[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-marketing] branch master updated: Esorics2022 added
From: |
gnunet |
Subject: |
[taler-marketing] branch master updated: Esorics2022 added |
Date: |
Tue, 27 Sep 2022 15:41:19 +0200 |
This is an automated email from the git hooks/post-receive script.
oec pushed a commit to branch master
in repository marketing.
The following commit(s) were added to refs/heads/master by this push:
new 653f0fd Esorics2022 added
653f0fd is described below
commit 653f0fd8a246a04c1c62d5bf9e3c45d3992b7488
Author: Özgür Kesim <oec-taler@kesim.org>
AuthorDate: Tue Sep 27 15:41:13 2022 +0200
Esorics2022 added
---
esorics2022/definitions.tex | 90 ++++
esorics2022/esorics2022.pdf | Bin 0 -> 301947 bytes
esorics2022/esorics2022.tex | 801 +++++++++++++++++++++++++++++++++
esorics2022/images/bfh.png | Bin 0 -> 16103 bytes
esorics2022/images/esorics2022.png | Bin 0 -> 31009 bytes
esorics2022/images/fraunhofer.png | Bin 0 -> 2204 bytes
esorics2022/images/fub.pdf | Bin 0 -> 63865 bytes
esorics2022/images/taler-logo-2020.jpg | Bin 0 -> 39336 bytes
esorics2022/setup.tex | 121 +++++
9 files changed, 1012 insertions(+)
diff --git a/esorics2022/definitions.tex b/esorics2022/definitions.tex
new file mode 100644
index 0000000..c2bdf3e
--- /dev/null
+++ b/esorics2022/definitions.tex
@@ -0,0 +1,90 @@
+\newcommand{\blue}[1]{{\color{blue}#1}}
+\newcommand{\red}[1]{{\color{red}#1}}
+\newcommand{\Guardian}{\mathcal{G}}
+\newcommand{\Child}{\mathcal{C}}
+\newcommand{\Customer}{\mathcal{C}}
+\newcommand{\Merchant}{\mathcal{M}}
+\newcommand{\Exchange}{\mathcal{E}}
+
+\newcommand{\Commit}{\mathsf{Commit}}
+\newcommand{\Attest}{\mathsf{Attest}}
+\newcommand{\Verify}{\mathsf{Verify}}
+\newcommand{\Derive}{\mathsf{Derive}}
+\newcommand{\DeriveCompare}{\mathsf{DeriveCompare_\kappa}}
+\newcommand{\Compare}{\mathsf{Compare}}
+\newcommand{\AgeVer}{\mathsf{AgeVer}}
+
+\newcommand{\HashF}{\mathsf{H}}
+\newcommand{\Hash}{\mathsf{H}}
+\newcommand{\Block}{\mathbb{B}}
+\newcommand{\Pub}{\mathsf{Pub}}
+\newcommand{\Sign}{\mathsf{Sig}}
+\newcommand{\Ver}{\mathsf{Ver}}
+\newcommand{\Encoding}{\mathsf{Encoding}}
+\newcommand{\ECDSA}{\mathsf{ECDSA}}
+\newcommand{\Null}{\mathcal{O}}
+\newcommand{\EC}{\mathrm{ec}}
+\newcommand{\Curve}{\mathsf{Curve25519}}
+\newcommand{\SHA}{\mathsf{SHA256}}
+\newcommand{\SHAF}{\mathsf{SHA252}}
+\newcommand{\FDH}{\mathsf{FDH}}
+
+\newcommand{\negl}{\epsilon}
+
+\newcommand{\rand}{\mathsf{rand}}
+\newcommand{\age}{\mathsf{a}}
+\newcommand{\Age}{\mathsf{M}}
+\newcommand{\bage}{\mathsf{b}}
+\newcommand{\minage}{\mathsf{m}}
+\newcommand{\attest}{\mathsf{T}}
+\newcommand{\commitment}{\mathsf{Q}}
+\newcommand{\pruf}{\mathsf{P}}
+\newcommand{\Vcommitment}{\vec{\mathsf{Q}}}
+\newcommand{\Vpruf}{\vec{\mathsf{P}}}
+\newcommand{\blinding}{\beta}
+
+\newcommand{\ZN}{\mathbb{Z}_N}
+\newcommand{\Z}{\mathbb{Z}}
+\newcommand{\N}{\mathbb{N}}
+\newcommand{\A}{\mathbb{A}}
+\newcommand{\E}{\mathbb{E}}
+\newcommand{\F}{\mathbb{F}}
+\newcommand{\seck}{\mathsf{s}}
+\newcommand{\pubk}{\mathsf{P}}
+\renewcommand{\H}{\mathbb{H}}
+\newcommand{\K}{\mathbb{K}}
+\newcommand{\Proofs}{\mathbb{P}}
+\newcommand{\Commitments}{\mathbb{O}}
+\newcommand{\Attests}{\mathbb{T}}
+\newcommand{\Blindings}{\mathbb{B}}
+\newcommand{\Nil}{\perp}
+
+\newcommand{\p}{\mathsf{p}}
+\newcommand{\com}{\mathsf{com}}
+\newcommand{\prf}{\mathsf{prf}}
+
+\newcommand{\Adv}{\mathcal{A}}
+\newcommand{\PPT}{\mathfrak{A}}
+\newcommand{\Probability}{\mathrm{Pr}}
+\newcommand{\Algorithm}{f}
+\renewcommand{\Game}[1]{G_\Adv^\mathsf{#1}}
+
+\DeclareMathOperator{\Image}{Im}
+\DeclareMathOperator{\Mod}{mod}
+
+\newcommand{\Encode}[1]{\overbracket[0.5pt][2pt]{\,#1\,}}
+\newcommand{\Decode}[1]{\underbracket[0.5pt][3pt]{\,#1\,}}
+\newcommand{\FDHg}[1]{[#1]_g\,}
+\newcommand{\logg}{{\breve{g}}}
+
+
+\newcommand{\drawfrom}{\xleftarrow{\$}}
+\newcommand\Exists{%
+ \mathop{\lower0.75ex\hbox{\ensuremath{%
+
\mathlarger{\mathlarger{\mathlarger{\mathlarger{\exists}}}}}}}%
