Add line on RSA-FDH to Taler paper.
I could obviously say more, and I really should clean up the text around it, but not now.
This commit is contained in:
parent
e7e14f3009
commit
e7d4ccec98
@ -206,16 +206,8 @@
|
|||||||
url="https://eprint.iacr.org/2001/002"
|
url="https://eprint.iacr.org/2001/002"
|
||||||
}
|
}
|
||||||
|
|
||||||
@misc{cryptoeprint:2001:002,
|
|
||||||
author = {M. Bellare and C. Namprempre and D. Pointcheval and M. Semanko},
|
|
||||||
title = {The One-More-RSA-Inversion Problems and the Security of Chaum's Blind Signature Scheme},
|
|
||||||
howpublished = {Cryptology ePrint Archive, Report 2001/002},
|
|
||||||
year = {2001},
|
|
||||||
note = {\url{http://eprint.iacr.org/}},
|
|
||||||
}
|
|
||||||
|
|
||||||
|
@inbook{RSA-HDF-KTIvCTI,
|
||||||
@inbook{RSA-KTIvCTI,
|
|
||||||
author="Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael",
|
author="Bellare, Mihir and Namprempre, Chanathip and Pointcheval, David and Semanko, Michael",
|
||||||
editor="Syverson, Paul",
|
editor="Syverson, Paul",
|
||||||
chapter="The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme",
|
chapter="The Power of RSA Inversion Oracles and the Security of Chaum's RSA-Based Blind Signature Scheme",
|
||||||
|
@ -418,11 +418,18 @@ and that he paid his obligations.
|
|||||||
Neither the merchant nor the customer may have any ability to {\em
|
Neither the merchant nor the customer may have any ability to {\em
|
||||||
effectively} defraud the exchange or the state collecting taxes. Here,
|
effectively} defraud the exchange or the state collecting taxes. Here,
|
||||||
``effectively'' means that the expected return for fraud is negative.
|
``effectively'' means that the expected return for fraud is negative.
|
||||||
|
In particular, Taler employs a full domain hash (FDH) with RSA signatures
|
||||||
|
so that ``one-more forgery'' is hard assuming the RSA known-target
|
||||||
|
inversion problem is hard.\cite[Theorem12]{RSA-HDF-KTIvCTI}
|
||||||
|
% \cite[Theorem 6.2]{OneMoreInversion}
|
||||||
Note that customers do not need to be trusted in any way, and that in
|
Note that customers do not need to be trusted in any way, and that in
|
||||||
particular it is never necessary for anyone to try to recover funds
|
particular it is never necessary for anyone to try to recover funds
|
||||||
from customers using legal means.
|
from customers using legal means.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
\subsection{Taxability and Entities}
|
\subsection{Taxability and Entities}
|
||||||
|
|
||||||
As electronic coins are trivially copied between machines, we should
|
As electronic coins are trivially copied between machines, we should
|
||||||
|
Loading…
Reference in New Issue
Block a user