[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: cleanup zk-protocol for age restrict
From: |
gnunet |
Subject: |
[taler-docs] branch master updated: cleanup zk-protocol for age restriction during withdraw |
Date: |
Tue, 20 Dec 2022 14:34:33 +0100 |
This is an automated email from the git hooks/post-receive script.
oec pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new 1459129 cleanup zk-protocol for age restriction during withdraw
1459129 is described below
commit 145912990c8f2f89a1daa05a6a9071615c8904de
Author: Özgür Kesim <oec-taler@kesim.org>
AuthorDate: Tue Dec 20 14:34:31 2022 +0100
cleanup zk-protocol for age restriction during withdraw
---
design-documents/024-age-restriction.rst | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/design-documents/024-age-restriction.rst
b/design-documents/024-age-restriction.rst
index ce1e130..f43dc18 100644
--- a/design-documents/024-age-restriction.rst
+++ b/design-documents/024-age-restriction.rst
@@ -320,17 +320,17 @@ Then:
#. *Wallet*:
- #. creates planchets :math:`\{C_i \mid i = 1,\ldots,\kappa\}` as candidates
for *one* coin.
- #. creates age-commitments :math:`\{ \vec{Q}^i \mid i = 1,\ldots,\kappa\}`
as follows:
+ #. creates planchets :math:`C_i` for :math:`i \in \{1,\ldots,\kappa\}` as
candidates for *one* coin.
+ #. creates age-commitments :math:`\vec{Q}^i` for :math:`i \in
\{1,\ldots,\kappa\}` as follows:
- a) chooses randomly :math:`a`-many scalars :math:`\{p^i_j \mid j =
1,\ldots,a\}`,
- #) creates keypairs :math:`\{(p^i_j, q^i_j = p^i_j*G) \mid j =
1,\ldots,a\}` for Edx25519,
- #) chooses randomly :math:`(M - a)`-many scalars :math:`\{s^i_j \mid j =
a+1,\ldots,M\}`,
- #) calculates :math:`\{\omega^i_j = s^i_j*\Omega \mid j = a+1,\ldots,M
\}`,
+ a) chooses randomly :math:`a`-many scalars :math:`p^i_j` for :math:`j
\in \{1,\ldots,a\}`,
+ #) creates Edx25519-keypairs :math:`(p^i_j, q^i_j)` for :math:`j \in
\{1,\ldots,a\}`,
+ #) chooses randomly :math:`(M - a)`-many scalars :math:`s^i_j` for
:math:`j \in \{a+1,\ldots,M\}`,
+ #) calculates :math:`\omega^i_j = s^i_j*\Omega` for :math:`j \in
\{a+1,\ldots,M \}`,
#) sets :math:`\vec{Q}^i :=
(q^i_1,\ldots,q^i_a,\omega^i_{a+1},\ldots,\omega^i_M)`
- #. calculates :math:`\{ f_i := \text{FDH}(C_i, H(\vec{Q}^i)) \mid i =
1,\ldots,\kappa \}`
- #. chooses random blindings :math:`\beta_i(.), i = 1,\ldots,\kappa`,
depending on the the cipher (RSA, CS).
+ #. calculates :math:`f_i := \text{FDH}(C_i, H(\vec{Q}^i))` for :math:`i \in
\{ 1,\ldots,\kappa \}`.
+ #. chooses random blindings :math:`\beta_i(.)` for :math:`i \in
\{1,\ldots,\kappa\}`. The blinding functions depend on the cipher (RSA, CS).
#. calculates :math:`F :=
\text{H}(\beta_1(f_1)||\ldots||\beta_\kappa(f_\kappa))`
#. sends :math:`F` to the Exchange
@@ -358,10 +358,15 @@ Then:
#. compares :math:`F \overset{?}{=} \text{H}(g_1||\ldots||g_{\gamma -
1}||r||g_{\gamma+1}||\ldots||g_\kappa)` and bails out on inequality
#. for each :math:`\vec{B}^i, i \neq \gamma`
- i. calculates :math:`\tilde{\omega}^i_j := b^i_j * \Omega` for :math:`j
= a+1,\ldots,M`
+ i. calculates :math:`\tilde{\omega}^i_j := b^i_j * \Omega` for :math:`j
\in \{a+1,\ldots,M\}`
#. compares each :math:`\tilde{\omega}^i_j` to :math:`q^i_j` from
:math:`\vec{Q}^i = (q^i_1, \ldots, q^i_M)` and bails out on inequality
#. signs :math:`r`
- #. sends signature :math:`\sigma_r` to Wallet
+ #. sends (blinded) signature :math:`\sigma_r` to Wallet
+
+#. *Wallet*:
+
+ #. receives :math:`\sigma_r`
+ #. calculates (unblinded) signature :math:`\sigma_c :=
\beta^{-1}_\gamma(\sigma_r)`
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: cleanup zk-protocol for age restriction during withdraw,
gnunet <=