From d88024e2d90bbcc78ffefb0544a2fc7ae834cda6 Mon Sep 17 00:00:00 2001 From: Brandon Pitman Date: Thu, 31 Oct 2024 09:50:37 -0700 Subject: [PATCH] Add reference to VDAF aggregation ordering section. --- draft-ietf-ppm-dap.md | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/draft-ietf-ppm-dap.md b/draft-ietf-ppm-dap.md index 5607c05d..1c28f00e 100644 --- a/draft-ietf-ppm-dap.md +++ b/draft-ietf-ppm-dap.md @@ -566,12 +566,13 @@ is to compute `agg_result = F(agg_param, meas_1, ..., meas_N)` for some function `F` while revealing nothing else about the measurements. We call `F` the "aggregation function" and `agg_result` the "aggregate result". -cryptographic schemes that compute different aggregation functions. In -particular, the aggregation function is determined by the Verifiable Distributed -Aggregation Function, or VDAF {{!VDAF=I-D.draft-irtf-cfrg-vdaf-12}}, used to -securely compute it. This protocol only supports VDAFs which require a single -collection to provide useful results, and whose aggregation results are -independent of the order in which measurements are aggregated. +DAP is extensible in that it allows for the addition of new cryptographic +schemes that compute different aggregation functions. In particular, the +aggregation function is determined by the Verifiable Distributed Aggregation +Function, or VDAF {{!VDAF=I-D.draft-irtf-cfrg-vdaf-12}}, used to securely +compute it. This protocol only supports VDAFs which require a single collection +to provide useful results, and whose aggregation results are independent of the +order in which measurements are aggregated (see {{Section 4.4.1 of !VDAF}}). VDAFs rely on secret sharing to protect the privacy of the measurements. Rather than sending its measurement in the clear, each Client shards its measurement @@ -585,10 +586,6 @@ Aggregators. This scheme has two important properties: their shares locally into "aggregate shares", which may later be combined into the aggregate result. -Note that some VDAFs allow measurements to be aggregated multiple times, -each time with a different aggregation parameter; however, DAP only allows each -measurement to be aggregated once. - ## System Architecture {#system-architecture} The overall system architecture is shown in {{dap-topology}}.