+ \limits}
+
+\newcommand\Forall{%
+ \mathop{\lower0.75ex\hbox{\ensuremath{%
+
\mathlarger{\mathlarger{\mathlarger{\mathlarger{\forall}}}}}}}%
+ \limits}
diff --git a/esorics2022/esorics2022.pdf b/esorics2022/esorics2022.pdf
new file mode 100644
index 0000000..74e0fdb
Binary files /dev/null and b/esorics2022/esorics2022.pdf differ
diff --git a/esorics2022/esorics2022.tex b/esorics2022/esorics2022.tex
new file mode 100644
index 0000000..d26fe76
--- /dev/null
+++ b/esorics2022/esorics2022.tex
@@ -0,0 +1,801 @@
+%\pdfminorversion=3
+\documentclass[fleqn,xcolor={usenames,dvipsnames}]{beamer}
+\include{setup}
+
+\title{Zero-Knowledge Age Restriction for GNU Taler}
+%\subtitle{}
+
+\setbeamertemplate{navigation symbols}{%
+ \includegraphics[width=1.6cm]{images/fub.pdf}
+ \hspace{1em}
+ \includegraphics[width=2.3cm]{images/bfh.png}
+ \includegraphics[width=1cm]{images/taler-logo-2020.jpg}
+ \includegraphics[width=1cm]{images/fraunhofer.png}
+ \hfill%
+}
+%\setbeamercovered{transparent=1}
+
+\author[Özgür Kesim]{{\bf Özgür Kesim}, Christian Grothoff,\\ Florian Dold,
Martin Schanzenbach}
+\date{September 26, 2022\\
+ \includegraphics[width=4cm]{images/esorics2022.png}}
+\institute{FU Berlin, BFH Bern, Taler Systems SA, Fraunhofer AISEC}
+
+
+\begin{document}
+
+\justifying
+
+\begin{frame}
+ \titlepage
+\end{frame}
+
+%\begin{frame}
+% \begin{center}
+% \LARGE {\bf Zero-Knowledge Age Restriction\\for GNU Taler}
+%
+% \vfill
+% \end{center}
+% Substitute based on who is giving the talk!
+% \vfill
+% \begin{tabular}{rl}
+% \bf Özgür Kesim\href{mailto:o.kesim@fu-berlin.de}{\small
\Envelope} & \small Freie Universität Berlin, Germany \\
+% Christian Grothoff & \small Bern University of Applied
Sciences, Switzerland \\
+% Florian Dold & \small Taler Systems SA, Luxembourg \\
+% Martin Schanzenbach &\small Fraunhofer AISEC, Germany \\
+% \end{tabular}
+%\end{frame}
+
+\section{Introduction}
+
+\begin{frame}{Age restriction in E-commerce}
+
+ \begin{description}
+ \item[Problem:]~\\[1em]
+ Verification of minimum age requirements in
e-commerce.\\[2em]
+
+ \item[Common solutions:]
+
+\begin{tabular}{l<{\onslide<2->}c<{\onslide<3->}cr<{\onslide}}
+ & \blue{Privacy} & \tikzmark{topau} \blue{Ext. authority}&
\\[\medskipamount]
+ 1. ID Verification & bad & required & \\[\medskipamount]
+ 2. Restricted Accounts & bad & required & \\[\medskipamount]
+ 3. Attribute-based & good & required &\tikzmark{bottomau}
\\[\medskipamount]
+\end{tabular}
+ \end{description}
+
+\uncover<4->{
+ \begin{tikzpicture}[overlay,remember picture]
+ \draw[orange,thick,rounded corners]
+ ($(pic cs:topau) +(0,0.5)$) rectangle ($(pic cs:bottomau)
-(0.3, 0.2)$);
+ \end{tikzpicture}
+ \begin{center}
+ \bf Principle of Subsidiarity is violated
+ \end{center}
+}
+\end{frame}
+
+
+\begin{frame}{Principle of Subsidiarity}
+\begin{center} \Large
+ Functions of government---such as granting and restricting
+ rights---should be performed\\
+ {\it at the lowest level of authority possible},\\
+ as long as they can be performed {\it adequately}.
+\end{center}
+\vfill
+\uncover<2->{
+ For age-restriction, the lowest level of authority is:\\
+ \begin{center}\Large
+ Parents, guardians and caretakers
+ \end{center}
+}
+\end{frame}
+
+\begin{frame}{Our contribution}
+Design and implementation of an age restriction scheme\\
+with the following goals:
+
+\begin{enumerate}
+\item It ties age restriction to the \textbf{ability to pay} (not to ID's)
+\item maintains \textbf{anonymity of buyers}
+\item maintains \textbf{unlinkability of transactions}
+\item aligns with \textbf{principle of subsidiartiy}
+\item is \textbf{practical and efficient}
+\end{enumerate}
+
+\end{frame}
+
+
+\section{Age Restriction}
+
+\begin{frame}{Age restriction}
+ \framesubtitle{Assumptions and scenario}
+
+ \begin{columns}
+ \column{7.5cm}
+ \begin{itemize}
+ \item<1-> Assumption: Checking accounts are under control of
eligible adults/guardians.
