From 85b8f1647bfbc0eb54c7e78b283ad5df56dddea5 Mon Sep 17 00:00:00 2001
From: Daira Hopwood <daira@jacaranda.org>
Date: Mon, 19 Oct 2020 14:11:06 +0100
Subject: [PATCH] Include a reference to [BFIJSV2010] for batch pairing
 verification techniques.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
---
 protocol/protocol.tex | 10 ++++++++++
 protocol/zcash.bib    | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/protocol/protocol.tex b/protocol/protocol.tex
index 4b18f844..63e548bf 100644
--- a/protocol/protocol.tex
+++ b/protocol/protocol.tex
@@ -10822,6 +10822,9 @@ The observation in \crossref{concretediversifyhash} that
 as \keyPrivacy for ElGamal, is due to Mary Maller.
 }
 
+We thank Ariel Gabizon for teaching us the techniques of \cite{BFIJSV2010}
+used in \crossref{grothbatchverify}, by applying them to \BCTV.
+
 Numerous people have contributed to the science of zero-knowledge proving
 systems, but we would particularly like to acknowledge the work of
 Shafi Goldwasser, Silvio Micali, Oded Goldreich, Charles Rackoff,
@@ -10845,6 +10848,12 @@ Peter Newell's illustration of the Jubjub bird, from \cite{Carroll1902}.
 \lsection{Change History}{changehistory}
 
 
+\historyentry{2020.1.15}{}
+\begin{itemize}
+    \item Include a reference to \cite{BFIJSV2010} for batch pairing verification techniques.
+\end{itemize}
+
+
 \historyentry{2020.1.14}{2020-08-19}
 \begin{itemize}
     \item The consensus rule that a \coinbaseTransaction must not spend more than is
@@ -13860,6 +13869,7 @@ can be extended across a larger batch.} %pnote
 \lsubsection{\GrothText{} batch verification}{grothbatchverify}
 
 The reference verification algorithm for \Groth proofs is defined in \crossref{groth}.
+The batch verification algorithm in this section applies techniques from \cite[section 4]{BFIJSV2010}.
 
 Let $\ParamS{q}$, $\ParamS{r}$, $\SubgroupS{1, 2, T}$, $\SubgroupSstar{1, 2, T}$, $\GenS{1, 2, T}$,
 $\OneS$, and $\PairingS$ be as defined in \crossref{blspairing}.
diff --git a/protocol/zcash.bib b/protocol/zcash.bib
index bdd06cc9..32bbdf08 100644
--- a/protocol/zcash.bib
+++ b/protocol/zcash.bib
@@ -105,6 +105,16 @@ Lecture Notes in Computer Science; Springer, 2013.},
 Received July~24, 2014.}
 }
 
+@misc{BFIJSV2010,
+   presort={BFIJSV2010},
+   author={Olivier Blazy and Georg Fuchsbauer and Malika Izabachène and Amandine Jambert and Hervé Sibert and Damien Vergnaud},
+   title={Batch {G}roth--{S}ahai},
+   url={https://eprint.iacr.org/2010/040},
+   urldate={2020-10-17},
+   howpublished={Cryptology ePrint Ar\-chive: Report 2010/040.
+Last revised February~3, 2010.}
+}
+
 @misc{AKLGL2010,
    presort={AKLGL2010},
    author={Diego Aranha and Koray Karabina and Patrick Longa and Catherine Gebotys and Julio López},