A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Filters
Strengthening Zero-Knowledge Protocols Using Signatures
2005
Journal of Cryptology
Preserved Fulltext
an unbounded simulation sound concurrent zero-knowledge protocol. ...
More precisely, our technique utilizes a signature scheme existentially unforgeable against adaptive chosen-message attacks, and transforms any Σ-protocol (which is honest-verifier zero-knowledge) into ...
Zero-knowledge proofs and proofs of knowledge Here we provide definitions related to zero-knowledge proofs and proofs of knowledge. ...
doi:10.1007/s00145-005-0307-3
fatcat:xphatzr3yjd4rnrd5bqdsdvg3u
Strengthening Zero-Knowledge Protocols Using Signatures
[chapter]
2003
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
an unbounded simulation sound concurrent zero-knowledge protocol. ...
More precisely, our technique utilizes a signature scheme existentially unforgeable against adaptive chosen-message attacks, and transforms any Σ-protocol (which is honest-verifier zero-knowledge) into ...
Zero-knowledge proofs and proofs of knowledge Here we provide definitions related to zero-knowledge proofs and proofs of knowledge. ...
doi:10.1007/3-540-39200-9_11
fatcat:uuv7o5iz5nc4vmb4v7v3tmj4cm
Achieving Security Despite Compromise Using Zero-knowledge
2009
2009 22nd IEEE Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We use an enhanced type system for zero-knowledge to verify that the transformed protocols are secure despite compromise. Both the protocol transformation and the verification are fully automated. ...
Our approach is general and can strengthen any protocol based on public-key cryptography, digital signatures, hashes, and symmetric-key cryptography. ...
Finally, the signature output in the original protocol is replaced by the zero-knowledge proof ZK 2 and the zero-knowledge proof received from the user. ...
doi:10.1109/csf.2009.24
dblp:conf/csfw/BackesGHM09
fatcat:biuw53l4xbckbb77cdasy2pxe4
Post-quantum Security of Fiat-Shamir
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We circumvent the impossibility results from Ambainis, Rosmanis, and Unruh (FOCS 2014) by strengthening the assumptions about the underlying sigma-protocol. ...
In the search for efficient signature schemes, Fiat-Shamir [10] gave a construction for transforming many three-round identification schemes into signatures, using the random oracle. ...
More precisely, we prove that it is zero-knowledge (using random-oracle programming techniques from [18] ), and that it is sound (i.e., a proof of knowledge, using a reduction to quantum search). ...
doi:10.1007/978-3-319-70694-8_3
fatcat:muyy3aadmnhqdpbp56jnjkrfui
Enhancing privacy of federated identity management protocols
2006
Proceedings of the 5th ACM workshop on Privacy in electronic society - WPES '06
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
Being based on new, yet well-researched, signature schemes and cryptographic zero-knowledge proofs, these systems have the potential to improve the capabilities of FIM by superior privacy protection, user ...
Unfortunately, anonymous credential systems and their semantics being based upon zero-knowledge proofs are incompatible with the XML Signature Standard which is the basis for the WS-Security and most FIM ...
Generate a generator g of G. 2: return (p, q, g)
Signature Generation The following algorithm is used to create a signature with the semantics of a zero-knowledge-proof-based protocol transferred to ...
doi:10.1145/1179601.1179613
dblp:conf/wpes/CamenischGS06
fatcat:okr3w5nhgrfwxkrnqxwuzhtljy
Efficient Deniable Authentication for Signatures
[chapter]
2009
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We introduce Offline Non-Transferable Authentication Protocol (ON-TAP) and we show that it can be built by using a classical signature scheme and a deniable zero-knowledge proof of knowledge. ...
For that reason, we use a generic transform for Σ-protocols. Finally, we give examples to upgrade signature standards based on RSA or ElGamal into an ONTAP. ...
A Σ-protocol is a special 3-move honest-verifier zero-knowledge proof of knowledge for a relation R. ...
doi:10.1007/978-3-642-01957-9_17
fatcat:dmzletltovepnpczt2vd35wkti
Anonymous Webs of Trust
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
Our framework comprises a novel cryptographic protocol based on zero-knowledge proofs, a symbolic abstraction and formal verification of our protocol, and a prototypical implementation based on the OpenPGP ...
This circumstance required us to develop a novel zero-knowledge proof. We will now give a short overview of this signature scheme. ...
This is achieved by the zero-knowledge protocol (5) . ...
doi:10.1007/978-3-642-14527-8_8
fatcat:k2nx43uqpnh33fkkz6j4tsf5si
Transformation of Digital Signature Schemes into Designated Confirmer Signature Schemes
[chapter]
2004
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
(To achieve lower soundness probability the protocol may be repeated.) Theorem 9 Protocol I is a perfect zero-knowledge proof of knowledge of s. Protocol II: Strong WHPOK of Cramer-Shoup signatures. ...
