124,679 Hits in 4.7 sec

On the Composition of Zero-Knowledge Proof Systems

Oded Goldreich, Hugo Krawczyk
1996 SIAM journal on computing (Print)  
We present lower bounds on the round complexity of zero-knowledge proofs, with significant implications to the parallelization of zero-knowledge protocols.  ...  Then, on input x 1 x 2 , executing concurrently Π 1 on input x 1 and Π 2 on x 2 , constitutes a zero-knowledge interactive proof system for L 1 L 2 .  ...  ACKNOWLEDGEMENTS Silvio Micali was one of the only to strongly object the "intuition" that the parallel versions of the interactive proof systems for Quadratic Residuosity, Graph Isomorphism, and all languages  ... 
doi:10.1137/s0097539791220688 fatcat:452fzrkwavgkpie4an7ebuk7im

On the composition of zero-knowledge proof systems [chapter]

Oded Goldreich, Hugo Krawczyk
Automata, Languages and Programming  
A basic question concerning zero-knowledge proof systems is whether their (sequential and/or parallel) composition is zero-knowledge too.  ...  We prove that the original formulation of zero-knowledge as appearing in the pioneering work of Goldwasser, Micali and Rackoff is not closed under sequential composition.  ...  ACKNOWLEDGEMENTS Silvio Micali was one of the only to strongly object the "intuition" that the parallel versions of the interactive proof systems for Quadratic Residuosity.  ... 
doi:10.1007/bfb0032038 dblp:conf/icalp/GoldreichK90 fatcat:jccx3lhfonazpbnlcr4w7mawqy

Composition of Zero-Knowledge Proofs with Efficient Provers [chapter]

Eleanor Birrell, Salil Vadhan
2010 Lecture Notes in Computer Science  
Our results are: Introduction Composition has been one of the most active subjects of research on zeroknowledge proofs.  ...  The goal is to understand whether the zero-knowledge property is preserved when a zero-knowledge proof is repeated many times.  ...  Acknowledgments We thank the TCC 2010 reviewers for helpful comments.  ... 
doi:10.1007/978-3-642-11799-2_34 fatcat:hshi4kcclzdurcixnccl5yjhhe

Witness indistinguishable and witness hiding protocols

U. Feige, A. Shamir
1990 Proceedings of the twenty-second annual ACM symposium on Theory of computing - STOC '90  
Introduction A two party protocol in which party A uses one of several secret witnesses to an NP assertion is witness indistinguishable if party B cannot tell which witness A is actually using.  ...  The protocol is witness hiding © 1990 ACM 089791-361-2/90/0005/0416 $1.50 416  ...  Special thanks to Oded Goldreich for his colorful and very useful comments on an earlier version of this manuscript.  ... 
doi:10.1145/100216.100272 dblp:conf/stoc/FeigeS90 fatcat:zsg4g67tzrbjpfekhg2lt6n2ui

Page 1188 of Mathematical Reviews Vol. , Issue 97B [page]

1997 Mathematical Reviews  
Inheritance is handled through delegation.” 97b:68051 68P25 68Q15 94A60 Goldreich, Oded (IL-TECH-C; Haifa); Krawczyk, Hugo (1-IBM; Yorktown Heights, NY) On the composition of zero-knowledge proof systems  ...  “We present lower bounds on the round complexity of zero- knowledge proofs, with significant implications for the paralleliza- tion of zero-knowledge protocols.  ... 

A Survey of Noninteractive Zero Knowledge Proof System and Its Applications

Huixin Wu, Feng Wang
2014 The Scientific World Journal  
This paper reviews and analyzes the basic principles of noninteractive zero knowledge proof system, and summarizes the research progress achieved by noninteractive zero knowledge proof system on the following  ...  Thereinto, noninteractive zero knowledge proof system contains only one message sent by the prover to the verifier.  ...  Conflict of Interests The authors declare that there is no conflict of interests regarding the publication of this paper.  ... 
doi:10.1155/2014/560484 pmid:24883407 pmcid:PMC4032740 fatcat:u4kgkjl7u5hvrgwfwbhwb465re

Zero Knowledge in the Random Oracle Model, Revisited [chapter]

Hoeteck Wee
2009 Lecture Notes in Computer Science  
We show that two rounds of interaction are necessary and sufficient to achieve zero-knowledge proofs of knowledge according to this new definition, whereas one round of interaction is sufficient in previous  ...  -Motivated by our study of zero knowledge, we introduce a new definition of proof of knowledge in the random oracle model that accounts for oracledependent auxiliary input.  ...  I am very grateful towards Rafael Pass for insightful exchanges on the subject and for allowing me to include his observations on deniable zeroknowledge [23] , and the anonymous referees for meticulous  ... 
doi:10.1007/978-3-642-10366-7_25 fatcat:3x6cg3hbungublb43mka3mse3m


Wouter Lueks, Bogdan Kulynych, Jules Fasquelle, Simon Le Bail-Collet, Carmela Troncoso
2019 Proceedings of the 18th ACM Workshop on Privacy in the Electronic Society - WPES'19  
In this paper, we present zksk, a well-documented Python library for defining and computing sigma protocols: the most popular class of zero-knowledge proofs.  ...  Zero-knowledge proofs are an essential building block in many privacy-preserving systems. However, implementing these proofs is tedious and error-prone.  ...  ACKNOWLEDGEMENTS We thank Ian Goldberg and Nick Hopper for pointing out the problem with naïvely composing OR proofs.  ... 
doi:10.1145/3338498.3358653 dblp:conf/wpes/LueksKFBT19 fatcat:p66e3i5uirbb7i2zjrl3sfls2a

