[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-exchange] branch master updated: Tweaks to FC2017
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-exchange] branch master updated: Tweaks to FC2017 |
|
Date: |
Thu, 18 May 2017 14:50:35 +0200 |
This is an automated email from the git hooks/post-receive script.
burdges pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new 2f4953f Tweaks to FC2017
2f4953f is described below
commit 2f4953fe75e2cd44b4b28bea6afea5ed8c2d5aa1
Author: Jeffrey Burdges <address@hidden>
AuthorDate: Thu May 18 14:50:06 2017 +0200
Tweaks to FC2017
---
doc/paper/taler_FC2017.txt | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/doc/paper/taler_FC2017.txt b/doc/paper/taler_FC2017.txt
index 4c0087f..de1c64a 100644
--- a/doc/paper/taler_FC2017.txt
+++ b/doc/paper/taler_FC2017.txt
@@ -29,7 +29,7 @@ only transforms a dirty coin into a fresh coin with the same
denomination. The
misbehavior will not be detected by the exchange, as the fresh coin is
unlinkable to the original coin.
-> When refreshing a coin, the old coin is obviously marked as spend.
+> When refreshing a coin, the old coin is obviously marked as spent.
> This attack is based on a misunderstanding of refreshing.
The implementation of Taler in this paper is
@@ -157,7 +157,7 @@ Specific comments:
signature?
> The "K" here means that the domain of the full domain hash is the
-> modulus of the public key K_v of the key pair K.
+> modulus of the RSA public key K_v of the key pair K.
- Section 4.1, step 4, How can the exchange know that this was indeed a new
withdrawal request? If a new blinding factor b is used, then a customer can
@@ -175,13 +175,18 @@ Specific comments:
the coin (i.e. cannot link with withdrawal) but this is still an anonymity
problem.
-> Yes, this is why the user has to refresh a partially spend coin
-> before reusing it, unless they don't care about their anonymity.
+> Yes, this is why the wallet refreshes a partially spend coin before
+> reusing it, although a user who did not care about their anonymity
+> could change that.
- Section 4.3, doesn’t seem very fair to compare with Zcash or at least it
should be highlighted that a quite weaker level of anonymity is achieved.
-> We added a remark on the high level of anonymity that Zerocash achieves
+> We added remarks on the level of anonymity that Zerocash achieves.
+> We suspect Zerocash's inherent scaling issues limit its anonymity
+> for normal purchases, as compaired to that a large Taler exchange
+> provides. We mention that Zerocash is likely to provide better
+> anonymtiy for large transactions that do not need to be cashed out.
- Section 4.3, step 1, where is the key t_s^(i) selected from? What does S_{C’}
denotes? Is that a commitment (as noted in the text) or a signature (as noted
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-exchange] branch master updated: Tweaks to FC2017,
gnunet <=