Computationally Convincing Proofs of Knowledge
نویسندگان
چکیده
The original definition of interactive proof-systems, as given by Goldwasser, Micali and Rackoff, does not impose limits on the prover's computing power [GMR89]. This is also the case for Babai's Arthur-Merlin games IBM88]. Hence, the prover may wish to convince the verifier of the t ru th of an assertion, but it does not really make sense for the prover to convince the verifier that she 1 knows a proof of the assertion (of course she knows such a proof if it exists since she is all-powerful). Nevertheless, Feige, Fiat and Shamir [FFS88], and Tompa and Woll [TW87] have given formal definitions of what should constitute a proof of knowledge in the context of interactive proof-systems.
منابع مشابه
Zero-Knowledge twenty years after its invention
Zero-knowledge proofs are proofs that are both convincing and yet yield nothing beyond the validity of the assertion being proven. Since their introduction about twenty years ago, zero-knowledge proofs have attracted a lot of attention and have, in turn, contributed to the development of other areas of cryptography and complexity theory. We survey the main deenitions and results regarding zero-...
متن کاملA Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order
We present a statistically-hiding commitment scheme allowing commitment to arbitrary size integers, based on any (Abelian) group with certain properties, most importantly, that it is hard for the committer to compute its order. We also give efficient zero-knowledge protocols for proving knowledge of the contents of commitments and for verifying multiplicative relations over the integers on comm...
متن کاملConstant-Round Perfect Zero-Knowledge Computationally Convincing Protocols
A perfect zero-knowledge interactive protocol allows a prover to convince a veri er of the validity of a statement in a way that does not give the veri er any additional information [GMR,GMW]. Such protocols take place by the exchange of messages back and forth between the prover and the verier. An important measure of e ciency for these protocols is the number of rounds in the interaction. In ...
متن کاملComputational soundness of symbolic zero-knowledge proofs
The abstraction of cryptographic operations by term algebras, called Dolev-Yao models, is essential in almost all tool-supported methods for proving security protocols. Recently significant progress was made in proving that Dolev-Yao models offering the core cryptographic operations such as encryption and digital signatures can be sound with respect to actual cryptographic realizations and secu...
متن کاملA Computationally Sound, Symbolic Abstraction for Malleable Zero-knowledge Proofs
Zero-knowledge (ZK) proofs have become a central building block for a variety of modern security protocols. Modern ZK constructions, such as the Groth-Sahai proof system, offer novel types of cryptographic flexibility: a participant is able to re-randomize existing ZK proofs, e.g., to achieve unlinkability in anonymity protocols; she can hide public parts of a ZK proof statement to meet her pri...
متن کامل