eipsi: update logo

eipsi2024/eipsi2024.tex

@@ -65,10 +65,10 @@
 \subtitle{Zero-Knowledge Age Restriction for GNU Taler}
 
 \author{Özgür Kesim}
-\institute{FU Berlin}
-\date{December 29, 2022}
+\institute{Code Blau GmbH, FU Berlin, TU Dresden}
+\date{31 May 2024}
 
-%TODO: \titlegraphic{\centering\includegraphics[width=0.5\textwidth]{images/hip2022.jpg}}
+\titlegraphic{\centering\vspace*{-0.5cm}\includegraphics[width=0.4\textwidth]{images/surveilance-logo.png}}
 
 
 \begin{document}
@@ -88,7 +88,7 @@
 		\item PhD candidate at FU Berlin,
 		\item member of GNU Taler dev-team.
 	\end{itemize}
-
+	\note{fnord}
 
 	\vfill
 	\url{oec-taler@kesim.org} \hfill \url{@oec@mathstodon.xyz} \hfill
@@ -153,7 +153,7 @@
 		relation to content harmful to minors, \textbf{such as
 		age-verification systems}, ...
 	\end{quote}
-	
+
 	\tiny
 	From the
 	\href{https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=0900001680645b44}
@@ -245,7 +245,7 @@ with the following properties:
 		\item<9->  \textit{Exchanges} \textbf{compare} the derived age commitments
 		\item<10-> \tikzmark{send}{\large \texttt{GOTO}} 2.
 			\begin{tikzpicture}[overlay, remember picture]
-				\draw[line width=1pt,->] 
+				\draw[line width=1pt,->]
 						([shift=({-6mm, 1mm})]pic cs:send) to
 						([shift=({-1cm, 1mm})]pic cs:send) to
 						([shift=({-1cm, 1mm})]pic cs:sstart) to
@@ -299,7 +299,7 @@ with the following properties:
 
 
 \begin{frame}{Specification of the Function Signatures}
-\small 
+\small
 Searching for functions \uncover<2->{with the following signatures}
 \begin{align*}
 	&\bf \Commit\uncover<2->{:
@@ -417,9 +417,9 @@ Searching for functions \uncover<2->{with the following signatures}
 
 	\pause
 	\begin{itemize}[<+->]
-		\item Calling $\Derive()$ iteratively generates sequence 
+		\item Calling $\Derive()$ iteratively generates sequence
 			$(\commitment_0, \commitment_1, \dots)$ of commitments.
-		\item Exchange calls $\Compare(\commitment_i, \commitment_{i+1},~.~)$ 
+		\item Exchange calls $\Compare(\commitment_i, \commitment_{i+1},~.~)$
 		\item[$\implies$]Exchange identifies sequence
 		\item[$\implies$]{\bf Unlinkability broken}
 	\end{itemize}
@@ -436,23 +436,23 @@ Searching for functions \uncover<2->{with the following signatures}
 	\begin{itemize}[<+->]
 		\item[$\Child$:]
 			\begin{enumerate}
-				\item generates $(\commitment_1,\dots,\commitment_\kappa)$ 
+				\item generates $(\commitment_1,\dots,\commitment_\kappa)$
 					and $(\beta_1,\dots,\beta_\kappa)$ from $\commitment_0$\\
 					by calling $\kappa$ times $\Derive(\commitment_0, \pruf_0, \omega_i)$
 				\item calculates $h_0:=H\left(H(\commitment_1, \beta_1)\parallel \dots\parallel H(\commitment_\kappa, \beta_\kappa)\right)$
 				\item sends $\commitment_0$ and $h_0$ to $\Exchange$
 			\end{enumerate}
-		\item[$\Exchange$:] 
+		\item[$\Exchange$:]
 			\begin{enumerate}
 				\item[4.] saves $\commitment_0$ and $h_0$ and sends $\Child$ random  $\gamma \in \{1,\dots,\kappa\}$
 			\end{enumerate}
-		\item[$\Child$:] 
+		\item[$\Child$:]
 			\begin{enumerate}
 				\item[5.] reveals $h_\gamma:=H(\commitment_\gamma, \beta_\gamma)$ and all $(\commitment_i, \beta_i)$, except $(\commitment_\gamma, \beta_\gamma)$
 			\end{enumerate}
-		\item[$\Exchange$:] 
+		\item[$\Exchange$:]
 			\begin{enumerate}
-				\item[6.] compares $h_0$ and 
+				\item[6.] compares $h_0$ and
 			$H\left(H(\commitment_1, \beta_1)\parallel ...\parallel h_\gamma\parallel ...\parallel H(\commitment_\kappa, \beta_\kappa)\right)$
 				\item[7.] evaluates $\Compare(\commitment_0, \commitment_i, \beta_i)$ for all $i \neq \gamma$.
 			\end{enumerate}
@@ -463,7 +463,7 @@ Searching for functions \uncover<2->{with the following signatures}
 \end{frame}
 
