Protocol Description Sample Clauses

Protocol Description. Our protocol consists of two parts: A voice commitment and the protection against MitM attacks.

Protocol Description. Another difference to existing work is how we describe the protocol; we do not use UML sequence diagrams to describe the protocol as they often cannot capture the entire set of message exchanges possible in the network environment described above. To describe the behaviour of each re-negotiation participant we provide a finite state machine to describe the state of the contract, similar to the WS- Agreement specification. However, unlike in WS-Agreement, the state machine is not shared between the negotiation participants. Instead each participant has their own ‘copy’ of the state machine which they update as they send and receive messages. In addition, we also explain the possible messaging events using pre- and post-constraints that together specify the conditions which must be satisfied before and after each message is sent. The conditions explain each messaging event as an atomic action and together describe the messaging behaviour of each participant in the re-negotiation protocol.

Protocol Description. The protocol is deterministic and runs for L iterations of 3 rounds each. [0, M ] of integer values, which we denote as mini-slots. (M = n−2t L · LL+1 to be exact.) If the input of party Pi is xi = 0, then Pi positions himself in the mini-slot v = 0, and if the input is xi = 1, then Pi positions himself in the mini-slot v = M . 2

Protocol Description. In the dynamic master key ex- change variant of our protocol, we assume that every client is fielded with the ability to generate cryptographic keys. Client vi initially generates and stores fi random master keys, where fi is a binomial random variable drawn from the distribution

Protocol Description. What information is being shared and the purpose(s) of each <System A> data The sharing of data from <System A> is necessary to <e.g.enable the creation of reporting> through <System B> for the purposes presented in section

Protocol Description. Before Step 1, the pioneer can be uniquely determined by all the nodes according to the pioneer election.

Protocol Description. The pseudocode for the top-level protocol has been described in Algorithm 5 and Algorithms 6-7 are used as sub-protocols. Algorithm 8 overrides the createAttestations method presented in Algorithm 3. The protocol progresses in a sequence of views. Algorithm 5 describes the three stages of the protocol within a view: leader nomination (3-11), leader election (12), and view-change (13-15). Since the leader election stage uses a simple threshold-coin primitive similar to that in the VABA protocol, we abstract it out and do not describe it in detail. Leader nomination stage. The leader nomination stage (lines 3-11 in Algorithm 5) starts with Proposal-Promotion, which consists of four sequential stages of provable broadcast (described in Algorithm 6), similar to that in HotStuff-M. There are n instances that are run in parallel and each party acts as a leader in one of them. The inputs to the instances are values corresponding to the highest key held by the leader, or any externally valid value if the party acting as the leader does not hold a key. The parties use the validation functions described in Table 2. In particular, the validateNeighbor() function ensures that in a span of n consecutive positions between en and e(n + 1) 1 for view e, a proposal promotion instance uses only one position and all positions before it are used by other instances. If a party completes its own instance, it sends a finished-proposal-promotion message containing the value and a proof of commit to all parties. Otherwise, it waits until n t proposal promotion instances have completed. From a party’s perspective, if n t instances have completed, i.e., it has received as many finished-proposal-promotion messages for this view), it appends to all its logs at all remaining positions for this view. Recall that in each log, every view has n slots dedicated to it, and they can be used in an arbitrary order during the provable broadcast calls in different proposal promotion instances. This step, thus, fills the remaining positions with s and shares it with all neighboring parties ρ(i) (Algorithm 5 lines 24-26). Algorithm 5 VABA-M: VABA with Minority Corruption (for party pi). 1: LOCK := 0, KEY := (v, σin) := (vi, ⊥), L := [], Dkey := Dcommit := Dlock := [], vcCount := 0, doneCount := 0 2: for view e := 1, 2, 3, . . . do 3: for k = 1, . . . , n do d Leader nomination phase 4: Proposal-Promotion((k, e), validate(), validateNeighbor()) 5: σout := Proposal-Promotion((i, e), KEY ) as s d Star...

Protocol Description. The depth of the tree used for multicast routing is a useful proxy for the energy-efficiency of multicast in many wireless networks [39]. Let h(vi, vj) be the distance in hops between clients vi and vj and let h(s, D) = max h(s, d) (6) d∈D be the depth of a minimum-depth multicast tree from a source compute the bit-wise sum ml,u = sj0 ,u ⊕ sjl,u; multicast ml,u to all clients in Ojl \ C; else if gi ∈ Ojl \ C then compute the lth one-time pad sj ,u ← φ (kj , u); receive ml,u from client il; recover the group key sj0 ,u = ml,u ⊕ sjl,u; end

Protocol Description. The PACE protocol, see [9], is adaptable for prime fields and elliptic curves. Here, in order to increase the performance we want to adapt the protocol such that it uses elliptic curves. First, the communication partners (terminal and smart card) of course have to agree on an elliptic curve E and base point G. The operations are then performed in the cyclic group < G >:= {t ∗ G|t ∈ IN}, n := | < G > |. In the following, < G >∗ denotes the cyclic group < G > without the point at infinity. A practical method is the use of published secure domain parameter of a trusted authority, see [5]. A PACE protocol run starts with the selection of a random number s 0 s < 2m) by the smart card in step (a). m is defined as the block size of the blockcipher used for the encryption of s. Next, the smart card derives a key µ using a key derivation function, here h(π 1) is used. In the next step s is encrypted using a blockcipher with key µ, z = ENC(µ, s), and z is then transmitted to the terminal. Afterwards, the terminal decrypts z and terminal and card enforce a first anonymous Diffie ▇▇▇▇▇▇▇ key agreement using the base point G with the result P (steps (e) - (i)). Thereupon, P is exclusively used to calculate a new base point G′ by using s in step (j) for the subsequent Diffie ▇▇▇▇▇▇▇ key agreement. Now, the second anonymous ▇▇▇▇▇▇-▇▇▇▇▇▇▇ key agreement is performed to cal- culate a common secret curve Point K (steps (k) - (o)). Then, two different keys kENC = h(Kx 1) for encryption and kMAC = h(Kx 2) for calculation of Mes- sage Authentication Codes (MAC) are derived from K. First, kMAC is used for a MAC-calculation in step (p) and (q) performed as mutual authentication of terminal and card in steps ((r) - (u)). After a successful PACE protocol run, Secure Messaging is started using the derived keys kENC and kMAC.