Secret-chain Zero-Knowledge Proofs and Their Applications

نویسنده

  • Tony Liang Eng
چکیده

In zero-knowledge proofs of knowledge, a single prover tries to convince a single verifier that he has possession of some knowledge s. The verifier accepts with probability 1 if the prover is honest (completeness), and rejects with high probability otherwise (soundness). In either case, the verifier learns nothing about s other than the bit of information as to whether or not the prover knows s (zero-knowledgeness). In [OkOh], Okamoto and Ohta introduce the notion of divertibility, a certain zero-knowledge proof of knowledge scenario in which the verifier is in turn able to disseminate the prover's proof of knowledge and even convince others that he knows some secret s when in reality, this information is known only to the prover. There are both positive and negative aspects to this scenario. The immediate complaint of this situation is that the verifier is know able to profess and claim knowledge of something he doesn't really know, and in applications like identification schemes, this is definitely undesirable. However, [OkOh] and [BuDeItSaSh] have ventured forth useful applications divertible proofs, namely for untraceability, blind signatures and subliminal-free transmissions. In this thesis, we generalize this idea of divertibility by introducing and exploring the secret-chain model, a proof system characterized by the existence of multiple provers, arranged in a linear fashion. In this manner, each prover is only allowed to interact with the provers who are his immediate neighbors. In addition, each prover knows some secret information that can be part of a larger "super-secret". If we replace the chain of provers with a single "super-prover", then this super-secret is knowledge this super-prover claims to know and can exhibit a proof of knowledge for. We define a model and formulate these ideas further assuming the existence of a commutative random self-reducible (CRSR) relation that is both one-way and non-trapdoor. Secret-chains appear useful for applications in which privacy protection and untraceability are desired. For example, consider an information broker/consultant who furnishes clients with information. He may assemble and collate information from his own personal resources and from one of many information banks or sources that are willing to exhibit a zero knowledge proof for information they know provided the price is right. Naturally, he wishes to keep his sources of information secret from his customers, and furthermore, he may not want his sources to know what he is doing with their information, so prefers that the identity of his clientele remains unknown to his sources. The use of secret-chains may be useful for situations in which the presence of an overseer is desired to monitor some party in the system, so that this party cannot function properly without the overseers consent. Furthermore, secret chains may not be limited to proofs of knowledge, but might have possible applications to proofs of computational power. In this thesis, we discuss several possible applications, and construct a blind signature scheme based on a secret-chain. Lastly, we exhibit a secret-chain zero-knowledge proof for Graph Isomorphism. Thesis Supervisor: Shafi Goldwasser Title: Professor of Computer Science and Engineering

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Zero Knowledge Proofs

Zero-knowledge proofs are cryptographic protocols that allow a prover to prove that they have some knowledge of a certain kind, without revealing any additional information about that knowledge. For example, I might want to prove that I know a secret preimage w for some hash h = hash(w), without revealing what that secret w is. Digital signatures are a bit like a zero knowledge proof: “I know a...

متن کامل

Efficient Delegation of Zero-Knowledge Proofs of Knowledge in a Pairing-Friendly Setting

Since their introduction in 1985, by Goldwasser, Micali and Rackoff, followed by Feige, Fiat and Shamir, zero-knowledge proofs have played a significant role in modern cryptography: they allow a party to convince another party of the validity of a statement (proof of membership) or of its knowledge of a secret (proof of knowledge). Cryptographers frequently use them as building blocks in comple...

متن کامل

Secure Multi-Party Computation over Networks

Consider a set of parties who do not trust each other but want to compute some agreed function of their inputs in a secure way. This problem is known as multi-party computation. It has various interesting applications including election over the internet, electric contracts, private and secret database, joint signatures, and others. A number of techniques for the problem have been proposed. Sec...

متن کامل

Unconditional Characterizations of Non-interactive Zero-Knowledge

Non-interactive zero-knowledge (NIZK) proofs have been investigated in two models: the Public Parameter model and the Secret Parameter model. In the former, a public string is “ideally” chosen according to some efficiently samplable distribution and made available to both the Prover and Verifier. In the latter, the parties instead obtain correlated (possibly different) private strings. To add f...

متن کامل

Zero-knowledge proofs of knowledge for group homomorphisms

Asimple zero-knowledge proof of knowledge protocol is presented ofwhichmany known protocols are instantiations. These include Schnorr’s protocol for proving knowledge of a discrete logarithm, the Fiat–Shamir andGuillou–Quisquater protocols for proving knowledge of a modular root, protocols for proving knowledge of representations (like Okamoto’s protocol), protocols for proving equality of secr...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006