Zero-knowledge proofs of knowledge for group homomorphisms
نویسنده
چکیده
Asimple zero-knowledge proof of knowledge protocol is presented ofwhichmany known protocols are instantiations. These include Schnorr’s protocol for proving knowledge of a discrete logarithm, the Fiat–Shamir andGuillou–Quisquater protocols for proving knowledge of a modular root, protocols for proving knowledge of representations (like Okamoto’s protocol), protocols for proving equality of secret values, a protocol for proving the correctness of a Diffie–Hellman key, protocols for proving the multiplicative relation of three commitments (as required in secure multi-party computation), and protocols used in credential systems. This unifies a substantial body of work and can also lead to instantiations of the protocol for new applications.
منابع مشابه
Efficient zero knowledge proofs of knowledge for homomorphisms
Efficient zero-knowledge proofs of knowledge for homomorphisms are a key building block in a vast number of constructions in applied cryptography. Examples are: identification-, signature-, group signature-, anonymous credential-, and identity escrow-schemes as well as voting systems, e-cash, multi-party computations, and trusted computing. This dissertation studies efficient zero-knowledge pro...
متن کاملEfficient zero-knowledge proofs of knowledge for homomorphisms
Efficient zero-knowledge proofs of knowledge for homomorphisms are a key building block in a vast number of constructions in applied cryptography. Examples are: identification-, signature-, group signature-, anonymous credential-, and identity escrow-schemes as well as voting systems, e-cash, multi-party computations, and trusted computing. This dissertation studies efficient zero-knowledge pro...
متن کاملEfficient Proofs of Knowledge of Discrete Logarithms and Representations in Groups with Hidden Order
For many one-way homomorphisms used in cryptography, there exist efficient zero-knowledge proofs of knowledge of a preimage. Examples of such homomorphisms are the ones underlying the Schnorr or the Guillou-Quisquater identification protocols. In this paper we present, for the first time, efficient zero-knowledge proofs of knowledge for exponentiation ψ(x1) . = h1 1 and multi-exponentiation hom...
متن کاملYvo Desmedt: All Languages in NP Have Divertible Zero-Knowledge Proofs and Arguments Under Cryptographic Assumptions
We present a divertible zero-knowledge proof (argument) for SAT under the assumption that probabilistic encryption homomorphisms exist. Our protocol uses a simple 'swapping' technique which can be applied to many zero knowledge proofs (arguments). In particular we obtain a divertible zero-knowledge proof for graph isomorphism. The consequences for abuse-free zero-knowledge proofs are also consi...
متن کاملEfficiency Limitations for Σ-Protocols for Group Homomorphisms
Efficient zero-knowledge proofs of knowledge for group homomorphisms are essential for numerous systems in applied cryptography. Especially, Σ-protocols for proving knowledge of discrete logarithms in known and hidden order groups are of prime importance. Yet, while these proofs can be performed very efficiently within groups of known order, for hidden order groups the respective proofs are far...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Des. Codes Cryptography
دوره 77 شماره
صفحات -
تاریخ انتشار 2015