Concurrent Non-Malleable Zero Knowledge Proofs.

Concurrent non-malleable zero-knowledge (NMZK) considers the concurrent execution of zero-knowledge protocols in a setting where the attacker can simultaneously corrupt multiple provers and verifiers. ... ., a concurrent NMZK argument). In this work we present the first construction of a concurrent NMZK proof without any set-up assumptions. ... A Concurrent Non-Malleable Zero-Knowledge Proof In this section we construct a concurrent non-malleable zero-knowledge proof based on collision-resistant hash-functions. ...

doi:10.1007/978-3-642-14623-7_23 fatcat:tvt53bngfvbihpzmnwqd7nmd3m

Concurrent Non-malleable Zero-Knowledge. ... Concurrent non-malleable zero-knowledge (CNMZK) considers the concurrent execution of zero-knowledge protocols in a setting even when adversaries can simultaneously corrupt multiple provers and verifiers ... non-malleable zero-knowledge. ...

doi:10.1186/s42400-018-0014-7 fatcat:xvpjpjfgujb57n3qnl4gi7uewa

DOAJ

We provide the first construction of a concurrent and non-malleable zero knowledge argument for every language in NP. ... We also prove that there exists some functionality F (a combination of zero knowledge and oblivious transfer) such that it is impossible to obtain a concurrent non-malleable protocol for F in this model ... Proof of Claim 2.3 This is the most delicate part of the proof, which reduces the concurrent non-malleability of our zero-knowledge protocol to (non-concurrent) non-malleability of the commitment scheme ...

doi:10.1109/focs.2006.21 dblp:conf/focs/BarakPS06 fatcat:a2hykoogqreohc5piz3rjqm66m

We also show time-efficient instantiations of our protocol, in which the transformation from a 3-round honest-verifier zero-knowledge argument of knowledge to a 4-round concurrently non-malleable zero-knowledge ... Our main result is a constant-round concurrent non-malleable zero-knowledge argument of knowledge for any polynomial-time relation (associated to a language in N P), under the (minimal) assumption of the ... The protocol (P , V ) also enjoys the extraction property (and therefore the concurrent non-malleability property). ...

doi:10.1007/978-3-642-03351-3_10 fatcat:wsviypogyjaefofgbotmswpqhm

Our main result is a constant-round concurrent non-malleable zero-knowledge argument of knowledge for any polynomial-time relation (associated to a language in NP), under the (minimal) assumption of the ... We also note a negative result with respect to further reducing the setup assumptions of our protocol to those in the (unauthenticated) BPK model, by showing that concurrently non-malleable zero-knowledge ... We now need to show that (P ′ , V ′ ) is a concurrently non-malleable zero-knowledge argument of knowledge in the standard model, under the assumption that (P, V ) is a concurrently non-malleable zero-knowledge ...

arXiv:cs/0609057v1 fatcat:hrtarujdlbezjphvbpmpgyb3fy

We present a non-malleable commitment scheme that retains its security properties even when concurrently executed a polynomial number of times. ... That is, a manin-the-middle adversary who is simultaneously participating in multiple concurrent commitment phases of our scheme, both as a sender and as a receiver, cannot make the values he commits to ... The central observation that enables the analysis is that concurrent simulation of the underlying (non-malleable) zero-knowledge protocol is not actually necessary for proving concurrent non-malleability ...

doi:10.1137/060661880 fatcat:vjvb5tuzafdgnnhnbbvzcogcga

The main application of our new notion is the construction of a compiler that takes any proof of knowledge and transforms it into one which is secure against a concurrent man-in-the-middle attack (in the ... When using our specific implementations, this compiler is very efficient (requires no more than four exponentiations) and maintains the round complexity of the original proof of knowledge. ... Universally composable zero-knowledge protocols are in particular concurrently non-malleable. ...

doi:10.1007/978-3-540-28628-8_14 fatcat:zy4w5db2tjg27i7h7nskk7j6ue

We describe efficient protocols for non-malleable (interactive) proofs of plaintext knowledge for the RSA, Rabin, Paillier, and El Gamal encryption schemes. ... Of independent interest, we consider the concurrent composition of proofs of knowledge; this is essential to prove security of our protocols when run in an asynchronous, concurrent environment. ... Although the issue of concurrency in the context of zero-knowledge proofs has been investigated extensively (following [17] ), concurrent proofs of knowledge have received much less attention (we are ...

doi:10.1007/3-540-39200-9_13 fatcat:erwmazstcvcjjditr3ytdkvoim

Concurrent non-malleable zero-knowledge (CNMZK) considers the concurrent execution of zero-knowledge protocols in a setting where the attacker can simultaneously corrupt multiple provers and verifiers. ... We provide the first construction of a CNMZK protocol that, without any trusted set-up, remains secure even if the attacker may adaptively select the statements to receive proofs of. ... Adpative Concurrent Non-Malleable Zero-Knowledge Our definition of adpative concurrent non-malleable zero-knowledge is very similar to that of concurrent non-malleable zero-knowledge from [BPS06] (which ...

