Amortized Complexity of Zero-Knowledge Proofs Revisited: Achieving Linear Soundness Slack

被引：14

作者：

Cramer, Ronald ^{[1
,2
]}

Damgard, Ivan ^{[3
]}

Xing, Chaoping ^{[4
]}

Yuan, Chen ^{[4
]}

机构：

[1] CWI, Amsterdam, Netherlands

[2] Leiden Univ, Math Inst, Leiden, Netherlands

[3] Aarhus Univ, Dept Comp Sci, Aarhus, Denmark

[4] Nanyang Technol Univ, Sch Phys & Math Sci, Singapore, Singapore

来源：

ADVANCES IN CRYPTOLOGY - EUROCRYPT 2017, PT I | 2017年 / 10210卷

基金：

美国国家科学基金会; 新加坡国家研究基金会;

关键词：

HOMOMORPHIC ENCRYPTION; PROTOCOLS; LATTICE;

D O I：

10.1007/978-3-319-56620-7_17

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We propose a new zero-knowledge protocol for proving knowledge of short preimages under additively homomorphic functions that map integer vectors to an Abelian group. The protocol achieves amortized efficiency in that it only needs to send O(n) function values to prove knowledge of n preimages. Furthermore we significantly improve previous bounds on how short a secret we can extract from a dishonest prover, namely our bound is a factor O(k) larger than the size of secret used by the honest prover, where k is the statistical security parameter. In the best previous result, the factor was O(k(log k) n). Our protocol can be applied to give proofs of knowledge for plaintexts in (Ring-) LWE-based cryptosystems, knowledge of preimages of homomorphic hash functions as well as knowledge of committed values in some integer commitment schemes.

引用

页码：479 / 500

页数：22

共 21 条

[1] Bassalygo L.A., 1981, Problemy Peredachi Informatsii, V17, P81
[2] How to Prove Knowledge of Small Secrets
Baum, Carsten
Damgard, Ivan
Larsen, Kasper Green
Nielsen, Michael
[J]. ADVANCES IN CRYPTOLOGY (CRYPTO 2016), PT III, 2016, 9816 : 478 - 498
[3] Bellare O., 1992, ser. Lecture Notes in Computer Science, V740, P390
[4] Bendlin R, 2011, LECT NOTES COMPUT SC, V6632, P169, DOI 10.1007/978-3-642-20465-4_11
[5] Brakerski Z., 2009, P 3 INN THEOR COMP S, P309, DOI [10.1007/978-3-642-03356-811, DOI 10.1007/978-3-642-03356-811]
[6] EFFICIENT FULLY HOMOMORPHIC ENCRYPTION FROM (STANDARD) LWE
Brakerski, Zvika
Vaikuntanathan, Vinod
[J]. SIAM JOURNAL ON COMPUTING, 2014, 43 (02) : 831 - 871
[7] Capalbo M., 2002, P 34 ANN ACM S THEOR, P659, DOI [10.1145/509907, DOI 10.1145/509907, DOI 10.1145/509907.510003]
[8] On the Amortized Complexity of Zero-Knowledge Protocols
Cramer, Ronald
Damgard, Ivan
Keller, Marcel
[J]. JOURNAL OF CRYPTOLOGY, 2014, 27 (02) : 284 - 316
[9] Cramer R, 2009, LECT NOTES COMPUT SC, V5677, P177, DOI 10.1007/978-3-642-03356-8_11
[10] Damgard Ivan, 2013, Computer Security - ESORICS 2013. 18th European Symposium on Research in Computer Security. Proceedings: LNCS 8134, P1, DOI 10.1007/978-3-642-40203-6_1

← 1 2 3 →