+ \item<2-> \textit{Guardians} \textbf{commit} to an maximum age
+ \item<3-> \textit{Minors} \textbf{attest} their adequate age
+ \item<4-> \textit{Merchants} \textbf{verify} the attestations
+ \item<5-> Minors \textbf{derive} age commitments from existing
ones
+ \item<6-> \textit{Exchanges} \textbf{compare} the derived age
commitments
+ \end{itemize}
+ \column{5cm}
+ \uncover<7->
+ {
+ \begin{center}
+ \fontsize{7pt}{7pt}\selectfont
+ \begin{tikzpicture}[scale=.5]
+ \node[circle,minimum size=15pt,fill=black!15] at ( 60:4)
(Exchange) {$\Exchange$};
+ \node[circle,minimum size=15pt,fill=black!15] at ( 0:0)
(Client) {$\Child$};
+ \node[circle,minimum size=15pt,fill=black!15] at ( 0:4)
(Merchant) {$\Merchant$};
+ \node[circle,minimum size=15pt,fill=blue!15] at (140:3)
(Guardian) {$\Guardian$};
+
+ \draw[->] (Guardian) to [out=50,in=130, loop] node[above]
+ {$\Commit$} (Guardian);
+ \draw[->,blue] (Client) to [out=-125,in=-190, loop]
node[below,left]
+ {\blue{$\Attest$}} (Client);
+ \draw[->,blue] (Merchant) to [out=50,in=130, loop] node[above]
+ {\blue{$\Verify$}} (Merchant);
+ \draw[->,orange] (Client) to [out=-35,in=-100, loop]
node[below]
+ {\orange{$\Derive$}} (Client);
+ \draw[->,orange] (Exchange) to [out=50,in=130, loop] node[above]
+ {\orange{$\Compare$}} (Exchange);
+
+ \draw[orange,|->] (Client) to node[sloped,above,align=left]
+ {\orange{\scriptsize }} (Exchange);
+ \draw[blue,|->] (Client) to node[sloped, above]
+ {\blue{\scriptsize }} (Merchant);
+ \draw[,|->] (Guardian) to node[above,sloped,align=left]
+ {{\scriptsize }} (Client);
+ \end{tikzpicture}
+ \end{center}
+ }
+ \end{columns}
+ \vfill
+ \uncover<7->{Note: Scheme is independent of payment service protocol.}
+\end{frame}
+
+
+\begin{frame}{Formal Function Signatures}
+\small
+Searching for functions \uncover<2->{with the following signatures}
+\begin{align*}
+ &\bf \Commit\uncover<2->{:
+ &(\age, \omega) &\mapsto (\commitment, \pruf)
+ &\scriptstyle \N_\Age \times \Omega &\scriptstyle \to
\Commitments\times\Proofs,
+ }
+ \\
+ &\bf \Attest\uncover<3->{:
+ &(\minage, \commitment, \pruf) &\mapsto \attest
+ &\scriptstyle \N_\Age\times\Commitments\times\Proofs
&\scriptstyle \to \Attests \cup \{\Nil\},
+ }
+ \\
+ &\bf \Verify\uncover<4->{:
+ &(\minage, \commitment, \attest) &\mapsto b
+ &\scriptstyle \N_\Age\times\Commitments\times\Attests
&\scriptstyle \to \Z_2,
+ }
+ \\
+ &\bf \Derive\uncover<5->{:
+ &(\commitment, \pruf, \omega) &\mapsto (\commitment', \pruf',
\blinding)
+ &\scriptstyle \Commitments\times\Proofs\times\Omega
&\scriptstyle \to \Commitments\times\Proofs\times\Blindings,
+ }
+ \\
+ &\bf \Compare\uncover<6->{:
+ &(\commitment, \commitment', \blinding) &\mapsto b
+ &\scriptstyle \Commitments\times\Commitments\times\Blindings
&\scriptstyle \to \Z_2,
+ }
+\end{align*}
+ \uncover<7->{
+ with $\Omega, \Proofs, \Commitments, \Attests, \Blindings$
+ sufficiently large sets.\\[1em]
+ Basic and security requirements are defined later.\\[2em]
+ }
+
+ \scriptsize
+ \uncover<2->{
+ Mnemonics:\\
+ $\Commitments=$ \textit{c$\Commitments$mmitments},
+ $\commitment=$ \textit{Q-mitment} (commitment),
+ $\Proofs=$ \textit{$\Proofs$roofs},
+ }
+ \uncover<3->{
+ $\pruf=$ \textit{$\pruf$roof},\\
+ $\Attests=$ \textit{a$\Attests$testations},
+ $\attest=$ \textit{a$\attest$testation},
+ }
+ \uncover<5->{
+ $\Blindings=$ \textit{$\Blindings$lindings},
+ $\blinding=$ \textit{$\blinding$linding}.
+ }
+\end{frame}
+
+\begin{frame}{Age restriction}
+ \framesubtitle{Naïve scheme}
+ \begin{center}
+ \begin{tikzpicture}[scale=.85]
+ \node[circle,minimum size=20pt,fill=black!15] at ( 60:4)
(Exchange) {$\Exchange$};
+ \node[circle,minimum size=20pt,fill=black!15] at ( 0:0)
(Client) {$\Child$};
+ \node[circle,minimum size=20pt,fill=black!15] at ( 0:4)
(Merchant) {$\Merchant$};
+ \node[circle,minimum size=20pt,fill=blue!15] at (140:3)
(Guardian) {$\Guardian$};
+
+ \draw[->] (Guardian) to [out=50,in=130, loop] node[above]
+ {$\Commit$} (Guardian);
+ \draw[->,blue] (Client) to [out=-125,in=-190, loop]
node[below,left]
+ {\blue{$\Attest$}} (Client);
+ \draw[->,blue] (Merchant) to [out=50,in=130, loop] node[above]
+ {\blue{$\Verify$}} (Merchant);
+ \draw[->,orange] (Client) to [out=-35,in=-100, loop]
node[below]
+ {\orange{$\Derive$}} (Client);
+ \draw[->,orange] (Exchange) to [out=50,in=130, loop] node[above]
+ {\orange{$\Compare$}} (Exchange);
+
+ \draw[orange,|->] (Client) to node[sloped,above,align=left]
+ {\orange{\scriptsize }} (Exchange);
+ \draw[blue,|->] (Client) to node[sloped, above]
+ {\blue{\scriptsize }} (Merchant);
+ \draw[,|->] (Guardian) to node[above,sloped,align=left]
+ {{\scriptsize }} (Client);
+ \end{tikzpicture}
+ \end{center}
+\end{frame}
+
+\begin{frame}{Achieving Unlinkability}
+ \begin{columns}
+ \column{3cm}
+ \begin{center}
+ \fontsize{8pt}{9pt}\selectfont
+ \begin{tikzpicture}[scale=.65]
+ \node[circle,minimum size=20pt,fill=black!15] at (
60:4) (Exchange) {$\Exchange$};
+ \node[circle,minimum size=20pt,fill=black!15] at (
0:0) (Client) {$\Child$};
+
+ \draw[->,orange] (Client) to [out=-35,in=-100, loop]
node[below]
+ {\orange{$\footnotesize \Derive()$}} (Client);
+ \draw[->,orange] (Exchange) to [out=50,in=130, loop]
node[above]
+ {\orange{$\footnotesize \Compare()$}}
(Exchange);
+
+ \draw[orange,|->] (Client) to
node[sloped,above,align=left]
+ {\orange{\tiny
\uncover<2->{$(\commitment_i,\commitment_{i+1})$}}} (Exchange);
+ \end{tikzpicture}
+ \end{center}
+
+ \column{9cm}
+ Simple use of $\Derive()$ and $\Compare()$ is problematic.
+
+ \begin{itemize}
+ \item<2-> Calling $\Derive()$ iteratively generates sequence
+ $(\commitment_0, \commitment_1, \dots)$ of commitments.
