On Tue, Sep 30, 2014 at 6:29 AM, Prateek Mittal <[email protected]> wrote: >> 4. The *increase* to descriptor size is not well factored in to the >> analysis. >> >> 4.b. All of the Directory Authorities would need to sign each and >> every >> descriptor by itself. This would result in the current >> microdescriptors, which are sized from roughly 900 bytes to some >> of >> the larger ones which are 2.5 KB, increasing in size by roughly >> 4 KB >> (that's the size of the DirAuth signatures on the current >> consensus). >> >> > > I am not sure which signature scheme you are considering. In the paper, we > talk about threshold BLS signatures, which have only 22 byte overhead. (This > might increase for better security guarantees, but 4KB overhead seems very > conservative.)
You can make this even lower because every PIR query returns a block which is roughly square root the size of the entire database; you would only need to have a signature on each block. - Nikita -- Nikita Borisov - http://hatswitch.org/~nikita/ Associate Professor, Electrical and Computer Engineering Tel: +1 (217) 244-5385, Office: 460 CSL _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
