[Gzz-commits] manuscripts/Sigs article.rst

[Tuomas J. Lukka]

CVSROOT:        /cvsroot/gzz
Module name:    manuscripts
Changes by:     Tuomas J. Lukka <address@hidden>        03/05/18 14:04:47

Modified files:
        Sigs           : article.rst 

Log message:
        trade

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/manuscripts/Sigs/article.rst.diff?tr1=1.89&tr2=1.90&r1=text&r2=text

Patches:
Index: manuscripts/Sigs/article.rst
diff -u manuscripts/Sigs/article.rst:1.89 manuscripts/Sigs/article.rst:1.90
--- manuscripts/Sigs/article.rst:1.89   Sun May 18 13:49:19 2003
+++ manuscripts/Sigs/article.rst        Sun May 18 14:04:46 2003
@@ -221,7 +221,11 @@
     - this is a nice theoretical result: it *is* possible to sign anything
       without trapdoors - full feature set of normal (non-one-time) DSs
 
-    - realistic? How much does this need?
+    - feasible
+
+    - not quite realistic; actual numbers below
+
+
 
       - Works with `$k=10$`, `$N=16$` for SHA-1; sig length
        is about `$16(r'+s')$`; realistically, about
@@ -571,6 +575,20 @@
   and for choosing x
 
 - maybe recommendations
+
+Tradeoffs in deterministic key boosting
+---------------------------------------
+
+- we demand security level `$2^{-160}$` for our underlying schemes
+
+  - biba:
+
+  - Reyzin subset-resilient; 
+
+  - alternatively, the Reyzin theoretical construction may be used,
+    where the time spent is somewhat more but security depends
+    only on hashes
+
 
 
 Conclusion