I’d interpreted it as “using the HBO system to construct a “core for reasoning” reduces the chances of failure by exposing it to less inputs/using it for less total time”, plus maybe other properties (eg. maybe we could look at and verify an LBO overseer, even if we couldn’t construct it ourselves)
That makes sense; I hadn’t thought of the possibility that a security failure in the HBO tree might be acceptable in this context. OTOH, if there’s an input that corrupts the HBO tree, isn’t it possible that the corrupted tree could output a supposed “LBO overseer” that embeds the malicious input and corrupts us when we try to verify it? If the HBO tree is insecure, it seems like a manual process that verifies its output must be insecure as well.
One situation is: maybe an HBO tree of size 10^20 runs into a security failure with high probability, but an HBO tree of size 10^15 doesn’t and is sufficient to output a good LBO overseer.
I’d interpreted it as “using the HBO system to construct a “core for reasoning” reduces the chances of failure by exposing it to less inputs/using it for less total time”, plus maybe other properties (eg. maybe we could look at and verify an LBO overseer, even if we couldn’t construct it ourselves)
That makes sense; I hadn’t thought of the possibility that a security failure in the HBO tree might be acceptable in this context. OTOH, if there’s an input that corrupts the HBO tree, isn’t it possible that the corrupted tree could output a supposed “LBO overseer” that embeds the malicious input and corrupts us when we try to verify it? If the HBO tree is insecure, it seems like a manual process that verifies its output must be insecure as well.
One situation is: maybe an HBO tree of size 10^20 runs into a security failure with high probability, but an HBO tree of size 10^15 doesn’t and is sufficient to output a good LBO overseer.