{"component": "clause", "props": {"groups": [{"size": 2, "snippet": "As sketched above, our protocol makes use of several building blocks and setup. Protocol Setup for \u03a0sprBA", "snippet_links": [{"key": "building-blocks", "type": "clause", "offset": [53, 68]}], "samples": [{"hash": "72PnCi00cTk", "uri": "/contracts/72PnCi00cTk#protocol-description", "label": "Byzantine Agreement Protocol", "score": 29.6903829488, "published": true}, {"hash": "fTLteDyozAC", "uri": "/contracts/fTLteDyozAC#protocol-description", "label": "Byzantine Agreement Protocol", "score": 29.4249114463, "published": true}], "hash": "eea104f8957b4dfd4bd704045d6e93ce", "id": 1}, {"size": 2, "snippet": "Our protocol consists of two parts: A voice commitment and the protection against MitM attacks.", "snippet_links": [], "samples": [{"hash": "f40nXJVJkMc", "uri": "/contracts/f40nXJVJkMc#protocol-description", "label": "N/A", "score": 20.5394162811, "published": true}, {"hash": "lFnz6L94Ej6", "uri": "/contracts/lFnz6L94Ej6#protocol-description", "label": "Not Applicable", "score": 20.4052852697, "published": true}], "hash": "18dabea33ec84a863175fbc7d1f78100", "id": 2}, {"size": 2, "snippet": "Another difference to existing work is how we describe the protocol; we do not use UML sequence diagrams to describe the protocol as they often cannot capture the entire set of message exchanges possible in the network environment described above. To describe the behaviour of each re-negotiation participant we provide a finite state machine to describe the state of the contract, similar to the WS- Agreement specification. However, unlike in WS-Agreement, the state machine is not shared between the negotiation participants. Instead each participant has their own \u2018copy\u2019 of the state machine which they update as they send and receive messages. In addition, we also explain the possible messaging events using pre- and post-constraints that together specify the conditions which must be satisfied before and after each message is sent. The conditions explain each messaging event as an atomic action and together describe the messaging behaviour of each participant in the re-negotiation protocol.", "snippet_links": [{"key": "existing-work", "type": "clause", "offset": [22, 35]}, {"key": "the-protocol", "type": "clause", "offset": [55, 67]}, {"key": "the-network", "type": "clause", "offset": [207, 218]}, {"key": "provide-a", "type": "definition", "offset": [312, 321]}, {"key": "state-of", "type": "definition", "offset": [359, 367]}, {"key": "the-contract", "type": "definition", "offset": [368, 380]}, {"key": "similar-to", "type": "definition", "offset": [382, 392]}, {"key": "each-participant", "type": "clause", "offset": [537, 553]}, {"key": "in-addition", "type": "clause", "offset": [649, 660]}, {"key": "the-conditions", "type": "clause", "offset": [762, 776]}, {"key": "negotiation-protocol", "type": "clause", "offset": [980, 1000]}], "samples": [{"hash": "kyC3rZUAtbt", "uri": "/contracts/kyC3rZUAtbt#protocol-description", "label": "Service Level Agreement", "score": 19.0, "published": true}, {"hash": "4f2J2gBcLmW", "uri": "/contracts/4f2J2gBcLmW#protocol-description", "label": "Service Level Agreement (Sla)", "score": 19.0, "published": true}], "hash": "41c17892180148b5c2e06d09f910622c", "id": 3}, {"size": 2, "snippet": "The protocol is deterministic and runs for L iterations of 3 rounds each. [0, M ] of integer values, which we denote as mini-slots. (M = n\u22122t L \u00b7 LL+1 to be exact.) If the input of party Pi is xi = 0, then Pi positions himself in the mini-slot v = 0, and if the input is xi = 1, then Pi positions himself in the mini-slot v = M . 