Leakage-Resilient Identification Schemes from Zero-Knowledge Proofs of Storage
نویسندگان
چکیده
We provide a framework for constructing leakage-resilient identification (ID) protocols in the bounded retrieval model (BRM) from proofs of storage (PoS) that hide partial information about the file. More precisely, we describe a generic transformation from any zero-knowledge PoS to a leakage-resilient ID protocol in the BRM. We then describe a ZK-PoS based on RSA which, under our transformation, yields the first ID protocol in the BRM based on RSA (in the ROM). The resulting protocol relies on a different computational assumption and is more efficient than previously-known constructions.
منابع مشابه
Constant-Round Leakage-Resilient Zero-Knowledge Arguments of Knowledge for NP
Garg, Jain, and Sahai first consider zero knowledge proofs in the presence of leakage on the local state of the prover, and present a leakageresilient-zero-knowledge proof system for HC (Hamiltonian Cycle) problem. Their construction is called (1 + ε)-leakage-resilient zero-knowledge, for any constant ε > 0, because the total length of the leakage the simulator needs is (1 + ε) times as large a...
متن کاملImpossibility of Black-Box Simulation Against Leakage Attacks
In this work, we show how to use the positive results on succinct argument systems to prove impossibility results on leakage-resilient black-box zero knowledge. This recently proposed notion of zero knowledge deals with an adversary that can make leakage queries on the state of the prover. Our result holds for black-box simulation only and we also give some insights on the non-black-box case. A...
متن کاملConstant-Round Leakage-Resilient Zero-Knowledge from Collision Resistance
We construct a constant-round leakage-resilient zero-knowledge argument system under the existence of collision-resistant hash function family. That is, using collision-resistant hash functions, we construct a constant-round zero-knowledge argument system such that for any cheating verifier that obtains arbitrary amount of leakage of the prover’s state, there exists a simulator that can simulat...
متن کاملAugmented Black-Box Simulation and Zero Knowledge Argument for NP
The standard zero knowledge notion is formalized by requiring that for any probabilistic polynomial-time (PPT) verifier V ∗, there is a PPT algorithm (simulator) SV ∗ , such that the outputs of SV ∗ is indistinguishable from real protocol views. The simulator is not permitted to access the verifier V ∗’s private state. So the power of SV ∗ is, in fact, inferior to that of V ∗. In this paper, a ...
متن کاملMaking the Best of a Leaky Situation: Zero-Knowledge PCPs from Leakage-Resilient Circuits
A Probabilistically Checkable Proof (PCP) allows a randomized verifier, with oracle access to a purported proof, to probabilistically verify an input statement of the form “x ∈ L” by querying only few bits of the proof. A zero-knowledge PCP (ZKPCP) is a PCP with the additional guarantee that the view of any verifier querying a bounded number of proof bits can be efficiently simulated given the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015