aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorElias Summermatter <elias.summermatter@seccom.ch>2021-06-15 19:29:05 +0200
committerElias Summermatter <elias.summermatter@seccom.ch>2021-06-15 19:29:05 +0200
commit4ab0e56e332745eb65c5ff14fb58164fe49a4c13 (patch)
treee3eeb0a0b0f2acc88d722ba0df92ad182730df53
parent6b0433affa4148f882a0e75f2f330741f41fe120 (diff)
downloadlsd0003-4ab0e56e332745eb65c5ff14fb58164fe49a4c13.tar.gz
lsd0003-4ab0e56e332745eb65c5ff14fb58164fe49a4c13.zip
Fixed some more stuff
-rw-r--r--draft-summermatter-set-union.xml26
1 files changed, 9 insertions, 17 deletions
diff --git a/draft-summermatter-set-union.xml b/draft-summermatter-set-union.xml
index 3ac6a5e..1643a7b 100644
--- a/draft-summermatter-set-union.xml
+++ b/draft-summermatter-set-union.xml
@@ -2225,6 +2225,15 @@ FUNCTION END
2225 the IBF to get the maximum counter in the IBF. The second function 2225 the IBF to get the maximum counter in the IBF. The second function
2226 packs the counters of the IBF, and the third function that unpacks the counters. 2226 packs the counters of the IBF, and the third function that unpacks the counters.
2227 </t> 2227 </t>
2228 <t>
2229 As a plausibly check to prevent the byzantine upper bound
2230 checks in <xref target="security_generic_functions_check_byzantine_boundaries" format="default"/>
2231 to fail, implementations must ensure that the
2232 estimates of the set size difference added together
2233 never exceed the set byzantine upper bound. This
2234 could for example happen in case the strata estimator
2235 overestimates the set difference.
2236 </t>
2228 <figure anchor="performance_counter_variable_size_code"> 2237 <figure anchor="performance_counter_variable_size_code">
2229 <artwork name="" type="" align="left" alt=""><![CDATA[ 2238 <artwork name="" type="" align="left" alt=""><![CDATA[
2230 2239
@@ -2485,23 +2494,6 @@ FUNCTION check_byzantine_bounds (rec,rsd,lec,lsd)
2485FUNCTION END 2494FUNCTION END
2486 ]]></artwork> 2495 ]]></artwork>
2487 </figure> 2496 </figure>
2488 <t>
2489 For the byzantine upper bound checks to function
2490 correctly, implementations must ensure that the
2491 estimates of the set size difference added together
2492 never exceed the set byzantine upper bound. This
2493 could for example happen if the strata estimator
2494 overestimates the set difference.
2495 <!-- FIXME: if an implementation does this, then
2496 the first two parts of the check are trivially
2497 satisfied; so likely we should formulate this
2498 not as a 'check' function to be _actually_
2499 executed, but as a plausibility check which
2500 is to be applied after the SE calculation to
2501 the computed set size differences, resulting
2502 in a hard cap on the set size difference estimate
2503 that is then actually used. @Christian: ???-->
2504 </t>
2505 </section> 2497 </section>
2506 2498
2507 <section anchor="security_generic_functions_check_valid_state" numbered="true" toc="default"> 2499 <section anchor="security_generic_functions_check_valid_state" numbered="true" toc="default">