Advertisement

Journal of Computer Science and Technology

, Volume 23, Issue 2, pp 166–175 | Cite as

Algebraic Construction for Zero-Knowledge Sets

  • Rui XueEmail author
  • Ning-Hui Li
  • Jiang-Tao Li
Regular Paper

Abstract

Zero knowledge sets is a new cryptographic primitive introduced by Micali, Rabin, and Kilian in FOCS 2003. It has been intensively studied recently. However all the existing ZKS schemes follow the basic structure by Micali et al. That is, the schemes employ the Merkle tree as a basic structure and mercurial commitments as the commitment units to nodes of the tree. The proof for any query consists of an authentication chain. We propose in this paper a new algebraic scheme that is completely different from all the existing schemes. Our new scheme is computationally secure under the standard strong RSA assumption. Neither mercurial commitments nor tree structure is used in the new construction. In fact, the prover in our construction commits the desired set without any trapdoor information, which is another key important difference from the previous approaches.

Keywords

zero knowledge set Merkle tree accumulator strong RSA assumption random oracle 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Supplementary material

11390_2008_Article_9119_ESM.pdf (82 kb)
(PDF 81.8 kb)

References

  1. [1]
    Micali S, Rabin M, Kilian J. Zero-knowledge sets. In Proc. the 44th Annual IEEE Symposium on Foundations of Computer Science (FOCS), Cambridge, MA, USA, 2003, p. 80.Google Scholar
  2. [2]
    Merkle R C. A certified digital signature. In Proc. Advances in Cryptology—CRYPTO’89, Brassard G (ed.), Santa Barbara, California, United States, Lecture Notes in Computer Science, Vol. 435, Springer-Verlag, 1990, 20–24 Aug., 1989, pp.218–238.Google Scholar
  3. [3]
    Pedersen T P. Non-interactive and information-theoretic secure verifiable secret sharing. In Proc. Advances in Cryptology — CRYPTO’91, Santa Barbara, California, USA, 1992, pp.129–140.Google Scholar
  4. [4]
    Chase M, Healy A, Lysyanskaya A, Malkin T, Reyzin L. Mercurial commitments with applications to zero-knowledge sets. In Proc. Advances in Cryptology - EUROCRYPT’05, Aarhus, Denmark, 2005, pp.422–439.Google Scholar
  5. [5]
    Liskov M. Updatable zero-knowledge databases. In Proc. Advances in Cryptology — ASIACRYPT’05, Chennai, India, 2005, pp.174–198.CrossRefGoogle Scholar
  6. [6]
    Ostrovsky R, Rackoff C, Smith A. Efficient consistency proofs for generalized queries on a committed database. In Proc ICALP, Turku, Finland, 2004, pp.1041–1053.Google Scholar
  7. [7]
    Catalano D, Dodis Y, Visconti I. Mercurial commitments: Minimal assumptions and efficient constructions. In Proc. Theory of Cryptography — TCC’06, Lecture Notes in Computer Science, Vol. 3876, New York, Springer-Verlag, 2006, pp.120–144.Google Scholar
  8. [8]
    Gennaro R, Micali S. Independent zero-knowledge sets. In Proc. ICALP (2), Venice, Italy, 2006, pp.34–45.Google Scholar
  9. [9]
    Benaloh J C, de Mare M. One-way accumulators: A decentralized alternative to digital signatures. In Proc. Advances in Cryptology — EUROCRYPT’93, Lofthus, Norway, 1994, pp.274–285.Google Scholar
  10. [10]
    Barić N, Pfitzmann B. Collision-free accumulators and failstop signature schemes without trees. In Proc. Advances in Cryptology — EUROCRYPT’97, Konstanz, Germany, 1997, pp.480–494.Google Scholar
  11. [11]
    Camenisch J, Lysyanskaya A. Dynamic accumulators and application to efficient revocation of anonymous credentials. In Advances in Cryptology — CRYPTO’02, Santa Barbara, California, USA, 2002, pp.61–76.Google Scholar
  12. [12]
    Goodrich M T, Tamassia R, Hasic J. An efficient dynamic and distributed cryptographic accumulator. In Proc. the 5th International Conference on Information Security, London, UK, 2002, pp.372–388.Google Scholar