+ \item<2-> Exchange calls $\Compare(\commitment_i,
\commitment_{i+1}, .)$
+ \item[$\implies$]\uncover<3->{\bf Exchange identifies sequence}
+ \item[$\implies$]\uncover<3->{\bf Unlinkability broken}
+ \end{itemize}
+ \end{columns}
+\end{frame}
+
+\begin{frame}{Achieving Unlinkability}
+ Define cut\&choose protocol \orange{$\DeriveCompare$},
+ using $\Derive()$ and $\Compare()$.\\[0.5em]
+ \uncover<2->{
+ Sketch:
+ \small
+ \begin{enumerate}
+ \item $\Child$ derives commitments
$(\commitment_1,\dots,\commitment_\kappa)$
+ from $\commitment_0$ \\
+ by calling $\Derive()$ with blindings
$(\beta_1,\dots,\beta_\kappa)$
+ \item $\Child$ calculates $h_0:=H\left(H(\commitment_1,
\beta_1)||\dots||H(\commitment_\kappa, \beta_\kappa)\right)$
+ \item $\Child$ sends $\commitment_0$ and $h_0$ to $\Exchange$
+ \item $\Exchange$ chooses $\gamma \in \{1,\dots,\kappa\}$
randomly
+ \item $\Child$ reveals $h_\gamma:=H(\commitment_\gamma,
\beta_\gamma)$ and all $(\commitment_i, \beta_i)$, except $(\commitment_\gamma,
\beta_\gamma)$
+ \item $\Exchange$ compares $h_0$ and
+ $H\left(H(\commitment_1,
\beta_1)||\dots||h_\gamma||...||H(\commitment_\kappa, \beta_\kappa)\right)$\\
+ and evaluates $\Compare(\commitment_0, \commitment_i,
\beta_i)$.
+ \end{enumerate}
+ \vfill
+ Note: Scheme is similar to the {\it refresh} protocol in GNU Taler.
+ }
+\end{frame}
+
+\begin{frame}{Achieving Unlinkability}
+ With \orange{$\DeriveCompare$}
+ \begin{itemize}
+ \item $\Exchange$ learns nothing about $\commitment_\gamma$,
+ \item trusts outcome with $\frac{\kappa-1}{\kappa}$ certainty,
+ \item i.e. $\Child$ has $\frac{1}{\kappa}$ chance to cheat.
+ \end{itemize}
+ \vfill
+ Note: Still need Derive and Compare to be defined.
+\end{frame}
+
+\begin{frame}{Refined scheme}
+
+ \begin{tikzpicture}[scale=.8]
+ \node[circle,minimum size=25pt,fill=black!15] at ( 0:0)
(Client) {$\Child$};
+ \node[circle,minimum size=25pt,fill=black!15] at ( 60:5)
(Exchange) {$\Exchange$};
+ \node[circle,minimum size=25pt,fill=black!15] at ( 0:5)
(Merchant) {$\Merchant$};
+ \node[circle,minimum size=25pt,fill=blue!15] at (130:3)
(Guardian) {$\Guardian$};
+
+ \draw[orange,<->] (Client) to node[sloped,below,align=center]
+ {\orange{$\DeriveCompare$}} (Exchange);
+ \draw[blue,->] (Client) to node[sloped, below]
+ {\blue{$(\attest_\minage, \commitment)$}} (Merchant);
+
+ \draw[->] (Guardian) to [out=150,in=70, loop] node[above]
+ {$\Commit(\age)$} (Guardian);
+ \draw[->] (Guardian) to node[below,sloped]
+ {($\commitment$, $\pruf_\age$)} (Client);
+ \draw[->,blue] (Client) to [out=-50,in=-130, loop] node[below]
+ {\blue{$\Attest(\minage, \commitment, \pruf_{\age})$}}
(Client);
+ \draw[->,blue] (Merchant) to [out=-50,in=-130, loop] node[below]
+ {\blue{$\Verify(\minage, \commitment,
\attest_{\minage})$}} (Merchant);
+ \end{tikzpicture}
+\end{frame}
+
+% \begin{frame}{Achieving Unlinkability}
+% \scriptsize
+% $\DeriveCompare : \Commitments\times\Proofs\times\Omega \to \{0,1\}$\\
+% \vfill
+% $\DeriveCompare(\commitment, \pruf, \omega) =$
+% \begin{itemize}
+% \it
+% \itemsep0.5em
+% \item[$\Child$:]
+% \begin{enumerate}
+% \scriptsize
+% \itemsep0.3em
+% \item for all $i \in \{1,\dots,\kappa\}:
+% (\commitment_i,\pruf_i,\beta_i) \leftarrow
\Derive(\commitment, \pruf, \omega + i)$
+% \item $h \leftarrow
\Hash\big(\Hash(\commitment_1,\beta_1)\parallel\dots\parallel\Hash(\commitment_\kappa,\beta_\kappa)
\big)$
+% \item send $(\commitment, h)$ to $\Exchange$
+% \end{enumerate}
+% \item[$\Exchange$:]
+% \begin{enumerate}
+% \setcounter{enumi}{4}
+% \scriptsize
+% \itemsep0.3em
+% \item save $(\commitment, h)$ \label{st:hash}
+% \item $\gamma \drawfrom \{1,\dots ,\kappa\}$
+% \item send $\gamma$ to $\Child$
+% \end{enumerate}
+% \item[$\Child$:]
+% \begin{enumerate}
+% \setcounter{enumi}{7}
+%
+% \scriptsize
+% \itemsep0.3em
+% \item $h'_\gamma \leftarrow \Hash(\commitment_\gamma,
\beta_\gamma)$
+% \item $\mathbf{E}_\gamma \leftarrow
\big[(\commitment_1,\beta_1),\dots,
+% (\commitment_{\gamma-1}, \beta_{\gamma-1}),
+% \Nil,
+% (\commitment_{\gamma+1}, \beta_{\gamma+1}),
+% \dots,(\commitment_\kappa, \beta_\kappa)\big]$
+% \item send $(\mathbf{E}_\gamma, h'_\gamma)$ to
$\Exchange$
+% \end{enumerate}
+% \item[$\Exchange$:]
+% \begin{enumerate}
+% \setcounter{enumi}{10}
+% \scriptsize
+% \itemsep0.3em
+% \item for all $i \in
\{1,\dots,\kappa\}\setminus\{\gamma\}: h_i \leftarrow
\Hash(\mathbf{E}_\gamma[i])$
+% \item if $h \stackrel{?}{\neq}
\HashF(h_1\|\dots\|h_{\gamma-1}\|h'_\gamma\|h_{\gamma+1}\|\dots\|h_{\kappa-1})$
return 0
+% \item for all $i \in
\{1,\dots,\kappa\}\setminus\{\gamma\}$:
+% if $0 \stackrel{?}{=}
\Compare(\commitment,\commitment_i, \beta_i)$ return $0$
+% \item return 1
+% \end{enumerate}
+% \end{itemize}
+% \end{frame}
+
+\begin{frame}{Basic Requirements}
