Additive Proofs of Knowledge - A New Notion for Non-Interactive Proofs
نویسنده
چکیده
This paper has two contributions. Firstly, we describe an efficient Non-Interactive Zero-Knowledge (NIZK) Proof of Knowledge (PoK) protocol using bilinear pairings. The protocol assumes the hardness of the Computational Diffie-Hellman (CDH) problem. The prover does not perform any pairing computations while the verifier performs 3 pairing computations. The protocol can be used for identification (eg. in smart-cards). Secondly, we extend the idea to multiple proofs and propose the notion of efficient Additive Non-Interactive Witness-Indistinguishable (A-NIWI) proofs. Intuitively an A-NIWI proof can be considered as a PoK of another A-NIWI proof. Our ideas are based on the aggregate signature scheme of Boneh et al. (proposed in Eurocrypt 2003).
منابع مشابه
Minimizing Non-interactive Zero-Knowledge Proofs Using Fully Homomorphic Encryption
A non-interactive zero-knowledge proof can be used to demonstrate the truth of a statement without revealing anything else. It has been shown under standard cryptographic assumptions that non-interactive zero-knowledge proofs of membership exist for all languages in NP. However, known non-interactive zero-knowledge proofs of membership of NP-languages yield proofs that are larger than the corre...
متن کامل"Metaproofs" (and their Cryptographic Applications)
We develop a non-interactive proof-system which we call “Metaproof” (μ-NIZK proof system); it provides a proof of “the existence of a proof to a statement”. This metamathematical notion indeed seems redundant when we deal with proving NP statements, but in the context of zero-knowledge theory and cryptography it has a large variety of applications. Combined with another tool we develop which we...
متن کاملThreshold and Revocation Cryptosystems via Extractable Hash Proofs
We present a new unifying framework for constructing non-interactive threshold encryption and signature schemes, as well as broadcast encryption schemes, and in particular, derive several new cryptosystems based on hardness of factoring, including: – a threshold signature scheme (in the random oracle model) that supports ad-hoc groups (i.e., exponential number of identities and the set-up is in...
متن کاملOn Defining Proofs of Knowledge in the Bare Public Key Model
One contribution provided by the groundbreaking concept of interactive proofs is the notion of proofs of knowledge, where a prover can convince a verifier that she knows a secret related to a public statement. This notion was formalized in the conventional complexity-theoretic model of interactive protocols and showed to be very useful for cryptographic applications, such as entity authenticati...
متن کاملRandomizable Proofs and Delegatable Anonymous Credentials
We construct an efficient delegatable anonymous credentials system. Users can anonymously and unlinkably obtain credentials from any authority, delegate their credentials to other users, and prove possession of a credential L levels away from a given authority. The size of the proof (and time to compute it) is O(Lk), where k is the security parameter. The only other construction of delegatable ...
متن کامل