-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathTODO
34 lines (29 loc) · 2.06 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Copyright (C) 2006, 2007, 2009, 2015-2019 Heiko Stamer <HeikoStamer@gmx.net>
Permission is granted to copy, distribute and/or modify this document under
the terms of the GNU Free Documentation License, Version 1.3 or any later
version published by the Free Software Foundation; with no Invariant Sections,
no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included
in the sources of this package and additionally can be obtained from Internet
<https://www.gnu.org/licenses>.
* TMCG: reimplement the TimingAttackProtection for Schindelhauer's protocols
* RFC4880: add FindByUserid() to TMCG_OpenPGP_Keyring
* add abstraction layer for cryptographic primitives (i.e. libgcrypt calls)
* add generic group abstraction layer, e.g. for future use of ECC groups
* add constant-time implementation for modular multiplication mpz_smulm() a.o.
* add generic broadcast channel abstraction layer, e.g. AbstractBroadcastChannel
+ provide interactive and distributed (multiparty DZKP) versions for
bootstrapping non-interactive protocols of VTMF, i.e., key generation
(for applications that cannot rely on the random oracle assumption or
the h-generation protocol as building block of ASTC [JL00])
+ VTMF: add interactive versions of Chaum-Pedersen PoK of dlog equality
+ DZKP also called "Simultaneous Zero-Knowledge Proofs of Knowledge" [JL00]
+ DKG, ASTC: transform protocols into variants without aiou->Send() [BH92]
+ move to event-driven architecture and state-based protocol representation
+ provide a multi-value byzantine consensus protocol for agreement purposes
+ implement asynchronous VSS [CKLS02] for DKG and other applications
- deterministic DSA for ASTC/DSS: cf. RFC 6979; maybe it's impossible for TC
- implement the exotic card and stack operations of the toolbox; there are
some obstacles, e.g. that the prover does not know all used randomizers,
for the subset and superset protocols; general protocols for private set
operations (PSI) are also not useful, because they do not provide the link
from the shuffled deck to individual set operations on private cards