+
+ Candidate functions
+ \[ (\Commit, \Attest, \Verify, \Derive, \Compare) \]
+ must first meet \textit{basic} requirements:
+
+ \begin{itemize}
+ \item Existence of attestations
+ \item Efficacy of attestations
+ \item Derivability of commitments and attestations
+ \end{itemize}
+\end{frame}
+
+\begin{frame}{Basic Requirements}
+ \framesubtitle{Formal Details}
+
+ \begin{description}
+ \item[Existence of attestations]
+ {\scriptsize
+ \begin{align*}
+ \Forall_{\age\in\N_\Age \atop \omega \in
\Omega}:
+ \Commit(\age, \omega) =: (\commitment, \pruf)
+ \implies
+ \Attest(\minage, \commitment, \pruf) =
+ \begin{cases}
+ \attest \in \Attests, \text{ if }
\minage \leq \age\\
+ \Nil \text{ otherwise}
+ \end{cases}
+ \end{align*}}
+ \item[Efficacy of attestations]
+ {\scriptsize
+ \begin{align*}
+ \Verify(\minage, \commitment, \attest) = \
+ \begin{cases}
+ 1, \text{if } \Exists_{\pruf \in
\Proofs}: \Attest(\minage, \commitment, \pruf) = \attest\\
+ 0 \text{ otherwise}
+ \end{cases}
+ \end{align*}}
+
+ {\scriptsize
+ \begin{align*}
+ \forall_{n \leq \age}: \Verify\big(n,
\commitment, \Attest(n, \commitment, \pruf)\big) = 1.
+ \end{align*}}
+ \item[etc.]
+ \end{description}
+\end{frame}
+
+%\begin{frame}{Requirements}
+% \framesubtitle{Details}
+%
+% \begin{description}
+% \item[Derivability of commitments and proofs:]~\\[0.1em]
+% {\scriptsize
+% Let \begin{align*}
+% \age & \in\N_\Age,\,\, \omega_0, \omega_1 \in\Omega\\
+% (\commitment_0, \pruf_0) & \leftarrow \Commit(\age,
\omega_0),\\
+% (\commitment_1, \pruf_1, \blinding) & \leftarrow
\Derive(\commitment_0, \pruf_0, \omega_1).
+% \end{align*}
+% We require
+% \begin{align*}
+% \Compare(\commitment_0, \commitment_1, \blinding) = 1
\label{req:comparity}
+% \end{align*}
+% and for all $n\leq\age$:
+% \begin{align*}
+% \Verify(n, \commitment_1, \Attest(n,
\commitment_1, \pruf_1)) &%
+% =
+% \Verify(n, \commitment_0, \Attest(n,
\commitment_0, \pruf_0))
+% \end{align*}}
+% \end{description}
+%\end{frame}
+
+\begin{frame}{Security Requirements}
+ Candidate functions must also meet \textit{security} requirements.
+ Those are are defined via security games:
+ \begin{itemize}
+ \item Game: Age disclosure by commitment or attestation
+ \item[$\leftrightarrow$] Requirement: Non-disclosure of age
+ \vfill
+
+ \item Game: Forging attestation
+ \item[$\leftrightarrow$] Requirement: Unforgeability of
+ minimum age
+ \vfill
+
+ \item Game: Distinguishing derived commitments and attestations
+ \item[$\leftrightarrow$] Requirement: Unlinkability of
+ commitments and attestations
+
+ \end{itemize}
+ \vfill
+
+ Meeting the security requirements means that adversaries can win
+ those games only with negligible advantage.
+ \vfill
+ Adversaries are arbitrary polynomial-time algorithms, acting on all
+ relevant input.
+\end{frame}
+
+\begin{frame}{Security Requirements}
+ \framesubtitle{Simplified Example}
+
+ \begin{description}
+ \item[Game $\Game{FA}(\lambda)$---Forging an attest:]~\\
+ {\small
+ \begin{enumerate}
+ \item $ (\age, \omega) \drawfrom \N_{\Age-1}\times\Omega
$
+ \item $ (\commitment, \pruf) \leftarrow \Commit(\age,
\omega) $
+ \item $ (\minage, \attest) \leftarrow \Adv(\age, \commitment,
\pruf)$
+ \item Return 0 if $\minage \leq \age$
+ \item Return $\Verify(\minage,\commitment,\attest)$
+ \end{enumerate}
+ }
+ \vfill
+ \item[Requirement: Unforgeability of minimum age]
+ {\small
+ \begin{equation*}
+ \Forall_{\Adv\in\PPT(\N_\Age\times\Commitments\times\Proofs\to
\N_\Age\times\Attests)}:
+ \Probability\Big[\Game{FA}(\lambda) = 1\Big] \le \negl(\lambda)
+ \end{equation*}
+ }
+ \end{description}
+\end{frame}
+
+\section{Solution/Instantiation}
+
+\begin{frame}{Solution: Instantiation with ECDSA}
+% \framesubtitle{Definition of Commit}
+
+ \begin{description}
+ \item[To Commit to age (group) '$\age$']~\\
+ \begin{enumerate}
+ \item<2-> Guardian generates ECDSA-keypairs, one per
age (group):
+ \[\langle(q_1,
p_1),\dots,(q_\Age,p_\Age)\rangle\]
+ \item<3-> Guardian then \textbf{drops} all private keys
+ $p_i$ for $i > \age$:
+ \[\Big \langle(q_1, p_1),\dots,
+ (q_\age, p_\age),
+ (q_{\age +1}, \red{\Nil}),\dots,
+ (q_\Age, \red{\Nil})\Big\rangle\]
+
+ \begin{itemize}
+ \item $\Vcommitment := (q_1, \dots,
q_\Age)$ is the \textit{Commitment},
+ \item $\Vpruf_\age := (p_1, \dots,
p_\age, \Nil,\dots,\Nil)$ is the \textit{Proof}
+ \end{itemize}
+ \vfill
+ \item<4-> Guardian gives child $\langle \Vcommitment,
\Vpruf_\age \rangle$
+ \vfill
+ \end{enumerate}
+ \end{description}
+\end{frame}
+
+\begin{frame}{Instantiation with ECDSA}
+ \framesubtitle{Definitions of Attest and Verify}
+
+ Child has
+ \begin{itemize}
+ \item ordered public-keys $\Vcommitment = (q_1, \dots, q_\Age)
$,
+ \item (some) private-keys $\Vpruf = (p_1, \dots, p_\age, \Nil,
\dots, \Nil)$.
