. Rating
   Rate the paper in the following categories (For each category,
   choose a one numeric rating)
 
  Technical quality
    5: Contents are completely correct. There are no errors.
    4: Contents are mostly correct. Some improvements suggested below.
    3: Some errors which can be easily corrected, as described below.
    2: Several errors but most are minor errors
    1: Several/major errors
 
    4: This paper is a review of another paper, much larger in scope. The paper
       includes both helpful explanations (detailed below) and an analysis section
       that diverges from the original paper.
   
  Originality
    5: New results of publishable quality and good analysis of current state
    4: Contains some new ideas, but can be developed as described
       below; good analysis of current state
    3: No significantly new ideas, but good analysis of current state
    2: Good survey of current state; no new ideas
    1: Survey of current state has gaps
  
    4: One of the intents of the paper is to present weaknesses and omissions
       in the proofs given in the referred data authentication protcol. This
       is valuable input both to the reader and to the original authors. However,
       the main claim for weakness (in the reviewed version of the paper) was
       already demented by the author (V.V) almost at the time of paper release,
       and it is unclear at the time of review whether other significant 
       weaknesses exist.

  Editorial quality
    5: Clear, understandable and easy to read
    4: Mostly understandable, some improvements identified below
    3: Understandable with some effort, several improvements suggested
       below
    2: Hard to understand; several improvements suggested below
    1: Very hard to understand

    5: The flow and structure of the paper scarcely leaves much room
       for improvement. 

  Overall grade (overall, how do you rate this paper?)
    5: Excellent
    4: Very good
    3: Good
    2: Satisfactory
    1: Poor

    4: Considering the review task given, Vesa has done a good
       job extracting the essence of the referred paper, with 
       additional guidance for the user.
  
  Confidence (how confident are you about this review?)
    3: I have good or expert level knowledge of this topic
    2: I have some general knowledge of this subject
    1: This is a completely new subject to me; I made educated guesses


    2.

2. Detailed comments

  2a. Technical quality

      The paper is a survey of the paper by Naor, Segev & Smith: 
      Tight bounds for Unconditional Propocols in the Manual Channel and 
      Shared Key Models, 2006.

      The strengths of the paper is twofold: It provides a condensed version
      of the example protocol described by Naor & al, focusing the introductory
      steps as well the proof context on that part of the referred paper. For example,
      the explanation why the collision probability of the C-polynomials in the
      Galois fields is < k/Q (rather than something > 1/Q) is clearly put in
      context in the review, whereas it is omitted in the original. Also, and
      the success of this part is unclear at the time of writing this review, 
      the review might have pointed out either some weaknesses or at least unclarities
      of the proofs put forwards in the original paper.

      In my subjective opinion the protocol picture (description) is better depicted
      in the original (for clarity). Also one improvent that would help the more 
      uninitiated would be an example (toy) run of the protocol, e.g. with the
      polynomials in GF2 (and i:s constructed with Shoup's algorithm) as proposed
      in the original paper. In the same line of thought, a general description
      of the protocol is missing -> the point that the fields are getting smaller
      and smaller must be deduced from the context -- an explicit mention would
      get the reader on track faster.
 
  2c. Editorial quality

      The flow of the paper is excellent, and the notations have few errors. The
      brief introduction does give the context for the rest of the paper, however
      the contributions of the review are mentioned only in the conclusions


Detailed notes:

        Section 1:

       The adversary cannot modify the message, but can prevent
       delivery and insert new messages. Why is prevention + insertion != modification?

       "Section 3 states _a_ few theoretical ..."


       Section 2:

       - "that is a message parsed _as_ a polynomial"
 
       - The epsilon for the forgery has turned into a normal e
       

       Figure 1:

        - "Analogical" is not recognized by the Cambridge dictionary. Consider 
          "equivalent to"
      
       cont. Section 2:
 
       - can also be _got_ in a deterministic way

       - This avoids us -> consider: avoids explicitly specifying 
       
       Section 3:

        - Consider mentioning that the recursive logs disappear for larger
          k values, as the log^x as a notation also is somewhat esoteric for
          the uninitiated.

        - For clarity, I consider that T(.) denotes the time ...

        - For probability calculation the thing that makes _a_ difference is
          then to know whether the adv. chose ...

        - Entropy of nj- long bit strings is nj (isn't this actually at most nj).
          However, the argument holds.

        - We see that when this assumption is made, the from (6) follows _a_ stricter
          limit ...

         - when that does happen ... 

        ... Claim 1 -> Claim 2 was demented by the author, so not reviewed ...