Logs for the Monero Analysis Lab Assembly Held on 2019-09-02

Posted by: el00ruobuob / sarang

<sarang> Agenda: https://github.com/monero-project/meta/issues/388
<sarang> (logs posted there afterward)
<suraeNoether> good morning everybody
<sarang> GREETINGS
<rottensox> Hola.
<sarang> Joyful Labor Day to these celebrating it
<sarang> Joyful Monday to all others
<sarang> Let’s do our ROUNDTABLE
<sarang> suraeNoether: care to go first?
<suraeNoether> certain. This previous week i have been coding my economarkov chain simulating a pretend Monero economic system to use matching to. that is slow-going, however regular progress. along with that, I began studying Three separate papers for a new-ish thought…
<suraeNoether> https://eprint.iacr.org/2016/583.pdf , https://www.microsoft.com/en-us/research/wp-content/uploads/2008/02/tcc2008.pdf , and https://link.springer.com/chapter/10.1007/3-540-36413-7_20
<suraeNoether> the thought is new-ish to me however not the e-cash group, which is to show not a sound signature on a public message m, however *data of* a sound signature on a public message m, with out revealing the signature info like signer
<suraeNoether> that 583 paper presents a trustless manner of doing so with hash capabilities that may be described with a boolean circuit, and presents zk proofs of information of RSA, DSA, and ECDSA signatures
<suraeNoether> the thought is to switch ring signatures with one thing that’s trustless and signer ambiguous
<sarang> Attention-grabbing
<suraeNoether> that manner, as an alternative of claiming “Both A, B, or C signed this m with key picture J,” the assertion being confirmed is “I’ve seen a sound signature on m with key picture J”
<sarang> Requires environment friendly trustless accumulator?
<suraeNoether> coupling this along with a zk proof of membership in a powerful dynamic accumulator permits for a “signature” scheme that does away with the express anonymity units of ring signatures
<suraeNoether> i believe i am onto a technique for doing this with key pictures which might be suitable with our present approaches
<sarang> Good!
<suraeNoether> however I want, most likely, 2-Three further pairs of eyes serving to me out, so I will be writing some stuff up and presumably beginning a github difficulty for dialogue on the matter
<sarang> roger
<suraeNoether> apart from that, i have been offline with household for a reunion + a 100-years-olds party 😀
<sarang> My month-to-month report particulars my latest actions, and is offered now: https://repo.getmonero.org/monero-project/ccs-proposals/merge_requests/77#note_7105
<sarang> Matching simulation evaluate, updating papers, and many others.
<sarang> Nothing earth-shattering over the previous few days
<sarang> Very neat to listen to about kenshamir[m]’s work on IACR/944
<suraeNoether> sure, i want to hear extra about that
<sarang> Is kenshamir[m] nonetheless right here?
<kenshamir[m]> Hello
<kenshamir[m]> I’m right here
<sarang> Something particular you’d have an interest to share about your latest work on proving programs?
<sarang> (no obligation to take action)
<kenshamir[m]> I believe probably the most notable contribution from 944 that may be utilized to bulletproofs immediately is the improved internal product argument
<kenshamir[m]> There are benchmarks which present that it offers vital enhancements in verifier and prover effectivity
<mikerah> Is there no assembly in the present day?
<sarang> Within the basic circuit case, right?
<sarang> (the assembly is occurring now)
<sarang> Not the optimized vary proof utility AFAICT
<kenshamir[m]> Yeah for 944s proving system it was the final case
<kenshamir[m]> I believe if that if we tailor-made the proof to be particular for 944s proving system, we might be able to get a extra environment friendly rangeproof. That is solely a conjecture although and I’m not sure of easy methods to do it in the intervening time
<sarang> The overall case stays extraordinarily attention-grabbing
<sarang> because the vary proofs are fairly environment friendly
<kenshamir[m]> For the final case asymptotically it’s the similar because the tailor-made bulletproofs rangeproofs from what I’ve seen
<kenshamir[m]> Yeah I agree. It is going to be actually attention-grabbing to see what optimisations might be made with this language
<kenshamir[m]> *Quadratic Equation Sat
<kenshamir[m]> That’s all I’ve found so removed from 944
<sarang> Thanks kenshamir[m]
<sarang> Does anybody else have attention-grabbing work to share?
<sarang> Or, for that matter, basic questions
<sarang> Righto!
<sarang> We are able to additionally transfer to ACTION ITEMS, if there’s nothing else pressing to debate
<suraeNoether> my motion gadgets are brief and easy. economarkov chain work, studying extra on proofs of information of legitimate signatures (which i am contemplating calling redacted signatures), and my finish of month work report.
<sarang> I shall be performing some code evaluate, continued work on proving programs, and ongoing work with suraeNoether on his latest updates to graph matching as wanted
<sarang> Properly, a brief assembly in the present day, however that is okay
<sarang> Something last earlier than we formally adjourn?
<sarang> Adjourned! Because of everybody for taking part

Put up tags : Dev Diaries, Neighborhood, Cryptography, Monero Analysis Lab

Read the original article here