Designated Verifier Nizks
نویسنده
چکیده
Last Time: Simulation Sound NIZKS & Connection to CCA Security. Last time we introduced Simulation-Sound NIZKs, and constructed a 1-Time Simulation Sound NIZK (1-SS NIZK). We then showed how to get CCA secure encryption from CPA encryption and NIZKs in one of two ways: using standard NIZK and n copies of a CPA encryption scheme ([DDN00]) or using 1-SS NIZK and 2 copies of a CPA encryption scheme ([NY90]). Since our general NIZK constructions were not very efficient, neither are the resulting CCA-secure encryption schemes. Recall the Naor-Yung construction: to encrypt a message m compute:
منابع مشابه
Multi-Theorem Preprocessing NIZKs from Lattices
Non-interactive zero-knowledge (NIZK) proofs are fundamental to modern cryptography. Numerous NIZK constructions are known in both the random oracle and the common reference string (CRS) models. In the CRS model, there exist constructions from several classes of cryptographic assumptions such as trapdoor permutations, pairings, and indistinguishability obfuscation. Notably absent from this list...
متن کاملRelatively-Sound NIZKs and Password-Based Key-Exchange
We define a new notion of relatively-sound non-interactive zero-knowledge (NIZK) proofs, where a private verifier with access to a trapdoor continues to be sound even when the Adversary has access to simulated proofs and common reference strings. It is likely that this weaker notion of relative-soundness suffices in most applications that need simulation-soundness. We show that for certain lang...
متن کاملGeneric Constructions for Strong Designated Verifier Signature
A designated verifier signature is a special type of digital signature, which convinces a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party. A strong designated verifier signature scheme enhances the privacy of the signer such that no one but the designated verifier can verify the signer’s signatures. In t...
متن کاملConvertible limited (multi-) verifier signature: new constructions and applications
A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we first present a generic construction of convertible limited verifier signature (CLVS) into which...
متن کاملIdentity-based strong designated verifier signature schemes: Attacks and new construction
A strong designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party, and no third party can even verify the validity of a designated verifier signature. We show that anyone who intercepts one signature can verify subsequent signatures...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009