Leslie lamport how to write a 21st century proof

The Writings of Leslie Lamport My Writings Leslie Lamport Last modified 20 September This document contains descriptions of almost all my technical papers and electronic versions of many of them for downloading.

Leslie lamport how to write a 21st century proof

If the message bit we copy the appropriate string from the list.


Having done this for each of the message bits, we concatenate all of the strings we selected. This forms our signature. When a user — who already has the public key — receives a message and a signature, she can verify the signature easily.

Let represent the component of the signature: She simply checks the corresponding message bit and computes hash the result should match the corresponding element from.

If the result should match the element in. Moreover — and much more critically — there is a serious security limitation on this scheme: If I only sign one message, the signature scheme works well. This can be a problem. Imagine that an attacker sees two valid signatures on different messages.

So to sum up our observations about the Lamport signature scheme. Maybe we can do a little better. From one-time to many-time signatures: He quickly came up with a clever way to address this problem.

The most obvious approach is to simply generate different keypairs for the original Lamport scheme, then concatenate all the public keys together into one mega-key.

Mega-key is a technical term I just invented. If the signer holds on to all secret key components, she can now sign different messages by using exactly one secret Lamport key per message. This seems to solve the problem without ever requiring her to re-use a secret key. The verifier has all the public keys, and can verify all the received messages.

leslie lamport how to write a 21st century proof

No Lamport keys are ever used to sign twice. Obviously this approach sucks big time. What Merkle proposed was a way to retain the ability to sign different messages, but without the linear-cost blowup of public keys.

First, generate separate Lamport keypairs. We can call those. The signer retains all of the Lamport public and secret keys for use in signing. Merkle trees are described here.

How to Write a 21st Century Proof - Microsoft Research

Merkle tree, illustration from Wikipedia. Lamport public keys go in the leaves of this tree, and the root becomes the master public key.

To sign the message, the signer simply selects the public key from the tree, and signs the message using the corresponding Lamport secret key.

She then transmits this whole collection as the signature of the message. She verifies the Lamport signature against the given Lamport public key, and uses the Merkle Proof to verify that the Lamport public key is really in the tree.

With these three objectives achieved, she can trust the signature as valid. However, the master public key for the scheme is now just a single hash value, which makes this approach scale much more cleanly than the naive solution above.

There are two major optimizations that can help to bring down these costs.

The signature itself was a collection of of the secret bitstrings. This would cut the public and secret key sizes in half, since we could get rid of the list entirely.

Follow us:

We would now have only a single list of bitstrings in our secret key. For each bit position of the message where we would output a string.Abstract. A method of writing proofs is proposed that makes it much harder to prove things that are not true.

The method, based on hierarchical structuring, is simple and practical. How to Write a Proof by Leslie Lamport, and the motivation of proposing such a hierarchical proof style. Proofs in Mathematics: Simple, Charming and Fallacious The Seventeen Provers of the World, ed. by Freek Wiedijk, foreword by Dana S.

Scott, Lecture Notes in Computer Science , Springer, , ISBN If you do, then Lamport’s half-hour talk How to Write a 21st Century Proof is well worth a watch.

(He also has a paper explaining the same ideas.) He reworks a proof from Spivak’s Calculus of a corollary to the Mean Value Theorem, and his hierarchical structure and thorough referencing of the justifications for each step certainly seemed like they’d be .

Leslie Lamport, a computer scientist, is well known for his contributions to concurrent computing and distributed systems.

Discussion on Writing Style for Proofs (X-post from r/math) : logic

His "Time, Clocks, and the Ordering of Events in a Distributed System" paper has been honored for its enduring influence on the field.

We're upgrading the ACM DL, and would like your input. Please sign up to review new features, functionality and page designs.

How to write a 21 st century proof: Advice by Dr. Leslie Lamport on hierarchical structuring of proofs. C++ coding standards that you may want to follow, or these ones by Google.

Visualization. The PhD in visualization starter kit: Advice by Dr. Robert Laramee for acquiring skills .

Proofs | John D. Cook