2", "snippet_links": [{"key": "the-protocol", "type": "clause", "offset": [0, 12]}], "samples": [{"hash": "iBvRqW3EBA3", "uri": "/contracts/iBvRqW3EBA3#protocol-description", "label": "Byzantine Agreement", "score": 29.159386791, "published": true}, {"hash": "1tOxeQUExU5", "uri": "/contracts/1tOxeQUExU5#protocol-description", "label": "Byzantine Agreement", "score": 29.1484373207, "published": true}], "hash": "a9396a924797fb7a4394dfb3899d3c2b", "id": 4}, {"size": 2, "snippet": "In the dynamic master key ex- change variant of our protocol, we assume that every client is fielded with the ability to generate cryptographic keys. Client vi initially generates and stores fi random master keys, where fi is a binomial random variable drawn from the distribution", "snippet_links": [{"key": "to-generate", "type": "definition", "offset": [118, 129]}, {"key": "master-keys", "type": "clause", "offset": [201, 212]}, {"key": "the-distribution", "type": "clause", "offset": [264, 280]}], "samples": [{"hash": "2AnRVHnLSnW", "uri": "/contracts/2AnRVHnLSnW#protocol-description", "label": "Energy Efficient Group Key Agreement", "score": 24.4008262356, "published": true}, {"hash": "gKFRYZDbJBe", "uri": "/contracts/gKFRYZDbJBe#protocol-description", "label": "Energy Efficient Group Key Agreement for Wireless Networks", "score": 22.7535934292, "published": true}], "hash": "2710645bc3e7d933c8045d03cab96a19", "id": 5}, {"size": 1, "snippet": "What information is being shared and the purpose(s) of each <System A> data The sharing of data from <System A> is necessary to <e.g.enable the creation of reporting> through <System B> for the purposes presented in section", "snippet_links": [{"key": "sharing-of-data", "type": "clause", "offset": [80, 95]}, {"key": "for-the-purposes", "type": "clause", "offset": [186, 202]}], "samples": [{"hash": "3un0cnFiyn5", "uri": "/contracts/3un0cnFiyn5#protocol-description", "label": "Data Sharing Agreement", "score": 24.2840520192, "published": true}], "hash": "ea53f02d7a337765322f877d4df4cacd", "id": 6}, {"size": 1, "snippet": "Before Step 1, the pioneer can be uniquely determined by all the nodes according to the pioneer election.", "snippet_links": [{"key": "step-1", "type": "clause", "offset": [7, 13]}, {"key": "uniquely-determined", "type": "definition", "offset": [34, 53]}, {"key": "according-to", "type": "definition", "offset": [71, 83]}], "samples": [{"hash": "kIIEv0p4xJs", "uri": "/contracts/kIIEv0p4xJs#protocol-description", "label": "Byzantine Agreement", "score": 21.758384668, "published": true}], "hash": "23b2a5aceed8a74fb96d909d8ee3d74d", "id": 7}, {"size": 1, "snippet": "The pseudocode for the top-level protocol has been described in Algorithm 5 and Algorithms 6-7 are used as sub-protocols. Algorithm 8 overrides the createAttestations method presented in Algorithm 3. The protocol progresses in a sequence of views. Algorithm 5 describes the three stages of the protocol within a view: leader nomination (3-11), leader election (12), and view-change (13-15). Since the leader election stage uses a simple threshold-coin primitive similar to that in the VABA protocol, we abstract it out and do not describe it in detail. Leader nomination stage. The leader nomination stage (lines 3-11 in Algorithm 5) starts with Proposal-Promotion, which consists of four sequential stages of provable broadcast (described in Algorithm 6), similar to that in HotStuff-M. There are n instances that are run in parallel and each party acts as a leader in one of them. The inputs to the instances are values corresponding to the highest key held by the leader, or any externally valid value if the party acting as the leader does not hold a key. The parties use the validation functions described in Table 2. In particular, the validateNeighbor() function ensures that in a span of n consecutive positions between en and e(n + 1) 1 for view e, a proposal promotion instance uses only one position and all positions before it are used by other instances. If a party completes its own instance, it sends a finished-proposal-promotion message containing the value and a proof of commit to all parties. Otherwise, it waits until n t proposal promotion instances have completed. From a party\u2019s perspective, if n t instances have completed, i.e., it has received as many finished-proposal-promotion messages for this view), it appends to all its logs at all remaining positions for this view. Recall that in each log, every view has n slots dedicated to it, and they can be used in an arbitrary order during the provable broadcast calls in different proposal promotion instances. This step, thus, fills the remaining positions with s and shares it with all neighboring parties \u03c1(i) (Algorithm 5 lines 24-26). Algorithm 5 VABA-M: VABA with Minority Corruption (for party pi).