 \begin{frame}{Achieving Unlinkability}%{Certainty trade-off}
-	
+
 	With \orange{$\DeriveCompare$}
 	\begin{itemize}
 		\item $\Exchange$ learns nothing about $\commitment_\gamma$ or $H(\commitment_\gamma)$,
@@ -513,7 +513,7 @@ Searching for functions \uncover<2->{with the following signatures}
 				{\blue{$\Verify(\minage, \commitment, \attest_{\minage})$}} (Merchant);
 		}
 		\uncover<7,8->{
-			\draw[orange,<->] (Client)   to 
+			\draw[orange,<->] (Client)   to
 			node[sloped,below,align=center] {\orange{$\commitment \mapsto \commitment_\gamma$}}
 			node[sloped,above,align=center] {\orange{$\DeriveCompare$}} (Exchange);
 		}
@@ -562,7 +562,7 @@ Searching for functions \uncover<2->{with the following signatures}
 % 	\item[$\Child$:]
 % 		\begin{enumerate}
 % 			\setcounter{enumi}{7}
-% 
+%
 % 				\scriptsize
 % 			\itemsep0.3em
 % 			\item $h'_\gamma \leftarrow \Hash(\commitment_\gamma, \beta_\gamma)$
@@ -591,7 +591,7 @@ Searching for functions \uncover<2->{with the following signatures}
 
 \begin{frame}{Basic Requirements}
 	\label{fr:basicRequirements}
-	Candidate functions 
+	Candidate functions
 	\[ (\Commit, \Attest, \Verify, \Derive, \Compare) \]
 	must meet \textit{basic requirements}:
 
@@ -602,7 +602,7 @@ Searching for functions \uncover<2->{with the following signatures}
 	\end{itemize}
 	\pause
 	More details in the published paper and \hyperlink{fr:detailedBasicRequirements}{Appendix}.
-\end{frame}	
+\end{frame}
 
 \begin{frame}{Security Requirements}
 	Candidate functions must also meet \textit{security requirements},
@@ -685,9 +685,9 @@ Searching for functions \uncover<2->{with the following signatures}
 				\[\langle(q_1, p_1),\dots,(q_\Age,p_\Age)\rangle\]
 			\item Guardian then \textbf{drops} all private keys
 				$p_i$ for $i > \age$:
-				\[\Big \langle(q_1, p_1),\dots, 
-					(q_\age, p_\age), 
-					(q_{\age +1}, \red{\Nil}),\dots, 
+				\[\Big \langle(q_1, p_1),\dots,
+					(q_\age, p_\age),
+					(q_{\age +1}, \red{\Nil}),\dots,
 					(q_\Age, \red{\Nil})\Big\rangle\]
 			\item[] then set \begin{itemize}
 					\setlength{\itemindent}{5em}
@@ -702,7 +702,7 @@ Searching for functions \uncover<2->{with the following signatures}
 \end{frame}
 
 \begin{frame}{Attest and Verify with ECDSA}
-	Child has 
+	Child has
 	\begin{itemize}
 		\item ordered public-keys $\Vcommitment = (q_1, \dots~\dots~\dots, q_\Age) $,
 		\item (some) private-keys $\Vpruf = (p_1, \dots, p_\age, \Nil, \dots, \Nil)$.
@@ -717,7 +717,7 @@ Searching for functions \uncover<2->{with the following signatures}
 	\vfill
 
