Formatting
This commit is contained in:
parent
4911f5bf8b
commit
538c608a97
|
@ -44,10 +44,9 @@ key can be given to an adversarial server to perform filtering.
|
|||
$\vec{k}$ is recalculated by first deriving $w$ using $u$ and $y$ and then calculating
|
||||
$\{k_i = H(\mathbf{U} || x_i\mathbf{U} || w) \forall i \in \vec{x})\}$ and the plaintext is recovered $\vec{p} = \vec{k} \oplus \vec{c}$ and compared to $\vec{1}$.
|
||||
|
||||
### Additional Checks
|
||||
|
||||
## Additional Checks
|
||||
|
||||
We perform the following additional checks when verifying a tag.
|
||||
We perform the following additional checks when verifying a tag:
|
||||
|
||||
* Discard tags that would validate for every single public key.
|
||||
* We assert that $\mathbf{U}$ is not the identity element.
|
||||
|
|
Loading…
Reference in New Issue