Benjamin_Loison/Variable_MLS
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update on Overleaf.

Browse Source
This commit is contained in:
Benjamin Loison
2023-06-21 14:44:31 +00:00
committed by node
parent 58b92f2dd0
commit 240e4a57c8
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ccs-body.tex
View File

@@ -114,7 +114,7 @@ We suppose that the adversary is a \textit{rushing adversary} in the sense that
We limit the adversary to a probabilistic polynomial-time Turing machine that behaves arbitrarily, i.e., it may not follow the prescribed algorithms. We limit the adversary to a probabilistic polynomial-time Turing machine that behaves arbitrarily, i.e., it may not follow the prescribed algorithms.
However, the adversary remains computationally bounded. Hence, it cannot, in a polynomial number of steps or time or space, forge honest parties' signatures or break the hash function and signature scheme with all but negligible probability. Therefore, we term our adversary as the \emph{1/2-bounded PPT adversary}. Any party following the prescribed protocol is called a \emph{honest} party. However, the adversary remains computationally bounded. Hence, it cannot, in a polynomial number of steps or time or space, forge honest parties' signatures or break the hash function and signature scheme with all but negligible probability. Therefore, we term our adversary as the \emph{1/2-bounded PPT adversary}. Any party following the prescribed protocol is called a \emph{honest} party.
% \textcolor{blue}{A-t-on besoin de présenter des fonctions de hash cryptographiques ?} % \textcolor{blue}{A-t-on besoin de présenter des fonctions de hash cryptographiques ?}
% Blocks are assigned a unique random identifier from a \(\ell\)-identifier space. % Blocks are assigned a unique random identifier from a \(\ell\)-identifier space.
% Identifiers are derived from the standard {\sc SHA256} hash function on the block header, \emph{i.e.,} we have \(\ell=256\). % Identifiers are derived from the standard {\sc SHA256} hash function on the block header, \emph{i.e.,} we have \(\ell=256\).
% We denote by \hash{b} the result of this function applied on block \(b\). % We denote by \hash{b} the result of this function applied on block \(b\).
@@ -123,24 +123,24 @@ However, the adversary remains computationally bounded. Hence, it cannot, in a p
% Second, we assume that \hash{.} values are uniformly distributed over the \(\llbracket 0 ; 2^{\ell} -1\rrbracket \)interval. % Second, we assume that \hash{.} values are uniformly distributed over the \(\llbracket 0 ; 2^{\ell} -1\rrbracket \)interval.
% Finally, we assume that \hash{.} is collision free in the sense that given two blocks \(b_1, b_2\) we have \(b_1 = b_2 \Leftrightarrow \) \hash{b_1} = \hash{b_2}. % Finally, we assume that \hash{.} is collision free in the sense that given two blocks \(b_1, b_2\) we have \(b_1 = b_2 \Leftrightarrow \) \hash{b_1} = \hash{b_2}.
% \textcolor{blue}{je ne suis pas completement sure que la suite fasse partie du modele. En fait il faut mettre toute cette partie là ou on va expliquer notre solution} % \textcolor{blue}{je ne suis pas completement sûre que la suite fasse partie du modèle. En fait il faut mettre toute cette partie là où on va expliquer notre solution}
% In addition to the application specifications, a block \(b\) is valid if it can be appended to a prefix of the current blockchain. % In addition to the application specifications, a block \(b\) is valid if it can be appended to a prefix of the current blockchain.
% Note that a block is not required to extend the best blockchain. On the contrary, it can happen that this addition may change the best blockchain. % Note that a block is not required to extend the best blockchain. On the contrary, it can happen that this addition may change the best blockchain.
% PoW systems rely on two additional functions, namely \diff{.} and \target{.}. % PoW systems rely on two additional functions, namely \diff{.} and \target{.}.
% \target{.} computes a value that depend on the current best blockchain to ensure a constant interblock delay. % \target{.} computes a value that depends on the current best blockchain to ensure a constant interblock delay.
% For instance, Bitcoin computes a new \target{.} at each sequence of 2016 blocks on the empirical interblock delay on the previous sequence. % For instance, Bitcoin computes a new \target{.} at each sequence of 2016 blocks on the empirical interblock delay on the previous sequence.