Protocol I: Zero-knowledge proof of knowledge of the ith root: On common input w, i, N such that w = s i mod N , and auxiliary secret input s to the prover. 1. ...
Kipnis for their useful comments. We also like to thank the anonymous referees for their useful and detailed comments. ...
doi:10.1007/978-3-540-24638-1_5
fatcat:6kpb5tvyerh2nacnz334ipqvf4
Concurrently Non-malleable Black-Box Zero Knowledge in the Bare Public-Key Model
[chapter]
2009
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We consider a type of zero-knowledge protocols that are of interest for their practical applications within networks like the Internet: efficient zero-knowledge arguments of knowledge that remain secure ...
We also show time-efficient instantiations of our protocol, in which the transformation from a 3-round honest-verifier zero-knowledge argument of knowledge to a 4-round concurrently non-malleable zero-knowledge ...
The protocol (P , V ) also enjoys the extraction property (and therefore the concurrent non-malleability property). ...
doi:10.1007/978-3-642-03351-3_10
fatcat:wsviypogyjaefofgbotmswpqhm
Concurrently Non-Malleable Zero Knowledge in the Authenticated Public-Key Model
[article]
2006
arXiv
pre-print
Preserved Fulltext
The Internet Archive has a preservation copy of this work in our general collections.
The file type is application/pdf.
We consider a type of zero-knowledge protocols that are of interest for their practical applications within networks like the Internet: efficient zero-knowledge arguments of knowledge that remain secure ...
We also note a negative result with respect to further reducing the setup assumptions of our protocol to those in the (unauthenticated) BPK model, by showing that concurrently non-malleable zero-knowledge ...
A zero-knowledge protocol is considered non-malleable if it is immune against such problem. ...
arXiv:cs/0609057v1
fatcat:hrtarujdlbezjphvbpmpgyb3fy
Simulatable Adaptive Oblivious Transfer
[chapter]
2007
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
This second construction uses novel techniques for building efficient simulatable protocols. ...
Our first protocol is a very efficient generic construction from unique blind signatures in the random oracle model. ...
Acknowledgements The authors would like to thank Xavier Boyen, Christian Cachin, Anna Lysyanskaya, Benny Pinkas, Alon Rosen and the anonymous referees for their useful comments and discussions. ...
doi:10.1007/978-3-540-72540-4_33
fatcat:oeuomhzoavbchlazx3cljg7c3i
Black-Box Reductions and Separations in Cryptography
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Cryptographic constructions of one primitive or protocol from another one usually come with a reductionist security proof, in the sense that the reduction turns any adversary breaking the derived scheme ...
The protocol first runs an initialization phase whose only purpose is to give the zero-knowledge simulator some freedom. ...
Barak's Non-Black-Box Zero-Knowledge Proofs The second example is based on a non-black-box use of the adversary. ...
doi:10.1007/978-3-642-31410-0_26
fatcat:rhy4vdi22rgozoahecz64ugwpy
Constant-Round Concurrent Zero Knowledge in the Bounded Player Model
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
zero-knowledge result. ...
Their protocol requires a super-constant number of rounds. In this work we show, constructively, that there exists a constant-round concurrent zero-knowledge argument in the bounded player model. ...
Concurrent zero knowledge is much harder to achieve than zero knowledge. ...
doi:10.1007/978-3-642-42033-7_2
fatcat:touymnnphvbpvdbaxmwmqf5mxu
Efficient Threshold Zero-Knowledge with Applications to User-Centric Protocols
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
This allows us to easily construct protocols that have arbitrary challenge spaces, which is more difficult to achieve with the general definition of zero-knowledge. ...
While their model is based on zero-knowledge proofs of knowledge, our model extends the properties of Σ -protocols. ...
Garay, J.A., MacKenzie, P.D., Yang, K.: Strengthening zero-knowledge protocols using signatures. J. Cryptology 19(2), 169-209 (2006) 33. ...
doi:10.1007/978-3-642-32284-6_9
fatcat:o2jtj5wibvbjxeuonzjb7eyj54
Long-Term Security and Universal Composability
2010
Journal of Cryptology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Surprisingly, nontrivial zero knowledge protocols are possible based on a coin tossing functionality: We give a long-term secure composable zero knowledge protocol proving the knowledge of the factorisation ...
We show that the usual set-up assumptions used for UC protocols (e.g., a common reference string) are not sufficient to achieve long-term secure and composable protocols for commitments or general zero ...
Using this extractable commitment we modify the zero knowledge protocol for graph-3-colourability of [16] . ...
doi:10.1007/s00145-010-9068-8
fatcat:loydtankxbgatpfhhpr3zykj54
« Previous
Showing results 1 — 15 out of 12,405 results