\n1: LOCK := 0, KEY := (v, \u03c3in) := (vi, \u22a5), L := [], Dkey := Dcommit := Dlock := [], vcCount := 0, doneCount := 0 2: for view e := 1, 2, 3, . . . do 3: for k = 1, . . . , n do d Leader nomination phase 4: Proposal-Promotion((k, e), validate(), validateNeighbor()) 5: \u03c3out := Proposal-Promotion((i, e), KEY ) as s d Start a proposal promotion instance as s 6: wait for Proposal-Promotion((i, e), KEY ) instance as s to return or skip = true 7: if skip = false then 8: send \u201ce, finished-proposal-promotion, (v, \u03c3out)\u201d to all 9: wait until skip = true 10: for k := 1, . . . , n do 11: abandon((k, e)) 12: L[e] \u2190 elect(e) d Leader election phase 13: initiate sendAndGatherVCProofs(e, L[e], Dkey, Dlock, Dcommit) d View-change phase 14: wait until vcCount= n \u2212 t \u2212 gn + 1 15: skip:= false, skipShares := {}, Dkey := Dcommit := Dlock := [], vcCount := 0, doneCount := 0 16: 17: upon receiving \u201ce, finished-proposal-promotion, ((ve,j, \u2587\u2587\u2587\u2587\u2587\u2587\u2587,e,j), \u03c3out,e,j)\u201d from pj for the first time do 18: if threshold-verify((((j, e), commit), (ve,j, \u2587\u2587\u2587\u2587\u2587\u2587\u2587,e,j)), \u03c3out,e,j) = true then", "snippet_links": [{"key": "the-protocol", "type": "clause", "offset": [200, 212]}, {"key": "the-leader", "type": "definition", "offset": [397, 407]}, {"key": "similar-to", "type": "definition", "offset": [462, 472]}, {"key": "in-detail", "type": "clause", "offset": [542, 551]}, {"key": "in-parallel", "type": "definition", "offset": [823, 834]}, {"key": "each-party", "type": "clause", "offset": [839, 849]}, {"key": "the-party", "type": "clause", "offset": [1008, 1017]}, {"key": "the-parties", "type": "definition", "offset": [1060, 1071]}, {"key": "in-table-2", "type": "clause", "offset": [1111, 1121]}, {"key": "in-particular", "type": "clause", "offset": [1123, 1136]}, {"key": "a-proposal", "type": "clause", "offset": [1258, 1268]}, {"key": "one-position", "type": "clause", "offset": [1298, 1310]}, {"key": "other-instances", "type": "clause", "offset": [1351, 1366]}, {"key": "a-party", "type": "clause", "offset": [1371, 1378]}, {"key": "the-value", "type": "clause", "offset": [1465, 1474]}, {"key": "proof-of", "type": "clause", "offset": [1481, 1489]}, {"key": "all-parties", "type": "definition", "offset": [1500, 1511]}, {"key": "for-party", "type": "definition", "offset": [2168, 2177]}, {"key": "phase-4", "type": "clause", "offset": [2377, 2384]}, {"key": "upon-receiving", "type": "clause", "offset": [3053, 3067]}, {"key": "first-time", "type": "definition", "offset": [3150, 3160]}], "samples": [{"hash": "cfLq2VaLMV8", "uri": "/contracts/cfLq2VaLMV8#protocol-description", "label": "Byzantine Fault Tolerance Protocols", "score": 22.5742642026, "published": true}], "hash": "6cc968b668737c448576b4ce05701ea5", "id": 8}, {"size": 1, "snippet": "The depth of the tree used for multicast routing is a useful proxy for the energy-efficiency of multicast in many wireless networks [39]. Let h(vi, vj) be the distance in hops between clients vi and vj and let h(s, D) = max h(s, d) (6) d\u2208D be the depth of a minimum-depth multicast tree from a source compute the bit-wise sum ml,u = sj0 ,u \u2295 sjl,u; multicast ml,u to all clients in Ojl \\ C; else if gi \u2208 Ojl \\ C then compute the lth one-time pad sj ,u \u2190 \u03c6 (kj , u); receive ml,u from client il; recover the group key sj0 ,u = ml,u \u2295 sjl,u; end", "snippet_links": [{"key": "wireless-networks", "type": "definition", "offset": [114, 131]}, {"key": "the-group", "type": "clause", "offset": [503, 512]}], "samples": [{"hash": "gKFRYZDbJBe", "uri": "/contracts/gKFRYZDbJBe#protocol-description", "label": "Energy Efficient Group Key Agreement for Wireless Networks", "score": 22.7535934292, "published": true}], "hash": "b10187e2e9b66e70a5f6442165c70472", "id": 9}, {"size": 1, "snippet": "The PACE protocol, see [9], is adaptable for prime fields and elliptic curves. Here, in order to increase the performance we want to adapt the protocol such that it uses elliptic curves. First, the communication partners (terminal and smart card) of course have to agree on an elliptic