Ambiguity in Proof of possession scheme
dot-asm opened this issue · 1 comments
dot-asm commented
Arguably there is ambiguity in PoP scheme specification. Straight reference to CoreAggregateVerify effectively implies that when used with different messages the scheme provides the same cryptographic guarantees as the Basic scheme. However, CoreAggregateVerify wouldn't make a distinction between "all messages are unique" and "some messages are not unique," while it can be shown that these are two distinct cases in PoP scheme. To resolve the ambiguity it would be appropriate to either clarify the distinction and/or suggest message uniqueness test even in the PoP scheme (naturally in the case when all messages are [permitted to be] not the same).