% The adjustment of \target{.} aims at handling the variation of the population of the system. % The adjustment of \target{.} aims at handling the variation of the population of the system.
% When the population growths, blocks will be generated with a smaller interblock delay, \target{.} is thus lowered by the protocol. % When the population growths, blocks will be generated with a smaller interblock delay, \target{.} is thus lowered by the protocol.
% On the contrary, if the population decreases, the interblock delay will increase and the \target{.} has to be increased by the protocol. % On the contrary, if the population decreases, the interblock delay will increase and the \target{.} has to be increased by the protocol.
% \diff{b} computes a value that depend on the given block \(b\). % \diff{b} computes a value that depends on the given block \(b\).
% In such a system, a block \(b\) is {\em valid} if \(b\) meets application specification, and if \diff{b} satisfies the current interblock delay condition, \emph{i.e.}, if the following condition holds \diff{b} \(\leq\) \target{b}. % In such a system, a block \(b\) is {\em valid} if \(b\) meets application specification, and if \diff{b} satisfies the current interblock delay condition, \emph{i.e.}, if the following condition holds \diff{b} \(\leq\) \target{b}.
% For the sake of simplicity, we consider that \diff{b} = \hash{b}. % For the sake of simplicity, we consider that \diff{b} = \hash{b}.
% Note that given the assumption on \hash{.} function, the distribution of \diff{b} is uniform over the \(\llbracket 0 ; 2^{\ell} -1\rrbracket \)interval, \emph{i.e.} all hash values are equiprobable. % Note that given the assumption on \hash{.} function, the distribution of \diff{b} is uniform over the \(\llbracket 0 ; 2^{\ell} -1\rrbracket \)interval, \emph{i.e.} all hash values are equiprobable.
% In addition, given a \target{.} value \(t\), the probability to create a valid block \(b\) is given by \(P\{ \textnormal{b is valid} \mid T=t\} = P\{\) \diff{b} \(\leq t \mid T=t\} = t/2^{\ell}\). % In addition, given a \target{.} value \(t\), the probability to create a valid block \(b\) is given by \(P\{ \textnormal{b is valid} \mid T=t\} = P\{\) \diff{b} \(\leq t \mid T=t\} = t/2^{\ell}\).
% In other words, \target{.} value adjustment makes valid block creation harder or easier, but given a \target{.} value all valid blocks are equiprobable. % In other words, \target{.} value adjustment makes valid block creation harder or easier, but given a \target{.} value all valid blocks are equiprobable.
% In order to validate our assumptions on \hash{.}, and thus on \diff{.} and \target{.}, we analyze the ratio between \diff{b} and \target{b} on Bitcoin's blockchain. At the time of writing, this blockchain gather around \(785000\) blocks. Figure~\ref{fig:ratio} depicts the cumulative distribution of these ratio values in ascending order, which clearly assess the validity of uniform distribution of \hash{.} values. % In order to validate our assumptions on \hash{.}, and thus on \diff{.} and \target{.}, we analyze the ratio between \diff{b} and \target{b} on Bitcoin's blockchain. At the time of writing, this blockchain gather around \(785000\) blocks. Figure~\ref{fig:ratio} depicts the cumulative distribution of these ratio values in ascending order, which clearly assess the validity of uniform distribution of \hash{.} values.
@@ -200,7 +200,7 @@ The proposal by Kiayias et al.~\cite{10.1145/3460120.3484784} offers the best-k
\caption{\label{fig:compression} Kiayias~\textit{et al.}'s compression scheme~\cite{kiayias2021mining}.} \caption{\label{fig:compression} Kiayias~\textit{et al.}'s compression scheme~\cite{kiayias2021mining}.}
\end{figure} \end{figure}
%However, their solution reduces the security of the protocol by guaranteeing resilience to only a third Byzantine adversary. Improving these security guarantees in NIPoPoW is the primary focus of the work. %However, their solution reduces the security of the protocol by guaranteeing resilience to only a third Byzantine adversary. Improving these security guarantees in NIPoPoW is the primary focus of the work.
\subsection{Algorithmic ingredients of the NIPoPoW} \subsection{Algorithmic ingredients of the NIPoPoW}