Efficient Non-Interactive Zero Knowledge Arguments for Set Operations Prastudy Fauzi, Helger Lipmaa, Bingsheng Zhang University of Tartu, University of.

Slides:



Advertisements
Similar presentations
Is it rational or irrational?
Advertisements

Perfect Non-interactive Zero-Knowledge for NP
Short Pairing-based Non-interactive Zero-Knowledge Arguments Jens Groth University College London TexPoint fonts used in EMF. Read the TexPoint manual.
Simulation-sound NIZK Proofs for a Practical Language and Constant Size Group Signatures Jens Groth University of California Los Angeles Presenter: Eike.
Short Non-interactive Zero-Knowledge Proofs
On the (Im)Possibility of Arthur-Merlin Witness Hiding Protocols Iftach Haitner, Alon Rosen and Ronen Shaltiel 1.
Lower Bounds for Non-Black-Box Zero Knowledge Boaz Barak (IAS*) Yehuda Lindell (IBM) Salil Vadhan (Harvard) *Work done while in Weizmann Institute. Short.
Strict Polynomial-Time in Simulation and Extraction Boaz Barak & Yehuda Lindell.
Efficient Non-interactive Proof Systems for Bilinear Groups Jens Groth University College London Amit Sahai University of California Los Angeles TexPoint.
On the Amortized Complexity of Zero-Knowledge Proofs Ronald Cramer, CWI Ivan Damgård, Århus University.
PROOF BY CONTRADICTION
Probabilistic Public Key Encryption with Equality Test Duncan S. Wong Department of Computer Science City University of Hong Kong Joint work with Guomin.
Spreading Alerts Quietly and the Subgroup Escape Problem Aleksandr Yampolskiy (Yale) Joint work with James Aspnes, Zoë Diamadi, Kristian Gjøsteen, and.
Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.
1 Identity-Based Zero-Knowledge Jonathan Katz Rafail Ostrovsky Michael Rabin U. Maryland U.C.L.A. Harvard U.
Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Sigma Protocols and (Non-Interactive) Zero Knowledge.
Dominique Unruh Non-interactive zero-knowledge with quantum random oracles Dominique Unruh University of Tartu With Andris Ambainis, Ansis Rosmanis Estonian.
Non-Malleable Hash Functions FORMACRYPT, 2007 Alexandra Boldyreva David Cash Marc Fischlin Bogdan Warinschi.
Efficient Zero-Knowledge Proof Systems Jens Groth University College London FOSAD 2014.
Non-interactive Zaps and New Techniques for NIZK Jens Groth Rafail Ostrovsky Amit Sahai University of California Los Angeles.
A Parallel Repetition Theorem for Any Interactive Argument Iftach Haitner Microsoft Research TexPoint fonts used in EMF. Read the TexPoint manual before.
Ring Signatures of Sub- linear Size without Random Oracles Nishanth Chandran Jens Groth Amit Sahai University of California Los Angeles TexPoint fonts.
1 Zaps and Apps Cynthia Dwork Microsoft Research Moni Naor Weizmann Institute of Science.
Introduction to Modern Cryptography, Lecture 7/6/07 Zero Knowledge and Applications.
Non-interactive and Reusable Non-malleable Commitments Ivan Damgård, BRICS, Aarhus University Jens Groth, Cryptomathic A/S.
Zero Knowledge Proofs. Interactive proof An Interactive Proof System for a language L is a two-party game between a verifier and a prover that interact.
Sub-linear Size Pairing-Based Non-interactive Zero-Knowledge Arguments Jens Groth University College London TexPoint fonts used in EMF. Read the TexPoint.
On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.
PRESENTED BY CHRIS ANDERSON JULY 29, 2009 Using Zero Knowledge Proofs to Validate Electronic Votes.
Slide 1 Vitaly Shmatikov CS 380S Oblivious Transfer and Secure Multi-Party Computation With Malicious Parties.
Quadratic Residuosity and Two Distinct Prime Factor ZK Protocols By Stephen Hall.
Fine-Tuning Groth-Sahai Proofs Alex Escala Scytl Secure Electronic Voting Jens Groth University College London.
Efficient and Robust Private Set Intersection and multiparty multivariate polynomials Dana Dachman-Soled 1, Tal Malkin 1, Mariana Raykova 1, Moti Yung.
On the Communication Complexity of SFE with Long Output Daniel Wichs (Northeastern) joint work with Pavel Hubáček.
New Techniques for NIZK Jens Groth Rafail Ostrovsky Amit Sahai University of California Los Angeles.
Copyright (c) 2012 NTT Secure Platform Labs. Group to Group Commitments Do Not Shrink Masayuki ABE Kristiyan Haralambiev Miyako Ohkubo 1.
Non-interactive quantum zero-knowledge proofs
Based on work with: Sergey Gorbunov and Vinod Vaikuntanathan Homomorphic Commitments & Signatures Daniel Wichs Northeastern University.
Pairing-Based Non-interactive Zero-Knowledge Proofs Jens Groth University College London Based on joint work with Amit Sahai.
Dominique Unruh Quantum Proofs of Knowledge Dominique Unruh University of Tartu Tartu, April 12, 2012.
Verifiable Outsourcing of Computation Ron Rothblum.
Feige-Fiat-Shamir Zero Knowledge Proof Based on difficulty of computing square roots mod a composite n Given two large primes p, q and n=p * q, computing.
On the Size of Pairing-based Non-interactive Arguments
MPC and Verifiable Computation on Committed Data
Linear Algebra with Sub-linear Zero-Knowledge Arguments
Our Current Knowledge of Knowledge Assumptions
Digital Signature Schemes and the Random Oracle Model
Perfect Non-interactive Zero-Knowledge for NP
Verifiable Oblivious Storage
A Generic Approach for Constructing Verifiable Random Functions
Helger Lipmaa University of Tartu, Estonia
cryptographic protocols 2014, lecture 14 Groth-Sahai proofs
Digital Signature Schemes and the Random Oracle Model
Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces
A shuffle argument secure in the generic model
Cryptographic protocols 2016, Lecture 12 Sigma protocols
cryptographic protocols 2014, lecture 12 Getting full zero knowledge
cryptographic protocols 2016, lecture 13 Sigma protocols for DL
cryptographic protocols 2016, lecture 16 Groth-Sahai proofs
Zcash adds privacy to Bitcoin’s decentralization
Fiat-Shamir for Highly Sound Protocols is Instantiable
Post-Quantum Security of Fiat-Shamir
Short Pairing-based Non-interactive Zero-Knowledge Arguments
Leakage-resilient Signatures
Impossibility of SNARGs
Oblivious Transfer.
Proofs of Space 徐昊 2017/5/31.
Jens Groth and Mary Maller University College London
Presentation transcript:

Efficient Non-Interactive Zero Knowledge Arguments for Set Operations Prastudy Fauzi, Helger Lipmaa, Bingsheng Zhang University of Tartu, University of Tartu, University of Athens,

Motivation: Secure Computation E(x1),…,E(xn) E(f(x1,…,xn)) Add NIZK proof pk

Motivation: Secure Computation (2) E(S) E(f(S)) E(T) E(g(T)) Add NIZK proof pk

Proofs for Set Operations

Non-Interactive Zero-Knowledge Proofs E(x1),…,E(xn) Proof of Correctness CompleteSoundZero-Knowledge Proof can be constructed without knowing inputs Contradiction? pk

Common Reference String Model E(x1),…,E(xn) Proof of Correctness pk,sk crs td

Our results CRS lengthProof lengthProver comp.Verifier comp. Θ(|S|)Θ(1)Θ(|S|)Θ(1)

Cryptographic Building Block: Pairings ›Bilinear operation –e(f1+f2,f3) = e(f1,f3) + e(f2,f3) –e(f1,f2+f3) = e(f1,f2) + e(f1,f3) ›With Hardness Assumptions –Given e(f1,f2), it is hard to compute f1 –…–… ›Much wow

Commitments We use a concrete succinct commitment scheme from 2013

Multiset Commitment Too costly!

Multiset Commitment

Main Idea iff Commitments are randomized Proof = a crib E that compensates for randomness Enables to perform verification on commitments

Additional Obstacles ›Soundness: –We use knowledge assumptions ›Guarantee that prover knows committed values –Common in succinct NIZK construction –[Gentry Wichs 2011]: also necessary ›Zero Knowledge: –Simulator needs to create proof for given commitments ›Not created by simulator –We let prover to create new random commitments for all sets ›Add a NIZK proof of correctness –Simulator creates fake commitments ›Uses trapdoor to simulate

Applications

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.