|
|
@ -819,9 +819,16 @@ indicates the output length in bits. It is used in \crossref{hsig} and |
|
|
|
|
|
|
|
$\PRF{x}{}$ is a \pseudoRandomFunction seeded by $x$. \changed{Four} \emph{independent} |
|
|
|
$\PRF{x}{}$ are needed in our protocol: |
|
|
|
$\PRFaddr{} \typecolon $, $\PRFnf{x}$, $\PRFpk{x}$\changed{, |
|
|
|
and $\PRFrho{x}$}. These are used in \crossref{circuit}, and instantiated in |
|
|
|
\crossref{prfs}. |
|
|
|
\begin{equation*} |
|
|
|
\begin{aligned} |
|
|
|
&\PRFaddr{} &\typecolon \\ |
|
|
|
&\PRFnf{} &\typecolon \\ |
|
|
|
&\PRFpk{} &\typecolon \\ |
|
|
|
&\PRFrho{} &\typecolon. |
|
|
|
\end{aligned} |
|
|
|
\end{equation*} |
|
|
|
|
|
|
|
These are used in \crossref{circuit}, and instantiated in \crossref{concreteprfs}. |
|
|
|
|
|
|
|
\securityrequirement{ |
|
|
|
In addition to being \pseudoRandomFunctions, it is required that $\PRFnf{x}$ |
|
|
|