doi:10.1007/978-3-642-19571-6_17 fatcat:s7ikm4ighfgsdh7vv2l2i7i7h4

Our protocol also satisfies the stronger notions of concurrent non-malleability and robustness. ... As a corollary, we establish that constant-round non-malleable zero-knowledge arguments for NP can be based on one-way functions and constant-round secure multi-party computation can be based on enhanced ... The second author is also indebted to Alon Rosen for introducing him to the area of non malleability, and for many fruitful discussions about it. ...

doi:10.1145/1993636.1993730 dblp:conf/stoc/LinP11 fatcat:jmml7qmkorh4vdypoz5h5r5fta

Our protocol also satisfies the stronger notions of concurrent non-malleability and robustness. ... As a corollary, we establish that constant-round non-malleable zero-knowledge arguments for NP can be based on one-way functions and constant-round secure multi-party computation can be based on enhanced ... The second author is also indebted to Alon Rosen for introducing him to the area of non malleability, and for many fruitful discussions about it. ...

doi:10.1145/2699446 fatcat:6nv5r5pho5hlbfesdk7vhdwuby

) such as non-malleable and concurrent zero-knowledge. ... an argument system π for L that is concurrent non-malleable zero-knowledge (under non-adaptive inputs -which is the best one can hope to achieve [2, 3] ). ... This model has been used in sequence of papers [26] [27] [28] to initially achieve round and computationally efficient concurrent zero knowledge and later constant-round concurrent non-malleable zero-knowledge ...

doi:10.1007/978-3-642-11799-2_32 fatcat:o52mjcuh35gvhh6nluej7fjnle

Our proof of security uses non-black-box techniques and satisfies the (most powerful) simulationbased definitions of non-malleability. ... They constructed a constant-round commitment scheme that is concurrent non-malleable with respect to both commitment and decommitment. However, the scheme is only computationally binding. ... Denote by { P tag , V tag } tag the constant-round tag-based perfect non-malleable zero-knowledge argument of knowledge (NMZKAOK) for NP [4, 5] . ...

doi:10.1007/978-3-642-13013-7_12 fatcat:gop3ltnqhjdzxmu2zvpebl63xq

We present a unified framework for obtaining Universally Composable (UC) protocols by relying on stand-alone secure non-malleable commitments. ... This gives the first results on concurrent secure computation without set-up, which can be used for securely computing "computationallysensitive" functionalities (e.g., data-base queries, "proof of work ... (In a sense, this can be viewed as an analog of the transformation from concurrent zero-knowledge to concurrent non-malleable zero-knowledge of Barak, Prabhakaran and Sahai [3] ; the main tool used in ...

doi:10.1145/1536414.1536441 dblp:conf/stoc/LinPV09 fatcat:uog22fvzzvfq3hnei3idiyiyaa

Concurrent Non-Malleable Zero Knowledge: here the zero-knowledge property is combined with non-transferability and the adversary fails in mounting a concurrent man-inthe-middle attack aiming at transferring ... zero-knowledge proofs/arguments. ... Statistical Concurrent Non-Malleable Zero Knowledge. ...

doi:10.1007/978-3-642-54242-8_8 fatcat:rekqz7kravevzhbuw3zwzxrspm

Concurrent Non-Malleable Zero Knowledge Proofs [chapter]

Preserved Fulltext

Concurrent non-malleable zero-knowledge and simultaneous resettable non-malleable zero-knowledge in constant rounds

Preserved Fulltext

Concurrent Non-Malleable Zero Knowledge

Preserved Fulltext

Concurrently Non-malleable Black-Box Zero Knowledge in the Bare Public-Key Model [chapter]

Preserved Fulltext

Concurrently Non-Malleable Zero Knowledge in the Authenticated Public-Key Model [article]

Preserved Fulltext

Concurrent Nonmalleable Commitments

Preserved Fulltext

Multi-trapdoor Commitments and Their Applications to Proofs of Knowledge Secure Under Concurrent Man-in-the-Middle Attacks [chapter]

Preserved Fulltext

Efficient and Non-malleable Proofs of Plaintext Knowledge and Applications [chapter]

Preserved Fulltext

Concurrent Non-Malleable Zero Knowledge with Adaptive Inputs [chapter]

Preserved Fulltext

Constant-round non-malleable commitments from any one-way function

Preserved Fulltext

Constant-Round Nonmalleable Commitments from Any One-Way Function

Preserved Fulltext

Efficiency Preserving Transformations for Concurrent Non-malleable Zero Knowledge [chapter]

Preserved Fulltext

Constant-Round Concurrent Non-Malleable Statistically Binding Commitments and Decommitments [chapter]

Preserved Fulltext

A unified framework for concurrent security

Preserved Fulltext

Statistical Concurrent Non-malleable Zero Knowledge [chapter]

Preserved Fulltext