Complex Zero-Knowledge Proofs of Knowledge Are Easy to Use
- Cite this paper as:
- Canard S., Coisel I., Traoré J. (2007) Complex Zero-Knowledge Proofs of Knowledge Are Easy to Use. In: Susilo W., Liu J.K., Mu Y. (eds) Provable Security. ProvSec 2007. Lecture Notes in Computer Science, vol 4784. Springer, Berlin, Heidelberg
Since 1985 and their introduction by Goldwasser, Micali and Rackoff, followed in 1988 by Feige, Fiat and Shamir, zero-knowledge proofs of knowledge have become a central tool in modern cryptography. Many articles use them as building blocks to construct more complex protocols, for which security is often hard to prove. The aim of this paper is to simplify analysis of many of these protocols, by providing the cryptographers with a theorem which will save them from stating explicit security proofs. Kiayias, Tsiounis and Yung made a first step in this direction at Eurocrypt’04, but they only addressed the case of so-called “triangular set of discrete-log relations”. By generalizing their result to any set of discrete-log relations, we greatly extend the range of protocols it can be applied to.
Unable to display preview. Download preview PDF.