@@ -859,22 +859,20 @@ \subsection{Provisioning Protocol}
859859 \item Compute $ \hat {\psi }_i = \proveni {prm}^L((\sid , i), (N_i, s_i, t_i), (\phi , \lambda ))$
860860 \item Sample $ \rho _i, u_i \leftarrow \Bit ^\kappa $
861861 and compute $ V_i =
862- H(\Encode {hash\_ com}(\sid , n, i, N_i, s_i, t_i, \hat {\psi }_i, \rho _i, u_i))$ .
862+ H(\Encode {hash\_ com}(\sid , i, N_i, s_i, t_i, \hat {\psi }_i, \rho _i, u_i))$ .
863863 \item Send $ V_i$
864864 \end {itemize }
865865
866866
867867 \item [\textbf {Round 2. }] \
868868 \begin {itemize }
869- \item Receive $ V_j$
869+ \item Receive $ V_j \in \Bit ^ \kappa $
870870 \item ({\bf Reliability check.}) Optionally, if the reliability check is enabled:
871871 \begin {itemize }
872872 \item
873873 Compute $ h_i = H(\Encode {echo}(\sid , V_0 , \dots , V_{n-1}))$
874874 send $ h_i$
875-
876-
877- \item Upon receiving $ h_j$ $ h_i \neq h_j$ $ j \in [n]$
875+ \item Upon receiving $ h_j \in \Bit ^\kappa $ $ h_i \neq h_j$ $ j \in [n]$
878876 \end {itemize }
879877 \item Send $ (N_i, s_i, t_i, \hat {\psi }_i, \rho _i, u_i)$
880878 \end {itemize }
@@ -889,13 +887,15 @@ \subsection{Provisioning Protocol}
889887
890888 \item For $ j \neq i$
891889 \begin {itemize }
890+ \item Assert $ (N_j, s_j, t_j, \rho _j, u_j) \? \in
891+ (\Z , \Z , \Z , \Bit ^\kappa , \Bit ^\kappa )$
892892 \item Assert $ V_j =
893- H(\Encode {hash\_ com}(\sid , n, j, N_j, s_j, t_j, \hat {\psi }_j, \rho _j, u_j))$ .
893+ H(\Encode {hash\_ com}(\sid , j, N_j, s_j, t_j, \hat {\psi }_j, \rho _j, u_j))$ .
894894 \item Assert $ N_j$ $ 8 \cdot \kappa - 1 $
895895 \item Assert $ \verifyni {prm}^L((\sid , j), (N_j, s_j, t_j), \hat {\psi }_j)$
896896 \item Construct Paillier encryption key from~$ N_j$
897897 \end {itemize }
898- \item Compute $ \rho =\bigoplus _j \rho _j$
898+ \item Compute $ \rho =\bigoplus _j \rho _j$
899899 \item Compute $ \psi _i = \proveni {mod}^L((\sid , i, \rho ), N_i, (p_i, q_i))$
900900 \item For $ j\neq i$
901901 \begin {itemize }
0 commit comments