Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

Good prekey

If this criterion were only made for good prekeys, the scheme would still be secure, but effectiveness of authentication would only be error-free if the risk bearer s entity acted correctly. [Pg.196]

Remark 7.35. If the good prekeys are locally verifiable, and thus there is no error probability in the soundness of the zero-knowledge proof scheme, there is no real use for the family AllFam any more, and all jest can be omitted. ... [Pg.201]

Local verification algorithm all jest (for acceptable and good prekeys) ... [Pg.301]

There are two classes of such schemes. The main difference is that one has a small set of really good prekeys and the other a larger set of prekeys that are not... [Pg.304]

This is easier to see in schemes with prekey (see Definition 7.31) There, B might generate a prekey that is not good, and with an exponentially small probability, the prekey passes the zero-knowledge proof nevertheless. In this veiy unlikely case, nothing is guaranteed. [Pg.174]

The definition assumes that one party has to generate a value K (usually some sort of key — in the present application the prekey) with a certain probability distribution Corr (for correct ) and needs a generation algorithm gen for this task, and another party wants to be convinced that K is an element of a set Good. The first party is called the prover, the second party the verifier. More precisely, both the distribution and the set are parametrized with security parameters, and there is a precondition that all values generated with the correct distribution are elements of Good. [Pg.185]

Security for the signer. If a prekey is good and the signer s entity bases its main key generation on it, the resulting keys are good in a sense very similar to Definition 7.17. More precisely ... [Pg.196]

Thus only the prekey-generation algorithm geng remains to be simulated by the multi-party fiinction evaluation protocol. Note that the signer s entity still has to take part in this protocol to ensure that the resulting prekey is good. [Pg.211]

A zero-knowledge proof scheme could be permitted instead of local verifiability, or, as with prekeys, two families of good and all acceptable groups. [Pg.235]

The following components from Construction 9.4 are not used The families of correct prekey distributions and sets of good and all acceptable prekeys (only the generation and verification algorithms are used) the zero-knowledge proof scheme, except for the generation algorithm, because it only repeats alljtest and the security parameters as components of the prekey. [Pg.301]

Sets of prekeys Prekeys of the form described above are acceptable if the two keys from underlying schemes in them are acceptable and k is correct. They are good if, in addition, the prekey from the underlying scheme is good. Thus, for all k, [Pg.315]

See other pages where Good prekey is mentioned: [Pg.184]    [Pg.199]    [Pg.200]    [Pg.292]    [Pg.305]    [Pg.184]    [Pg.199]    [Pg.200]    [Pg.292]    [Pg.305]    [Pg.192]    [Pg.193]    [Pg.197]    [Pg.197]    [Pg.212]    [Pg.216]    [Pg.234]    [Pg.294]    [Pg.296]    [Pg.297]    [Pg.318]    [Pg.322]    [Pg.329]   
See also in sourсe #XX -- [ Pg.192 ]



SEARCH



Prekey

© 2024 chempedia.info