+ \end{itemize}
+ \begin{description}
+ \item<2->[To \blue{Attest} a minimum age $\blue{\minage} \leq
\age$:]~\\
+ Sign a message with ECDSA using private key
$p_\blue{\minage}$
+ \end{description}
+
+ \vfill
+
+ \uncover<3->{
+ Merchant gets
+ \begin{itemize}
+ \item ordered public-keys $\Vcommitment = (q_1, \dots, q_\Age) $
+ \item Signature $\sigma$
+ \end{itemize}
+ \begin{description}
+ \item<4->[To \blue{Verify} a minimum age $\minage$:]~\\
+ Verify the ECDSA-Signature $\sigma$ with public key
$q_\minage$.
+ \end{description}
+ }
+ \vfill
+\end{frame}
+
+\begin{frame}{Instantiation with ECDSA}
+ \framesubtitle{Definitions of Derive and Compare}
+ Child has
+ $\Vcommitment = (q_1, \dots, q_\Age) $ and
+ $\Vpruf = (p_1, \dots, p_\age, \Nil, \dots, \Nil)$.
+ \begin{description}
+ \item<2->[To \blue{Derive} new $\Vcommitment'$ and $\Vpruf'$:]
+ Choose random $\beta\in\Z_g$ and calculate
+ \small
+ \begin{align*}
+ \Vcommitment' &:= \big(\beta * q_1,\ldots,\beta
* q_\Age\big),\\
+ \Vpruf' &:= \big(\beta p_1,\ldots,\beta
p_\age,\Nil,\ldots,\Nil\big)
+ \end{align*}
+ Note: $ (\beta p_i)*G = \beta*(p_i*G) = \beta*q_i$\\
+ \scriptsize $\beta*q_i$ is scalar multiplication on the
elliptic curve.
+ \end{description}
+
+ \vfill
+ \uncover<3->{
+ Exchange gets $\Vcommitment = (q_1,\dots,q_\Age)$,
$\Vcommitment' = (q_1', \dots, q_\Age')$ and $\beta$
+ \begin{description}
+ \item[To \blue{Compare}, calculate:]
+ \small
+ $(\beta * q_1, \ldots , \beta * q_\Age) \stackrel{?}{=}
(q'_1,\ldots, q'_\Age)$
+ \end{description}
+ \vfill
+ }
+\end{frame}
+
+\begin{frame}{Instantiation with ECDSA}
+
+ Functions
+ (Commit, Attest, Verify, Derive, Compare)\\
+ as defined in the instantiation with ECDSA\\[0.5em]
+ \begin{itemize}
+ \item meet the basic requirements,\\[0.5em]
+ \item also meet all security requirements.\\
+ Proofs by security reduction, details are in the paper.
+ \end{itemize}
+
+\end{frame}
+
+
+% \begin{frame}{Instantiation with ECDSA}
+% \framesubtitle{Full definitions}
+% \scriptsize
+%
+% \begin{align*}
+% \Commit_{E,\FDHg{\cdot}}(\age, \omega) &:= \Big\langle
+% \overbrace{(q_1,\ldots,q_\Age)}^{= \Vcommitment},\;
+% \overbrace{(p_1,\ldots,p_\age, \Nil,\ldots,\Nil)}^{= \Vpruf
\text{, length }\Age}
+% \Big\rangle\\
+% \Attest_{E,\HashF}(\bage, \Vcommitment, \Vpruf) &:=
+% \begin{cases}
+% \attest_\bage :=
\Sign_{E,\HashF}\big(\bage,\Vpruf[\bage]\big) & \text{if } \Vpruf[\bage]
\stackrel{?}{\neq} \Nil\\
+% \Nil & \text{otherwise}
+% \end{cases}\\
+% %
+% \Verify_{E,\HashF}(\bage, \Vcommitment, \attest) &:=
\Ver_{E,\HashF}(\bage, \Vcommitment[\bage], \attest)\\
+% %
+% \Derive_{E, \FDHg{\cdot}}(\Vcommitment, \Vpruf, \omega) &:=
+% \Big\langle(\beta * q_1,\ldots,\beta * q_\Age),
+% (\beta p_1,\ldots,\beta p_\age,\Nil,\ldots,\Nil), \beta
\Big\rangle \\
+% & \text{ with } \beta := \FDHg{\omega} \text{ and
multiplication } \beta p_i \text{ modulo } g \nonumber\\
+% %
+% \Compare_E(\Vcommitment, \Vcommitment', \beta) &:=
+% \begin{cases}
+% 1 & \text{if } (\beta * q_1, \ldots , \beta * q_\Age)
\stackrel{?}{=} (q'_1,\ldots, q'_\Age)\\
+% 0 & \text{otherwise}
+% \end{cases}
+% \end{align*}
+% \end{frame}
+
+\section{Integration with GNU Taler}
+
+\begin{frame}{GNU Taler}
+ \framesubtitle{https://www.taler.net}
+ \begin{columns}
+ \column{4cm}
+ \fontsize{8pt}{9pt}\selectfont
+ \begin{tikzpicture}[scale=.55]
+ \node[circle,fill=black!10] at (3, 4) (Exchange) {$\Exchange$};
+ \node[circle,fill=black!10] at (0, 0) (Customer) {$\Customer$};
+ \node[circle,fill=black!10] at (6, 0) (Merchant) {$\Merchant$};
+
+ \draw[<->] (Customer) to [out=65,in=220] node[sloped,above]
{\sf withdraw} (Exchange);
+ \draw[<->] (Customer) to [out=45,in=240] node[sloped,below]
{\sf refresh} (Exchange);
+ \draw[<->] (Customer) to node[sloped, below] {\sf purchase}
(Merchant);
+ \draw[<->] (Merchant) to node[sloped, above] {\sf deposit}
(Exchange);
+ \end{tikzpicture}
+ \column{8cm}
+ \begin{itemize}
+ \item Protocol suite for online payment services
+ \item Based on Chaum's blind signatures
+ % \item Taxable, efficient, free software
+ \item Allows for change and refund (F. Dold)
+ \item Privacy preserving: anonymous and unlinkable
payments
+ \end{itemize}
+ \end{columns}
+
+ \vfill
+ \uncover<2->{
+ \begin{itemize}
+ \item Coins are public-/private key-pairs $(C_p, c_s)$.
