Filters








21,320 Hits in 4.9 sec

On the Security of Classic Protocols for Unique Witness Relations [chapter]

Yi Deng, Xuyang Song, Jingyue Yu, Yu Chen
2018 Lecture Notes in Computer Science  
hard distribution over unique witness NP relation for which all witness indistinguishable protocols (including all public-coin ones, such as ZAPs, Blum protocol and GMW protocol) are indeed witness hiding  ...  Though strong black-box impossibility results are known, we provide some less unexpected positive results on the witness hiding security of these classic protocols: -We give sufficient conditions on a  ...  This is the first positive result on the witness-hiding property of the classic protocols for unique witness relations.  ... 
doi:10.1007/978-3-319-76581-5_20 fatcat:uxdafwmrhjfrrmykosl5isb2sy

On the (Im)Possibility of Arthur-Merlin Witness Hiding Protocols [chapter]

Iftach Haitner, Alon Rosen, Ronen Shaltiel
2009 Lecture Notes in Computer Science  
The proof of security relies on a black-box reduction that is independent of the choice of the commitment scheme used in the protocol.  ...  The high level idea is that if a black-box reduction establishes the witness-hiding property for a protocol, and the protocol also happens to be a proof of knowledge, then this latter property can be actually  ...  The original version of this chapter was revised: The copyright line was incorrect. This has been corrected.  ... 
doi:10.1007/978-3-642-00457-5_14 fatcat:skexlpp3wfdbtkqrtfegomotni

Post-quantum Security of Fiat-Shamir [chapter]

Dominique Unruh
2017 Lecture Notes in Computer Science  
We show the post-quantum security of the Fiat-Shamir construction (Crypto 1986), both as a proof system, and as a signature scheme.  ...  The benefit of the Fiat-Shamir transform is that it combines efficiency with universality: The underlying identification scheme can be any so-called sigma-protocol, this allows for great flexibility in  ...  In addition, we show that Fiat-Shamir is non-malleable, that is, given one valid proof, one cannot produce another valid proof (for a potentially related statement).  ... 
doi:10.1007/978-3-319-70694-8_3 fatcat:muyy3aadmnhqdpbp56jnjkrfui

Limits of provable security from standard assumptions

Rafael Pass
2011 Proceedings of the 43rd annual ACM symposium on Theory of computing - STOC '11  
These results follow from a general result showing that Turing reductions cannot be used to prove security of constant-round sequentially witness-hiding special-sound protocols for unique witness relations  ...  We show that the security of some well-known cryptographic protocols, primitives and assumptions (e.g., the Schnorr identification scheme, commitments secure under adaptive selectivedecommitment, the "  ...  10 Acknowledgements I am extremely grateful to Huijia Lin, Edward Lui, Mohammad Mahmoody and Wei-lung Dustin Tseng, for many helpful comments on an earlier draft of this paper.  ... 
doi:10.1145/1993636.1993652 dblp:conf/stoc/Pass11 fatcat:oeirqpulm5f6zlctsx5cqm4wsu

Long-Term Security and Universal Composability

Jörn Müller-Quade, Dominique Unruh
2010 Journal of Cryptology  
Surprisingly, nontrivial zero knowledge protocols are possible based on a coin tossing functionality: We give a long-term secure composable zero knowledge protocol proving the knowledge of the factorisation  ...  In this work we initiate the study of protocols which are long-term secure and universally composable.  ...  We thank the anonymous referees for many helpful suggestions.  ... 
doi:10.1007/s00145-010-9068-8 fatcat:loydtankxbgatpfhhpr3zykj54

Quantum Proofs of Knowledge [chapter]

Dominique Unruh
2012 Lecture Notes in Computer Science  
Our constructions are based on a new quantum rewinding technique that allows us to extract witnesses in many classical proofs of knowledge.  ...  Combining our results with Watrous' results on quantum zeroknowledge, we show that there are zero-knowledge quantum proofs of knowledge for all languages in NP (assuming quantum one-way permutations).  ...  We thank the anonymous referees and Märt Põldvere for suggestions on how to significantly simplify the proof of Lemma 7.  ... 
doi:10.1007/978-3-642-29011-4_10 fatcat:cs3mb3dnknhjpam4ex7pcrdeva

The Fiat–Shamir Transformation in a Quantum World [chapter]

Özgür Dagdelen, Marc Fischlin, Tommaso Gagliardoni
2013 Lecture Notes in Computer Science  
Most schemes are of this type. We then discuss that for some schemes one may be able to resurrect the Fiat-Shamir result in the QROM by modifying the underlying protocol first.  ...  of its witness.  ...  Acknowledgments We thank the anonymous reviewers for some valuable comments. We also thank Dominique Unruh for useful discussions on black-box extractors.  ... 
doi:10.1007/978-3-642-42045-0_4 fatcat:ev7yc3dabneltbnqrcwuuwzg4m

Fully Simulatable Quantum-Secure Coin-Flipping and Applications [article]