  13. [13]
    Li J T, Li N H, Xue R. Universal accumulators with efficient nonmembership proofs. In Proc. Cryptography and Network Security (ACNS07), Lecture Notes in Computer Science, Vol. 4521, Zhuhai, China, Springer-Verlag, 2007, pp.253–269.Google Scholar
  14. [14]
    Prabhakaran M, Xue R. Statistically Hiding Sets. Submitted to ICALP 2008, 2007.Google Scholar
  15. [15]
    Camenisch J, Stadler M. Efficient group signature schemes for large groups. In Proc. Advances in Cryptology — CRYPTO’97, Santa Barbara, California, USA, 1997, pp.410–424.Google Scholar
  16. [16]
    Gennaro R, Halevi S, Rabin T. Secure hash-and-sign signatures without the random oracle. In Proc. Advances in Cryptology — EUROCRYPT’99, Prague, Czech Republic, 1999, pp.123–139.Google Scholar
  17. [17]
    Fujisaki E, Okamoto T. Statistical zero knowledge protocols to prove modular polynomial relations. In Proc. Advances in Cryptology — CRYPTO’97, Santa Barbara, California, Aug. 1997, pp.16–30.Google Scholar
  18. [18]
    Cramer R, Shoup V. Signature schemes based on the strong RSA assumption. In Proc. the 6th ACM Conference on Computer and Communications Security (CCS), Singapore, Nov. 1999, pp.46–51.Google Scholar
  19. [19]
    Shamir A. On the generation of cryptographically strong pseudorandom sequences. ACM Transactions on Computer Systems, 1983 1(1): 38.CrossRefMathSciNetGoogle Scholar
  20. [20]
    Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In Proc. ACM Conference on Computer and Communications Security, Alexandria, VA, USA, 1993, pp.62–73.Google Scholar
  21. [21]
    Fiat A, Shamir A. How to prove yourself: Practical solutions to identification and signature problems. In Proc. Advances in Cryptology — CRYPTO’86, Santa Barbara, California, USA, 1987, pp.186–194.Google Scholar
  22. [22]
    Santis A D, Micali S, Persiano G. Non-interactive zero-knowledge proof systems. In Proc. RYPTO’87, Pomerance C (ed.), Santa Barbara, California, United States, Lecture Notes in Computer Science, Springer-Verlag, 1988, Vol. 293, pp.52–72.Google Scholar
  23. [23]
    Algesheimer J, Camenisch J, Shoup V. Efficient computation modulo a shared secret with application to the generation of shared safe-prime products. In Proc. Advances in Cryptology — CRYPTO’02, Santa Barbara, California, USA, 2002, pp.417–432.Google Scholar
  24. [24]
    Sander T. Efficient accumulators without trapdoor extended abstracts. In Proc. ICICS, Sydney, Australia, Varadharajan V, Mu Y (eds.), Lecture Notes in Computer Science, Vol. 1726, Springer, 1999, pp.252–262.Google Scholar
  25. [25]
    Chaum C, Evertse J H, van de Graaf J, Peralta R. Demonstrating possession of a discrete logarithm without revealing it. In Proc. Advances in Cryptology — CRYPTO’86, Santa Barbara, California, USA, 1987, pp.200–212.Google Scholar
  26. [26]
    Schnorr C P. Efficient signature generation by smart cards, Journal of Cryptology, 1991, 4: 161–174.zbMATHCrossRefGoogle Scholar
  27. [27]
    Feige U, Fiat A, Shamir A. Zero knowledge proofs of identity. Journal of Cryptology, 1988, 1(2): 77–94.zbMATHCrossRefMathSciNetGoogle Scholar
  28. [28]
    Granville A. Harold Cramér and the distribution of prime numbers. Scandanavian Actuarial Journal, 1995, 1: 12–28.MathSciNetGoogle Scholar
  29. [29]
    Shoup V. Practical threshold signatures. In Proc. Advances in Cryptology — EUROCRYPT’00, Bruges, Belgium, 2000, pp.207–220.Google Scholar

Copyright information

© Science Press, Beijing, China and Springer Science + Business Media, LLC, USA 2008

Authors and Affiliations

  1. 1.The State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingChina
  2. 2.Department of Computer SciencePurdue UniversityWest LafayetteU.S.A.
  3. 3.Software and Solutions GroupIntel CorporationHillsboroU.S.A.

Personalised recommendations