+ \item Exchange blindly signs $\FDH(C_p)$ with denomination key
$d_p$
+ \item Verification:
+ \begin{eqnarray*}
+ 1 &\stackrel{?}{=}&
+ \mathsf{SigCheck}\big(\FDH(C_p), D_p, \sigma_p\big)
+ \end{eqnarray*}
+ \scriptsize($D_p$ = public key of denomination and $\sigma_p$ =
signature)
+
+ \end{itemize}
+ }
+\end{frame}
+
+\begin{frame}{Integration with GNU Taler}
+ \framesubtitle{Binding age restriction to coins}
+
+ To bind an age commitment $\commitment$ to a coin $C_p$, instead of
+ signing $\FDH(C_p)$, $\Exchange$ now blindly signs
+ \begin{center}
+ $\FDH(C_p, \orange{H(\commitment)})$
+ \end{center}
+
+ \vfill
+ Verfication of a coin now requires $H(\commitment)$, too:
+ \begin{center}
+ $1 \stackrel{?}{=}
+ \mathsf{SigCheck}\big(\FDH(C_p, \orange{H(\commitment)}), D_p,
\sigma_p\big)$
+ \end{center}
+ \vfill
+\end{frame}
+
+\begin{frame}{Integration with GNU Taler}
+ \framesubtitle{Integrated schemes}
+ \fontsize{8pt}{9pt}\selectfont
+ \begin{tikzpicture}[scale=.9]
+ \node[circle,minimum size=25pt,fill=black!15] at ( 0:0)
(Client) {$\Child$};
+ \node[circle,minimum size=25pt,fill=black!15] at ( 60:5)
(Exchange) {$\Exchange$};
+ \node[circle,minimum size=25pt,fill=black!15] at ( 0:5)
(Merchant) {$\Merchant$};
+ \node[circle,minimum size=25pt,fill=blue!15] at (130:3)
(Guardian) {$\Guardian$};
+
+ \draw[<->] (Guardian) to node[sloped,above,align=center]
+ {{\sf withdraw}\orange{, using}\\ $\FDH(C_p\orange{,
H(\commitment)})$} (Exchange);
+ \draw[<->] (Client) to node[sloped,below,align=center]
+ {{\sf refresh} \orange{ + }\\
\orange{$\DeriveCompare$}} (Exchange);
+ \draw[<->] (Client) to node[sloped, below]
+ {{\sf purchase} \blue{+ $(\attest_\minage,
\commitment)$}} (Merchant);
+ \draw[<->] (Merchant) to node[sloped, above]
+ {{\sf deposit} \orange{+ $H(\commitment)$}} (Exchange);
+
+ \draw[->] (Guardian) to [out=70,in=150, loop] node[above]
+ {$\Commit(\age)$} (Guardian);
+ \draw[->] (Guardian) to node[below,sloped]
+ {($\commitment$, $\pruf_\age$)} (Client);
+ \draw[->,blue] (Client) to [out=-50,in=-130, loop] node[below]
+ {\blue{$\Attest(\minage, \commitment, \pruf_{\age})$}}
(Client);
+ \draw[->,blue] (Merchant) to [out=-50,in=-130, loop] node[below]
+ {\blue{$\Verify(\minage, \commitment,
\attest_{\minage})$}} (Merchant);
+ \end{tikzpicture}
+\end{frame}
+
+\begin{frame}{Instantiation with Edx25519}
+ Paper also formally defines another signature scheme: Edx25519.\\[1em]
+
+ \begin{itemize}
+ \item Scheme already in use in GNUnet,
+ \item based on EdDSA (Bernstein et al.),
+ \item generates compatible signatures and
+ \item allows for key derivation from both, private and public
keys, independently.
+ \end{itemize}~\\[1em]
+
+ Current implementation of age restriction in GNU Taler uses Edx25519.
+\end{frame}
+
+\section{Discussion, Related Work, Conclusion}
+
+\begin{frame}{Discussion}
+ \begin{itemize}
+ \item Our solution can in principle be used with any
token-based payment scheme
+ \item GNU Taler best aligned with our design goals (security,
privacy and efficiency)
+ \item Subsidiarity requires bank accounts being owned by adults
+ \begin{itemize}
+ \item Scheme can be adapted to case where minors have
bank accounts
+ \begin{itemize}
+ \item Assumption: banks provide minimum
age
+ information during bank
+ transactions.
+ \item Child and Exchange execute a
variant of
+ the cut\&choose protocol.
+ \end{itemize}
+ \end{itemize}
+ \item Our scheme offers an alternative to identity management
systems (IMS)
+ \end{itemize}
+\end{frame}
+\begin{frame}{Related Work}
+ \begin{itemize}
+ \item Current privacy-perserving systems all based on
attribute-based credentials (Koning et al., Schanzenbach et al., Camenisch et
al., Au et al.)
+ \item Attribute-based approach lacks support:
+ \begin{itemize}
+ \item Complex for consumers and retailers
+ \item Requires trusted third authority
+ \end{itemize}
+ \vfill
+ \item Other approaches tie age-restriction to ability to pay
("debit cards for kids")
+ \begin{itemize}
+ \item Advantage: mandatory to payment process
+ \item Not privacy friendly
+ \end{itemize}
+ \end{itemize}
+\end{frame}
+
+\begin{frame}{Conclusion}
+ Age restriction is a technical, ethical and legal challenge.
