mirror of https://github.com/zcash/zips.git
Update description of commitment scheme.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
7cc7ae34d1
commit
d44f7d4959
|
@ -146,6 +146,10 @@
|
|||
\newcommand{\notes}{\term{notes}}
|
||||
\newcommand{\Note}{Note}
|
||||
\newcommand{\Notes}{Notes}
|
||||
\newcommand{\commitmentScheme}{\term{commitment scheme}}
|
||||
\newcommand{\commitmentTrapdoor}{\term{commitment trapdoor}}
|
||||
\newcommand{\commitmentTrapdoors}{\term{commitment trapdoors}}
|
||||
\newcommand{\trapdoor}{\term{trapdoor}}
|
||||
\newcommand{\noteCommitment}{\term{note commitment}}
|
||||
\newcommand{\noteCommitments}{\term{note commitments}}
|
||||
\newcommand{\NoteCommitment}{\titleterm{Note Commitment}}
|
||||
|
@ -338,10 +342,10 @@
|
|||
|
||||
% Commitments
|
||||
\newcommand{\Commit}[1]{\mathsf{COMM}_{#1}}
|
||||
\newcommand{\CommitOutputLength}{\mathsf{\ell_{COMM}}}
|
||||
\newcommand{\CommitOutput}{\bitseq{\CommitOutputLength}}
|
||||
\newcommand{\CommitTrapdoor}{\mathsf{COMM.Trapdoor}}
|
||||
\newcommand{\CommitInput}{\mathsf{COMM.Input}}
|
||||
\newcommand{\CommitOutput}{\mathsf{COMM.Output}}
|
||||
\newcommand{\NoteCommit}{\mathtt{NoteCommitment}}
|
||||
\newcommand{\commitmentTrapdoor}{\term{commitment trapdoor}}
|
||||
\newcommand{\Uncommitted}{\mathsf{Uncommitted}}
|
||||
|
||||
% Symmetric encryption
|
||||
|
@ -1122,6 +1126,32 @@ This is not considered to be a significant security weakness.
|
|||
|
||||
\todo{}
|
||||
|
||||
|
||||
\nsubsubsection{Commitment} \label{abstractcomm}
|
||||
|
||||
A \commitmentScheme is a function that, given a random \commitmentTrapdoor
|
||||
and an input, can be used to commit to the input in such a way that:
|
||||
\begin{itemize}
|
||||
\item no information is revealed about it without the \trapdoor (``hiding''),
|
||||
\item given the \trapdoor and input, the commitment can be verified to ``open''
|
||||
to that input and no other (``binding'').
|
||||
\end{itemize}
|
||||
|
||||
\vspace{-3ex}
|
||||
A \commitmentScheme $\Commit{}$ defines a type of inputs $\CommitInput$,
|
||||
a type of commitments $\CommitOutput$, and a type of \commitmentTrapdoors
|
||||
$\CommitTrapdoor$.
|
||||
|
||||
Let $\Commit{} \typecolon \CommitTrapdoor \times \CommitInput \rightarrow \CommitOutput$
|
||||
be a function satisfying the following requirements, adapted from
|
||||
...
|
||||
|
||||
\begin{securityrequirements}
|
||||
\item \textbf{Computational Hiding:} ...
|
||||
\item \textbf{Computational Binding:} ...
|
||||
\end{securityrequirements}
|
||||
|
||||
|
||||
\nsubsubsection{\ZeroKnowledgeProvingSystem}
|
||||
|
||||
A \zeroKnowledgeProvingSystem is a cryptographic protocol that allows
|
||||
|
|
Loading…
Reference in New Issue