Zero-Knowledge Protocols for the McEliece Encryption
نویسندگان
چکیده
We present two zero-knowledge protocols for the code-based McEliece public key encryption scheme in the standard model. Consider a prover who encrypted a plaintext m into a ciphertext c under the public key pk. The first protocol is a proof of plaintext knowledge (PPK), where the prover convinces a polynomially bounded verifier on a joint input (c, pk) that he knows m without actually revealing it. This construction uses code-based Véron’s zero-knowledge identification scheme. The second protocol, which builds on the first one, is a verifiable McEliece encryption, were the prover convinces a polynomially bounded verifier on a joint input (c, pk,m) that c is a valid encryption of m, without performing decryption. These protocols are the first PPK and the first verifiable encryption for code-based cryptosystems.
منابع مشابه
Zero-Knowledge Protocols for Code-Based Public-Key Encryption
Cryptography relies on Mathematics in all its aspects, beginning from the constructions relying on various mathematical theories, continuing with security evaluation of cryptographic systems, and proving their security, and finally ending in implementation. Recently, new security threats are posed by the emerging quantum computing technology. Specifically, quantum algorithms can break some publ...
متن کاملObtaining Efficient Fully Simulatable Oblivious Transfer from General Assumptions
We introduce a general construction of fully simulatable oblivious transfer based on lossy encryption. Furthermore, we extend the common definition of lossy encryption by introducing the notion of computationally lossy encryption. If the cryptosystem used is computationally lossy, our general construction yields oblivious transfer protocols with computational security for both parties. Otherwis...
متن کاملNon-interactive Zero-Knowledge from Homomorphic Encryption
We propose a method for compiling a class of Σ-protocols (3-move public-coin protocols) into non-interactive zero-knowledge arguments. The method is based on homomorphic encryption and does not use random oracles. It only requires that a private/public key pair is set up for the verifier. The method applies to all known discrete-log based Σ-protocols. As applications, we obtain non-interactive ...
متن کاملCode-based Cryptography:Implementing the McEliece Scheme on Reconfigurable Hardware
III ×ØÖÖÖØ Most advanced security systems rely on public-key schemes based either on the factorization or discrete logarithm problem. Since both problems are known to be closely related, a major breakthrough in cryptanalysis tackling one of those problems could render a large set of cryptosystems completely useless. The McEliece public-key scheme is based on the alternative security assumption ...
متن کاملA Weakness in Some Oblivious Transfer and Zero-Knowledge Protocols
We consider oblivious transfer protocols and their applications that use underneath semantically secure homomorphic encryption scheme (e.g. Paillier’s). We show that some oblivious transfer protocols and their derivatives such as private matching, oblivious polynomial evaluation and private shared scalar product could be subject to an attack. The same attack can be applied to some non-interacti...
متن کامل