Demonstrating Possession of a Discrete Logarithm Without Revealing it

  • David Chaum
  • Jan-Hendrik Evertse
  • Jeroen van de Graaf
  • René Peralta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 263)


Techniques are presented that allow A to convince B that she knows a solution to the Discrete Log Problem—i.e. that she knows an x such that α xβ (mod N) holds—without revealing anything about x to B. Protocols are given both for N prime and for N composite. We prove these protocols secure under a formal model which is of interest in its own right. We also show how A can convince B that two elements α and β generate the same subgroup in Z*N without revealing how to express either as a power of the other.


Polynomial Time Joint Probability Distribution Coin Flipping Probabilistic Polynomial Time Composite Number 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [BKP85]
    R. Berger, S. Kannan, and R. Peralta, “A Framework for the Study of Cryptographic Protocols,” Proceedings of Crypto 85, (1985).Google Scholar
  2. [Bl82]
    M. Blum, “Coin Flipping by Telephone,” Proc. IEEE COMPCON, pp. 133–137 (1982).Google Scholar
  3. [BrCr86]
    G. Brassard, and C. Crépeau, “Zero-Knowledge Simulation of Boolean Circuits,” Presented at Crypto 86, (August 1986).Google Scholar
  4. [Ch86]
    D. Chaum, “Demonstrating that a Public Predicate can be Satisfied Without Revealing Any Information About How,” Presented at Crypto 86, (August 1986).Google Scholar
  5. [DiHe76]
    W. Diffie, and M. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information TheoryIT 22, pp. 644–654 (1976).CrossRefMathSciNetGoogle Scholar
  6. [GMR85]
    S. Goldwasser, S. Micali, and C. Rackoff, “The Knowledge Complexity of Interactive Proof Systems,” 17th STOC (1985).Google Scholar
  7. [GMW86]
    O. Goldreich, S. Micali, and A. Wigderson, “How to Prove all NP-statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design,” Presented at Crypto 86, (August 1986).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1987

Authors and Affiliations

  • David Chaum
    • 2
  • Jan-Hendrik Evertse
    • 1
  • Jeroen van de Graaf
    • 2
  • René Peralta
    • 1
  1. 1.Centre for Mathematics and Computer ScienceAmsterdamThe Netherlands
  2. 2.Facultad de MatemáticasUniversidad Católica de ChileSantiagoChile

Personalised recommendations