Better privacy and security in e-commerce: using elliptic curve-based zero knowledge proofs

S. Almuhammadi, N.T. Sui, D. McLeod
2004 Proceedings. IEEE International Conference on e-Commerce Technology, 2004. CEC 2004.  
We propose an approach using elliptic curve-based zero-knowledge proofs in e-commerce applications.  ...  The improvement of security is due to the complexity of solving the discrete logarithm problem over elliptic curves.  ...  Acknowledgements The authors would like to thank the Integrated Media Systems Center at USC for its partial support, and Clifford Neuman of USC-ISI for his review and valuable comment for this paper.  ... 
doi:10.1109/icect.2004.1319747 dblp:conf/wecwis/AlmuhammadiSM04 fatcat:lvhkk3dp4ngrdbk6ni6rv4uu2a

A Note On Groth-Ostrovsky-Sahai Non-Interactive Zero-Knowledge Proof System [article]

Zhengjun Cao, Lihua Liu
2018 IACR Cryptology ePrint Archive  
In 2006, Groth, Ostrovsky and Sahai designed one non-interactive zero-knowledge (NIZK) proof system [new version, J.  ...  ACM, 59(3), 1-35, 2012] for plaintext being zero or one using bilinear groups with composite order.  ...  At EUROCRYPT'06, Groth, Ostrovsky and Sahai [13] designed a new NIZK proof system for plaintext being zero or one using bilinear groups with composite order.  ... 
dblp:journals/iacr/CaoL18a fatcat:abtu2qe2indohe7ql76gkebw7a

Towards practical "proven secure" authenticated key distribution

Yvo Desmedt, Mike Burmester
1993 Proceedings of the 1st ACM conference on Computer and communications security - CCS '93  
A lot of research has also focused on the security aspects of such systems and on their weaknesses and strengths (e.g., [21, 23, 22] ).  ...  Finding 'proven secure' practical key dis~bution systems is one of the major goals in cryptography.  ...  A MORE FORMAL APPROACH In this section we assume that the reader is familiar with the concept of zero-knowledge [13] and zero-knowledge proofs of knowledge [11] .  ... 
doi:10.1145/168588.168616 dblp:conf/ccs/DesmedtB93 fatcat:xe4z5ewonratpmhqlm22dqczei

On the Double Coset Membership Problem for Permutation Groups [article]

Oleg Verbitsky
2008 arXiv   pre-print
We show that the Double Coset Membership problem for permutation groups possesses perfect zero-knowledge proofs.  ...  Known results on zero-knowledge proofs We first notice a simple property of sequential composition of IPSs.  ...  As easily seen, a permutation σ as above exists iff s ∈ GH. 2 Note that the reduction described allows one to transform any zero-knowledge proof system for DCM in a zero-knowledge proof system for Graph  ... 
arXiv:0801.4911v1 fatcat:2r4mdy4sk5gghhbcsjdophjyke

A Note on One Popular Non-Interactive Zero-Knowledge Proof System

Zhengjun Cao, Xiqi Wang, Lihua Liu
2020 International Journal of Network Security  
The characteristic is essentially incompatible with the general primitive of zero-knowledge proof, which does not require any extra trust.  ...  At Eurocrypt'06, Groth et al. have proposed one noninteractive zero-knowledge (NIZK) proof system for plaintext being 0 or 1 [its revision published by J. ACM, 59(3), 2012].  ...  Acknowledgements We thank the National Natural Science Foundation of China (#61411146001), and Open Foundation of State key Laboratory of Networking and Switching Technology (#SKLNST-2016-2-03, Beijing  ... 
dblp:journals/ijnsec/CaoWL20 fatcat:u37jfuozvncztapk2b2x2u6cxq

A Note on "New techniques for noninteractive zero-knowledge" [article]

Zhengjun Cao, Lihua Liu
2018 arXiv   pre-print
ACM, 59 (3), 1-35, 2012] developed some new techniques for noninteractive zero-knowledge (NIZK) and presented: the first perfect NIZK argument system for all NP; the first universally composable NIZK argument  ...  for all NP in the presence of an adaptive adversary; the first noninteractive zap for all NP, which is based on a standard cryptographic security assumption.  ...  In 1991, they [4] presented the first computational NIZK proof system for multiple theorems. These systems are based on the hardness of deciding quadratic residues modulo a composite number.  ... 
arXiv:1805.06351v1 fatcat:6ua2sl5nmrhc5aakjfbn2eon24

Deterministic-Prover Zero-Knowledge Proofs [article]

Hila Dahari, Yehuda Lindell
2020 IACR Cryptology ePrint Archive  
Zero-knowledge proof systems enable a prover to convince a verifier of the validity of a statement without revealing anything beyond that fact.  ...  In this paper, we initiate the study of the feasibility of zero-knowledge proof systems with a deterministic prover in settings not covered by the result of Goldreich and Oren.  ...  Sequential Composition An interesting question that arises in the setting of deterministic-prover zero knowledge relates to sequential composition.  ... 
dblp:journals/iacr/DahariL20 fatcat:ezpgmp3ohjcyjb7nya5frgqqeu
« Previous Showing results 1 — 15 out of 124,679 results