curve E and base point G. The operations are then performed in the cyclic group < G >:= {t \u2217 G|t \u2208 IN}, n := | < G > |. In the following, < G >\u2217 denotes the cyclic group < G > without the point at infinity. A practical method is the use of published secure domain parameter of a trusted authority, see [5]. A PACE protocol run starts with the selection of a random number s 0 s < 2m) by the smart card in step (a). m is defined as the block size of the blockcipher used for the encryption of s. Next, the smart card derives a key \u00b5 using a key derivation function, here h(\u03c0 1) is used. In the next step s is encrypted using a blockcipher with key \u00b5, z = ENC(\u00b5, s), and z is then transmitted to the terminal. Afterwards, the terminal decrypts z and terminal and card enforce a first anonymous Diffie \u2587\u2587\u2587\u2587\u2587\u2587\u2587 key agreement using the base point G with the result P (steps (e) - (i)). Thereupon, P is exclusively used to calculate a new base point G\u2032 by using s in step (j) for the subsequent Diffie \u2587\u2587\u2587\u2587\u2587\u2587\u2587 key agreement. Now, the second anonymous \u2587\u2587\u2587\u2587\u2587\u2587-\u2587\u2587\u2587\u2587\u2587\u2587\u2587 key agreement is performed to cal- culate a common secret curve Point K (steps (k) - (o)). Then, two different keys kENC = h(Kx 1) for encryption and kMAC = h(Kx 2) for calculation of Mes- sage Authentication Codes (MAC) are derived from K. First, kMAC is used for a MAC-calculation in step (p) and (q) performed as mutual authentication of terminal and card in steps ((r) - (u)). After a successful PACE protocol run, Secure Messaging is started using the derived keys kENC and kMAC.", "snippet_links": [{"key": "pace-protocol", "type": "definition", "offset": [4, 17]}, {"key": "in-order-to", "type": "clause", "offset": [85, 96]}, {"key": "the-performance", "type": "clause", "offset": [106, 121]}, {"key": "the-protocol", "type": "clause", "offset": [139, 151]}, {"key": "smart-card", "type": "definition", "offset": [235, 245]}, {"key": "the-operations", "type": "clause", "offset": [312, 326]}, {"key": "selection-of", "type": "clause", "offset": [629, 641]}, {"key": "the-block", "type": "definition", "offset": [717, 726]}, {"key": "key-agreement", "type": "clause", "offset": [1093, 1106]}, {"key": "calculation-of", "type": "definition", "offset": [1515, 1529]}, {"key": "authentication-codes", "type": "clause", "offset": [1540, 1560]}, {"key": "mutual-authentication", "type": "clause", "offset": [1662, 1683]}, {"key": "secure-messaging", "type": "clause", "offset": [1765, 1781]}], "samples": [{"hash": "fDKRZZpciid", "uri": "/contracts/fDKRZZpciid#protocol-description", "label": "Password Authenticated Key Agreement", "score": 19.0, "published": true}], "hash": "d561679d5f8ecf69937fd7306adea811", "id": 10}], "next_curs": "Cl0SV2oVc35sYXdpbnNpZGVyY29udHJhY3RzcjkLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2Ih1wcm90b2NvbC1kZXNjcmlwdGlvbiMwMDAwMDAwYQyiAQJlbhgAIAA=", "clause": {"title": "Protocol Description", "parents": [["extensions-to-the-protocol", "Extensions to the Protocol"], ["group-key-agreement-with-dynamic-master-key-exchange", "Group Key Agreement with Dynamic Master Key Exchange"], ["topology-aware-group-key-agreement", "Topology-Aware Group Key Agreement"], ["model-and-definitions", "Model and Definitions"], ["agreement-primitives", "Agreement Primitives"]], "size": 22, "children": [["voice-commitment", "Voice Commitment"], ["feedback-of-product-model-information", "Feedback of Product Model Information"], ["firmware-information-feedback", "Firmware Information Feedback"], ["data-of-heart-rate", "Data of Heart Rate"], ["content-transmission-of-ota", "Content Transmission of OTA"]], "id": "protocol-description", "related": [["system-description", "System Description", "System Description"], ["task-description", "Task Description", "Task Description"], ["work-description", "Work Description", "Work Description"], ["site-description", "Site Description", "Site Description"], ["item-description", "ITEM DESCRIPTION", "ITEM DESCRIPTION"]], "related_snippets": [], "updated": "2025-07-07T12:37:53+00:00"}, "json": true, "cursor": ""}}