Authenticated. 1 (and 0) are computationally bounded, and there is a trusted PKI setup. In this case, we assume in our security proofs that the cryptographic primitives used in the protocol provide perfect security, which, by a standard hybrid argument, does not affect the generality of our result and serves to simplify the exposition. – 2(Π) 0, 1 . The adversary, at round r = 0 can view the protocol description Π and choose a bit b that indicates the setting of the current execution of the protocol. This choice is not revealed to honest parties. The following holds. • If b = 1, then A chose the sabotaged setting. Furthermore, |Fr| ≤ ti for all rounds r. • If b = 0, then A chose the authenticated setting. Furthermore |Fr| ≤ ts for all rounds r. We say that the adversary A is t-bounded if |Fr| ≤ t holds for all rounds r Definitions and properties that we introduce hereafter are only required to hold with probability 1 − negl(λ).
Appears in 2 contracts
Sources: Byzantine Agreement Protocol, Byzantine Agreement Protocol