Statistical Zero-Knowledge Proofs from Diophantine Equations
نویسنده
چکیده
A family (St) of sets is p-bounded Diophantine if St has a representing p-bounded polynomial RS;t, s.t. x 2 St () (9y)[RS(x; y) = 0℄. We say that (St) is unbounded Diophantine if additionally, RS;t is a fixed t-independent polynomial. We show that p-bounded (resp., unbounded) Diophantine set has a polynomial-size (resp., constant-size) statistical zero-knowledge proof system that a committed tuple x belongs to S. We describe efficient SZK proof systems for several cryptographically interesting sets. Finally, we show how to prove in SZK that an encrypted number belongs to S.
منابع مشابه
Removing the Strong RSA Assumption from Arguments over the Integers
Committing integers and proving relations between them is an essential ingredient in many cryptographic protocols. Among them, range proofs have shown to be fundamental. They consist in proving that a committed integer lies in a public interval, which can be seen as a particular case of the more general Diophantine relations: for the committed vector of integers x, there exists a vector of inte...
متن کاملOn Some Diophantine Equations of the Form hX+Y= Z
We show the impossibility of primitive non-zero solutions to the title equation if h = 3 and n ∈ {3, 4, 5, 6} and if h ∈ {11, 19, 43, 67, 163} and n ∈ {4, 5, }. The proofs are based solely on elementary methods with no use of computers and the elliptic curve machinery. Mathematics Subject Classification: 11D41
متن کاملCombinatorial Diophantine Equations and a Refinement of a Theorem on Separated Variables Equations
We look at Diophantine equations arising from equating classical counting functions such as perfect powers, binomial coefficients and Stirling numbers of the first and second kind. The proofs of the finiteness statements that we give use a variety of methods from modern number theory, such as effective and ineffective tools from Diophantine approximation. As a tool for one part of the statement...
متن کاملThe best Diophantine approximations: the
This brief survey deals with multi-dimensional Diophantine approximations in sense of linear form and with simultaneous Diophantine approximations. We discuss the phenomenon of degenerate dimension of linear sub-spaces generated by the best Diophantine approximations. Originally most of these results have been established by the author in [14, 15, 16, 17, 18]. Here we collect all of them togeth...
متن کاملDivision by zero
For any sufficiently strong theory of arithmetic, the set of Diophantine equations provably unsolvable in the theory is algorithmically undecidable, as a consequence of the MRDP theorem. In contrast, we show decidability of Diophantine equations provably unsolvable in Robinson’s arithmetic Q. The argument hinges on an analysis of a particular class of equations, hitherto unexplored in Diophanti...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2001 شماره
صفحات -
تاریخ انتشار 2001