double-spending if a coin were
      deposited twice, and then not pay either merchant!
   \end{center}
@@ -529,8 +529,8 @@ But of course we use modern instantiations.
 
 \begin{frame}{Online keys}
 \begin{itemize}
-\item The exchange needs $d$ and $o$ to be available for online signing.
-\item The corresponding public keys $O$ and $(e,n)$ are certified using
+\item The exchange needs $d$ and $w$ to be available for online signing.
+\item The corresponding public keys $W$ and $(e,n)$ are certified using
       Taler's public key infrastructure (which uses offline-only keys).
 \end{itemize}
 \begin{center}
@@ -565,13 +565,13 @@ But of course we use modern instantiations.
 \end{frame}
 
 
-\begin{frame}{Online signing key $O$ compromise}
+\begin{frame}{Online signing key $W$ compromise}
 \begin{itemize}
-\item An attacker who learns $o$ can sign deposit confirmations.
+\item An attacker who learns $w$ can sign deposit confirmations.
 \item Attacker sets up two (or more) merchants and customer(s) which 
double-spend
       legitimate coins at both merchants.
 \item The merchants only deposit each coin once at the exchange and get paid 
once.
-\item The attacker then uses $o$ to fake deposit confirmations for the 
double-spent
+\item The attacker then uses $w$ to fake deposit confirmations for the 
double-spent
       transactions.
 \item The attacker uses the faked deposit confirmations to complain to the 
auditor
       that the exchange did not honor the (faked) deposit confirmations.
@@ -581,7 +581,7 @@ and (likely) would presume an evil exchange, forcing it to 
pay both merchants.
 \end{frame}
 
 
-\begin{frame}{Detecting online signing key $O$ compromise}
+\begin{frame}{Detecting online signing key $W$ compromise}
 \begin{itemize}
 \item Merchants are required to {\em probabilistically} report
       signed deposit confirmations to the auditor.
@@ -592,7 +592,8 @@ and (likely) would presume an evil exchange, forcing it to 
pay both merchants.
       to the auditor {\em and} those without proof of double-spending
       {\em and} those merchants reported to the auditor.
 \item[$\Rightarrow$] Merchants that do not participate in reporting
-      to the auditor risk their deposit permissions being voided.
+      to the auditor risk their deposit permissions being voided in
+      cases of an exchange's private key being compromised.
 \end{itemize}
 \end{frame}
 

-- 
To stop receiving notification emails like this one, please contact
address@hidden