WIP: add Note Components, concrete Symmetric Encryption, Key Agreement, and (empty) Signatures sections.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>

protocol/protocol.tex

@@ -962,6 +962,16 @@ such that bit $b$ has numeric weight $2^b$.
 \end{itemize}
 }
 
+\nsubsection{Note Components}
+
+\begin{itemize}
+    \item $\AuthPublic$ is a 32-byte \payingKey of the recipient.
+    \item $\Value$ is a 64-bit unsigned integer representing the value of the
+        \note in \zatoshi ($1$ \ZEC = $10^8$ \zatoshi).
+    \item $\NoteAddressRand$ is a 32-byte $\PRFnf{\AuthPrivate}$ preimage.
+    \item $\NoteCommitRand$ is a 32-byte \commitmentTrapdoor.
+\end{itemize}
+
 \nsubsection{\JoinSplitTransfers{} and Descriptions} \label{joinsplitdesc}
 
 A \joinSplitDescription is data included in a \transaction that describes a
@@ -1632,6 +1642,68 @@ additional bit to $\AuthPrivate$ to encode a new key type, or that require an
 additional PRF.)
 }
 
+\nsubsubsection{\SymmetricEncryption} \label{concretesym}
+
+Let $\Sym$ be an \symmetricEncryptionScheme with keyspace $\Keyspace$, encrypting
+plaintexts in $\Plaintext$ to produce ciphertexts in $\Ciphertext$.
+
+$\SymEncrypt{} \typecolon \Keyspace \times \Plaintext \rightarrow \Ciphertext$
+is the encryption algorithm.
+
+$\SymDecrypt{} \typecolon \Keyspace \times \Ciphertext \rightarrow
+\Plaintext \cup \setof{\bot}$ is the corresponding decryption algorithm, such that
+for any $\Key \in \Keyspace$ and $\Ptext \in \Plaintext$,
+$\SymDecrypt{\Key}(\SymEncrypt{\Key}(\Ptext)) = \Ptext$.
+$\bot$ is used to represent the decryption of an invalid ciphertext.
+
+\securityrequirement{
+$\Sym$ must be one-time (INT-CTXT $\wedge$ IND-CPA)-secure. ``One-time'' here means
+that an honest protocol participant will almost surely encrypt only one message with
+a given key; however, the attacker may make many adaptive chosen ciphertext queries
+for a given key. The security notions INT-CTXT and IND-CPA are as defined in
+\cite{BN2007}.
+}
+
+\nsubsubsection{\KeyAgreement} \label{abstractkeyagreement}
+
+A \keyAgreementScheme is a cryptographic protocol in which two parties agree
+a shared secret, each using their private key and the other party's public key.
+
+A \keyAgreementScheme $\KA$ defines a type of public keys $\KAPublic$, a type
+of private keys $\KAPrivate$, and a type of shared secrets $\KASharedSecret$.
+
+Let $\KAFormatPrivate \typecolon \PRFOutput \rightarrow \KAPrivate$ be a function
+that converts a bit string of length $\PRFOutputLength$ to a $\KA$ private key.
+
+Let $\KADerivePublic \typecolon \KAPrivate \rightarrow \KAPublic$ be a function
+that derives the $\KA$ public key corresponding to a given $\KA$ public key.
+
+Let $\KAAgree \typecolon \KAPrivate \times \KAPublic \rightarrow \KASharedSecret$
+be the agreement function.
+
+\securityrequirement{
+$\KAFormatPrivate$ must preserve sufficient entropy from its input to be used
+as a secure $\KA$ private key. \todo{requirements on security of key agreement and KDF}
+}
+
+\changed{
+where
+\begin{itemize}
+  \item $\CurveMultiply(\bytes{n}, \bytes{q})$ performs point
+multiplication of the Curve25519 public key represented by the byte
+sequence $\bytes{q}$ by the Curve25519 secret key represented by the
+byte sequence $\bytes{n}$, as defined in section 2 of \cite{Curve25519};
+  \item $\CurveBase$ is the public byte sequence representing the Curve25519
+base point;
+  \item $\Clamp(\bytes{x})$ takes a 32-byte sequence $\bytes{x}$ as input
+and returns a byte sequence representing a Curve25519 private key, with
+bits ``clamped'' as described in section 3 of \cite{Curve25519}:
+``clear bits $0, 1, 2$ of the first byte, clear bit $7$ of the last byte,
+and set bit $6$ of the last byte.'' Here the bits of a byte are numbered
+such that bit $b$ has numeric weight $2^b$.
+\end{itemize}
+}
+
 \nsubsubsection{\KeyDerivation} \label{concretekdf}
 
 \newsavebox{\kdftagbox}
@@ -1669,7 +1741,9 @@ where:
 \hskip 1.5em $\kdfinput := \Justthebox{\kdfinputbox}$.
 }
 
+\nsubsubsection{Signatures} \label{concretesig}
 
+\todo{}
 
 
 \nsubsection{Note Components}