[Gzz-commits] manuscripts/Sigs article.rst

[Tuomas J. Lukka]

CVSROOT:        /cvsroot/gzz
Module name:    manuscripts
Changes by:     Tuomas J. Lukka <address@hidden>        03/05/17 14:52:53

Modified files:
        Sigs           : article.rst 

Log message:
        twid

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.47&tr2=1.48&r1=text&r2=text

Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.47 manuscripts/Sigs/article.rst:1.48
--- manuscripts/Sigs/article.rst:1.47   Sat May 17 14:46:53 2003
+++ manuscripts/Sigs/article.rst        Sat May 17 14:52:53 2003
@@ -189,6 +189,7 @@
 Analysis: Characterizing one-time signature schemes
 ===================================================
 
+- defer discussion of the choice of `$x$` to the next Section.
 
 We shall characterize the underlying one-time signature scheme by
 a octuplet `$(q, b, s, r, h, c_0, c_s, c_v)$`, where
@@ -241,36 +242,17 @@
     }
     \end{table*}
 
-Table XXX shows 
+Table XXX shows the tradeoffs possible in various one-time signature 
algorithms.
+The formulas for key boosting follow trivially from
+the description of the algorithm.
+
+In order to work, key boosting requires the
+hash tree as a basis to obtain an basis algorithm
+with `$q' \ne 1$`.
 
-There are three parameters to the one-time signature key boosting algorithm:
-`$N$`, the number of levels in the private key tree,
-`$k$`, the branching factor of the tree, and
-the algorithm for choosing `$x$`.
-
-- given `$N$` and `$k$`, there are `$k^N$` 
+- given `$N$` and `$q$`, there are `$q^N$` 
   possible private keys for signing messages.
 
-- We map
-
-- alternatives at tree nodes:
-
-  - sign each public key separately,  requires `$b \\ge r$` and `$q\\ge k$`
-    and contributes `$s + r$` bits to signature and no extra hashes
-
-  - sign some type of hash of all public keys, requires `$b \\ge h$` and 
`$q\\ge 1$`
-
-    - straightforward sig: contributes `$s + kr$` bits to sig and 
-      one extra hash to `$c_s$` and `$c_v$`.
-
-    - hash of hashes, publish one public key and hashes of others:
-      contributes `$s + r + (k-1)h$` bits to sig and 
-      `$k+1$` extra hashes to `$c_s$` and two to `$c_v$`.
-
-    - tree of hashes, publish one public key and hashes of tree branches:
-      contributes `$s + r + h \\log k$` bits to sig and
-      `$2k-1$` extra hashes to `$c_s$` and `$\\log k$` to `$c_v$`.
-
 
 - the first levels of signatures may be given in the public key,
   giving a tradeoff between public key size and signature size.
@@ -303,7 +285,7 @@
 
 - mustn't lose count! 
 
-- can't copy key!
+- can't copy key or restore from backup!
 
 Probabilistic limited
 ---------------------