Carolin Lunemann, Jesper Buus Nielsen
2011 arXiv   pre-print
We then show that the interactive generation of random coins at the beginning or during outer protocols allows for quantum-secure realizations of classical schemes, again without any set-up assumptions  ...  We propose a coin-flip protocol which yields a string of strong, random coins and is fully simulatable against poly-sized quantum adversaries on both sides.  ...  Nielsen acknowledges support from the Danish National Research Foundation and the National Science Foundation of China (under the grant 61061130540) for the Sino-Danish Center for the Theory of Interactive  ... 
arXiv:1102.0887v3 fatcat:agcpn23gcjaw3ntsrweu6giaxa

The Fiat-Shamir Transformation in a Quantum World [article]

Özgür Dagdelen, Marc Fischlin Tommaso Gagliardoni
2013 arXiv   pre-print
Most schemes are of this type. We then discuss that for some schemes one may be able to resurrect the Fiat-Shamir result in the QROM by modifying the underlying protocol first.  ...  of its witness.  ...  ., by using witness- dependent commitments, to extend the class of admissible protocols for which the transformation yields a secure scheme in the QROM.  ... 
arXiv:1306.0315v1 fatcat:vny4yr7hifgkxp4sg4mdwvsegu

Fully Simulatable Quantum-Secure Coin-Flipping and Applications [chapter]

Carolin Lunemann, Jesper Buus Nielsen
2011 Lecture Notes in Computer Science  
We then show that the interactive generation of random coins at the beginning or during outer protocols allows for quantumsecure realizations of classical schemes, again without any set-up assumptions.  ...  We propose a coin-flip protocol which yields a string of strong, random coins and is fully simulatable against poly-sized quantum adversaries on both sides.  ...  Nielsen acknowledges support from the Danish National Research Foundation and the National Science Foundation of China (under the grant 61061130540) for the Sino-Danish Center for the Theory of Interactive  ... 
doi:10.1007/978-3-642-21969-6_2 fatcat:zvavxzxe2vfqrjkzx5g674ezgi

Non-interactive zero-knowledge arguments for QMA, with preprocessing [article]

Andrea Coladangelo, Thomas Vidick, Tina Zhang
2020 arXiv   pre-print
Our second contribution is to extend the notion of a classical proof of knowledge to the quantum setting.  ...  We initiate the study of non-interactive zero-knowledge (NIZK) arguments for languages in QMA.  ...  In the classical setting, the NP relation R which defines the set of witnesses w for a problem instance x is binary: a string w is either a witness or it is not.  ... 
arXiv:1911.07546v3 fatcat:kqkleina45aebb4suj4cllgodm

Classical proofs of quantum knowledge [article]

Thomas Vidick, Tina Zhang
2021 arXiv   pre-print
Finally, we show that, under our definition, the verification protocol introduced by Mahadev (FOCS 2018) is a classical argument of quantum knowledge for QMA relations.  ...  In so doing, we introduce techniques for the analysis of such protocols which build on results from the literature on nonlocal games.  ...  We thank Alexandru Gheorghiu for useful feedback and Or Sattath for comments.  ... 
arXiv:2005.01691v2 fatcat:ujp4zihsdzag3nkwvjhxzc4hl4

Zero-Knowledge Proofs and String Commitments Withstanding Quantum Attacks

Ivan B. Damgård, Serge Fehr, Louis Salvail
2004 BRICS Report Series  
This is based on a general method converting an important class of classical honest-verifier ZK (HVZK) proofs into QZK proofs.  ...  <br /> <br />We propose new techniques for building quantum zero-knowledge (QZK) protocols, which remain secure even under (active) quantum attacks.  ...  Acknowledgements The authors are grateful to Claude Crépeau for having introduced the problem to one of us and discussed its relevance.  ... 
doi:10.7146/brics.v11i9.21834 fatcat:acixq2tuc5bt7oiybtsy5kvzmy

Zero-Knowledge Proofs and String Commitments Withstanding Quantum Attacks [chapter]

Ivan Damgård, Serge Fehr, Louis Salvail
2004 Lecture Notes in Computer Science  
We propose new techniques for building quantum zero-knowledge (QZK) protocols, which remain secure even under (active) quantum attacks.  ...  This is based on a general method converting an important class of classical honest-verifier ZK (HVZK) proofs into QZK proofs.  ...  Acknowledgements The authors are grateful to Claude Crépeau for having introduced the problem to one of us and discussed its relevance.  ... 
doi:10.1007/978-3-540-28628-8_16 fatcat:zyalxzxvqbbtvluyytrcvi2hki

Non-Interactive Zero-Knowledge Proofs in the Quantum Random Oracle Model [chapter]

Dominique Unruh
2015 Lecture Notes in Computer Science  
We present a construction for non-interactive zero-knowledge proofs of knowledge in the random oracle model from general sigma-protocols. Our construction is secure against quantum adversaries.  ...  To prove security of our constructions, we additionally develop new techniques for adaptively programming the quantum random oracle. References 23 Symbol index 24 Keyword index 25 1  ...  We thank Marc Fischlin and Tommaso Gagliardoni for valuable discussions and the initial motivation for this work.  ... 
doi:10.1007/978-3-662-46803-6_25 fatcat:k3kin52g5jd5lki6wc3r3qkqae
« Previous Showing results 1 — 15 out of 21,320 results