+
+ Existing solutions are
+ \begin{itemize}
+ \item without strong protection of privacy or
+ \item based on identity management systems (IMS)
+ \end{itemize}
+ \vfill
+
+ Our scheme offers a solution that is
+ \begin{itemize}
+ \item based on subsidiarity
+ \item privacy preserving
+ \item efficient
+ \item an alternative to IMS
+ \end{itemize}
+\end{frame}
+
+
+\end{document}
diff --git a/esorics2022/images/bfh.png b/esorics2022/images/bfh.png
new file mode 100644
index 0000000..4c9f8d1
Binary files /dev/null and b/esorics2022/images/bfh.png differ
diff --git a/esorics2022/images/esorics2022.png
b/esorics2022/images/esorics2022.png
new file mode 100644
index 0000000..365758a
Binary files /dev/null and b/esorics2022/images/esorics2022.png differ
diff --git a/esorics2022/images/fraunhofer.png
b/esorics2022/images/fraunhofer.png
new file mode 100644
index 0000000..0eb26a5
Binary files /dev/null and b/esorics2022/images/fraunhofer.png differ
diff --git a/esorics2022/images/fub.pdf b/esorics2022/images/fub.pdf
new file mode 100644
index 0000000..8094d75
Binary files /dev/null and b/esorics2022/images/fub.pdf differ
diff --git a/esorics2022/images/taler-logo-2020.jpg
b/esorics2022/images/taler-logo-2020.jpg
new file mode 100644
index 0000000..489832f
Binary files /dev/null and b/esorics2022/images/taler-logo-2020.jpg differ
diff --git a/esorics2022/setup.tex b/esorics2022/setup.tex
new file mode 100644
index 0000000..639c51c
--- /dev/null
+++ b/esorics2022/setup.tex
@@ -0,0 +1,121 @@
+\usepackage{amsmath}
+\usepackage{multimedia}
+\usepackage[utf8]{inputenc}
+\usepackage{framed,color,ragged2e}
+\usepackage[absolute,overlay]{textpos}
+\definecolor{shadecolor}{rgb}{0.8,0.8,0.8}
+\usetheme{boxes}
+\setbeamertemplate{navigation symbols}{}
+\usepackage{xcolor}
+\usepackage[normalem]{ulem}
+\usepackage{listings}
+\usepackage{adjustbox}
+\usepackage{array}
+\usepackage{bbding}
+\usepackage{relsize}
+\usepackage{graphicx}
+\usepackage{tikz,eurosym,calc}
+\usetikzlibrary{tikzmark}
+\usetikzlibrary{shapes,arrows,arrows.meta}
+\usetikzlibrary{positioning,patterns}
+\usetikzlibrary{calc}
+
+% CSS
+\lstdefinelanguage{CSS}{
+ basicstyle=\ttfamily\scriptsize,
+
keywords={color,background-image:,margin,padding,font,weight,display,position,top,left,right,bottom,list,style,border,size,white,space,min,width,
transition:, transform:, transition-property, transition-duration,
transition-timing-function},
+ sensitive=true,
+ morecomment=[l]{//},
+ morecomment=[s]{/*}{*/},
+ morestring=[b]',
+ morestring=[b]",
+ alsoletter={:},
+ alsodigit={-}
+}
+
+% JavaScript
+\lstdefinelanguage{JavaScript}{
+ basicstyle=\ttfamily\scriptsize,
+ morekeywords={typeof, new, true, false, catch, function, return, null,
catch, switch, var, if, in, while, do, else, case, break},
+ morecomment=[s]{/*}{*/},
+ morecomment=[l]//,
+ morestring=[b]",
+ morestring=[b]'
+}
+
+\lstdefinelanguage{HTML5}{
+ basicstyle=\ttfamily\scriptsize,
+ language=html,
+ sensitive=true,
+ alsoletter={<>=-},
+ morecomment=[s]{<!-}{-->},
+ tag=[s],
+ otherkeywords={
+ % General
+ >,
+ % Standard tags
+ <!DOCTYPE,
+ </html, <html, <head, <title, </title, <style, </style, <link, </head,
<meta, />,
+ % body
+ </body, <body,
+ % Divs
+ </div, <div, </div>,
+ % Paragraphs
+ </p, <p, </p>,
+ % scripts
+ </script, <script,
+ % More tags...
+ <canvas, /canvas>, <svg, <rect, <animateTransform, </rect>, </svg>, <video,
<source, <iframe, </iframe>, </video>, <image, </image>
+ },
+ ndkeywords={
+ % General
+ =,
+ % HTML attributes
+ charset=, src=, id=, width=, height=, style=, type=, rel=, href=,
+ % SVG attributes
+ fill=, attributeName=, begin=, dur=, from=, to=, poster=, controls=, x=, y=,
repeatCount=, xlink:href=,
+ % CSS properties
+ margin:, padding:, background-image:, border:, top:, left:, position:,
width:, height:,
+ % CSS3 properties
+ transform:, -moz-transform:, -webkit-transform:,
+ animation:, -webkit-animation:,
+ transition:, transition-duration:, transition-property:,
transition-timing-function:,
+ }
+}
+
+\lstdefinelanguage{JavaScript}{
+ basicstyle=\ttfamily\scriptsize,
+ keywords={typeof, new, true, false, catch, function, return, null, catch,
switch, var, if, in, while, do, else, case, break, for},
+ keywordstyle=\color{blue}\bfseries,
+ ndkeywords={class, export, boolean, throw, implements, import, this},
+ ndkeywordstyle=\color{darkgray}\bfseries,
+ identifierstyle=\color{black},
+ sensitive=false,
+ comment=[l]{//},
+ morecomment=[s]{/*}{*/},
+ commentstyle=\color{purple}\ttfamily,
+ stringstyle=\color{red}\ttfamily,
+ morestring=[b]',
+ morestring=[b]"
+}
+
+%\usetheme{Dresden}
+\setbeamersize{description width=1em}
+
+\setbeamertemplate{footline}{
+ \hbox{%
+
\begin{beamercolorbox}[wd=\paperwidth,ht=3ex,dp=1.5ex,leftskip=2ex,rightskip=2ex]{page
footer}%
+ \usebeamerfont{title in head/foot}%
+ \insertshorttitle \hfill
+ \insertsection \hfill
+ \insertframenumber{} / \inserttotalframenumber
+ \end{beamercolorbox}}%
+}
+
+
+\definecolor{blue}{rgb}{0,0,0.7}
+\newcommand{\orange}[1]{{\color{orange}#1}}
+\newcommand{\TODO}[1]{\orange{TODO: #1}}
+
+
+\input{definitions}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-marketing] branch master updated: Esorics2022 added,
gnunet <=