Open AccessJournal Article
Resettable Zero-Knowledge
164
TL;DR: Resettable zero-knowledge (rZK) as discussed by the authors is a security measure for cryptographic protocols which strengthens the classical notion of zero knowledge, and it has great relevance to applications.
read more
Abstract: We introduce the notion of Resettable Zero-Knowledge (rZK), a new security measure for cryptographic protocols which strengthens the classical notion of zero-knowledge. In essence, an rZK protocol is one that remains zero knowledge even if an adversary can interact with the prover many times, each time resetting the prover to its initial state and forcing him to use the same random tape. Under general complexity assumptions, which hold for example if the Discrete Logarithm Problem is hard, we construct (non-constant round) Resettable Zero-Knowledge proof-systems for NP constant-round Resettable Witness-Indistinguishable proof-systems for NP constant-round Resettable Zero-Knowledge arguments for NP in the public key model where verifiers have fixed, public keys associated with them. In addition to shedding new light on what makes zero knowledge possible (by constructing ZK protocols that use randomness in a dramatically weaker way than before), rZK has great relevance to applications. Firstly, we show that rZK protocols are closed under parallel and concurrent execution and thus are guaranteed to be secure when implemented in fully asynchronous networks, even if an adversary schedules the arrival of every message sent. Secondly, rZK protocols enlarge the range of physical ways in which provers of a ZK protocols can be securely implemented, including devices which cannot reliably toss coins on line, nor keep state between invocations. (For instance, because ordinary smart cards with secure hardware are resettable, they could not be used to implement securely the provers of classical ZK protocols, but can now be used to implement securely the provers of rZK protocols.)
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
The knowledge complexity of interactive proof-systems
Shafi Goldwasser,Silvio Micali,Charles Rackoff +2 more
- 04 Oct 2019
TL;DR: Permission to copy without fee all or part of this material is granted provided that the copies arc not made or distributed for direct commercial advantage.
GQ and Schnorr Identification Schemes: Proofs of Security against Impersonation under Active and Concurrent Attacks
Mihir Bellare,Adriana Palacio +1 more
- 18 Aug 2002
TL;DR: This paper provides a proof for GQ based on the assumed security of RSA under one more inversion, an extension of the usual one-wayness assumption that was introduced in [5].
Robust Non-interactive Zero Knowledge
Alfredo De Santis,Giovanni Di Crescenzo,Rafail Ostrovsky,Giuseppe Persiano,Amit Sahai +4 more
- 19 Aug 2001
TL;DR: In this article, the authors considered non-malleable non-interactive zero-knowledge (NIZK) in the multi-party setting and proposed a stronger NIZK Proofs of Knowledge (PKK) definition.
•Posted Content
Practical Verifiable Encryption and Decryption of Discrete Logarithms.
Jan Camenisch,Victor Shoup +1 more
TL;DR: The first verifiable encryption scheme that provides chosen ciphertext security and avoids inecient cut-and-choose proofs was proposed in this paper, based on Paillier's decision composite residuosity assumption.
322
•Proceedings Article
Timed Commitments
Dan Boneh,Moni Naor +1 more
- 20 Aug 2000
TL;DR: This work introduces and constructs timed commitment schemes, an extension to the standard notion of commitments in which a potential forced opening phase permits the receiver to recover (with effort) the committed value without the help of the committer.
311
References
How to prove yourself: practical solutions to identification and signature problems
Amos Fiat,Adi Shamir +1 more
- 01 Jan 1987
TL;DR: Simple identification and signature schemes which enable any user to prove his identity and the authenticity of his messages to any other user without shared or public keys are described.
The knowledge complexity of interactive proof systems
TL;DR: A computational complexity theory of the “knowledge” contained in a proof is developed and examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity.
How to construct random functions
TL;DR: In this paper, a constructive theory of randomness for functions, based on computational complexity, is developed, and a pseudorandom function generator is presented, which is a deterministic polynomial-time algorithm that transforms pairs (g, r), where g is any one-way function and r is a random k-bit string, to computable functions.
2.1K
Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems
TL;DR: In this article, it was shown that all languages in NP have zero-knowledge interactive proofs, which are probabilistic and interactive proofs that, for the members of a language, efficiently demonstrate membership in the language without conveying any additional knowledge.
A hard-core predicate for all one-way functions
Oded Goldreich,Leonid A. Levin +1 more
- 01 Feb 1989
TL;DR: This paper proves a conjecture of [Levin 87, sec. 5.6.2] that the scalar product of Boolean vectors p, g, x is a hard-core of every one-way function ƒ, and extends to multiple (up to the logarithm of security) such bits and to any distribution on the x .
1.5K