 	\uncover<3->{
-	Merchant gets 
+	Merchant gets
 	\begin{itemize}
 		\item ordered public-keys $\Vcommitment = (q_1, \dots, q_\Age) $
 		\item Signature $\sigma_\blue{\minage}$
@@ -731,8 +731,8 @@ Searching for functions \uncover<2->{with the following signatures}
 \end{frame}
 
 \begin{frame}{Derive and Compare with ECDSA}
-	Child has 
-	$\Vcommitment = (q_1, \dots, q_\Age) $ and 
+	Child has
+	$\Vcommitment = (q_1, \dots, q_\Age) $ and
 	$\Vpruf = (p_1, \dots, p_\age, \Nil, \dots, \Nil)$.
 	\begin{description}
 		\item<2->[To \blue{Derive} new $\Vcommitment'$ and $\Vpruf'$:]
@@ -820,7 +820,7 @@ Searching for functions \uncover<2->{with the following signatures}
 	\begin{itemize}
 		\item based on EdDSA (Bernstein et al.),
 		\item generates compatible signatures,
-		\item allows for key derivation from both, private and public keys, independently and 
+		\item allows for key derivation from both, private and public keys, independently and
 		\item is already in use in GNUnet.
 	\end{itemize}~\\[1em]
 
@@ -831,7 +831,7 @@ Searching for functions \uncover<2->{with the following signatures}
 % \begin{frame}{Instantiation with ECDSA}
 % 	\framesubtitle{Full definitions}
 % 	\scriptsize
-% 
+%
 % \begin{align*}
 % 	\Commit_{E,\FDHg{\cdot}}(\age, \omega) &:= \Big\langle
 % 		\overbrace{(q_1,\ldots,q_\Age)}^{= \Vcommitment},\;
@@ -988,8 +988,8 @@ Searching for functions \uncover<2->{with the following signatures}
 % 		\item Current privacy-perserving systems all based on
 % 			attribute-based credentials (Koning et al.,
 % 			Schanzenbach et al., Camenisch et al., Au et al.)
-% 
-% 		\item Attribute-based approach lacks support: 
+%
+% 		\item Attribute-based approach lacks support:
 % 			\begin{itemize}
 % 				\item Complex for consumers and retailers
 % 				\item Requires trusted third authority
@@ -1060,7 +1060,7 @@ Searching for functions \uncover<2->{with the following signatures}
 			\begin{align*}
 				\Forall_{\age\in\N_\Age \atop \omega \in \Omega}:
 				\Commit(\age, \omega) =: (\commitment, \pruf)
-				\implies 
+				\implies
 				\Attest(\minage, \commitment, \pruf) =
 				\begin{cases}
 					\attest \in \Attests, \text{ if } \minage \leq \age\\
@@ -1107,13 +1107,13 @@ Searching for functions \uncover<2->{with the following signatures}
 			\end{itemize}
 		\item[B:]
 			\begin{itemize}
-				\item signs $m'$, by calculating 
+				\item signs $m'$, by calculating
 					$\sigma' := (m')^d \mod N$ {\hfill \scriptsize \textit{(B doesn't learn $m$)}}
 				\item sends $\sigma'$ to A.
 				\item[] \scriptsize Note: $(m')^d = (m*b^e)^d = m^d*b^{ed} = m^d*b \mod N$
 			\end{itemize}
 		\item[A:]\begin{itemize}
-				\item unblinds $\sigma'$ by calculating 
+				\item unblinds $\sigma'$ by calculating
 			\[ \sigma := \sigma'*b^{-1} (= m^d) \]
 			\item[$\implies$]$\sigma$ is a valid RSA signature to message $m$.
 		\end{itemize}