Independent Zero-Knowledge Sets

  • Rosario Gennaro
  • Silvio Micali
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4052)


We define and construct Independent Zero-Knowledge Sets (ZKS) protocols. In a ZKS protocols, a Prover commits to a set S, and for any x, proves non-interactively to a Verifier if xS or xS without revealing any other information about S. In the independent ZKS protocols we introduce, the adversary is prevented from successfully correlate her set to the one of a honest prover. Our notion of independence in particular implies that the resulting ZKS protocol is non-malleable.

On the way to this result we define the notion of independence for commitment schemes. It is shown that this notion implies non-malleability, and we argue that this new notion has the potential to simplify the design and security proof of non-malleable commitment schemes.

Efficient implementations of ZKS protocols are based on the notion of mercurial commitments. Our efficient constructions of independent ZKS protocols requires the design of new commitment schemes that are simultaneously independent (and thus non-malleable) and mercurial.


Signature Scheme Commitment Scheme Honest Party Strong Independence Springer LNCS 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Boyar, J., Kurtz, S.A., Krentel, M.W.: A Discrete Logarithm Implementation of Perfect Zero-Knowledge Blobs. J. Cryptology 2(2), 63–76 (1990)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Pfitzmann, B., Barić, N.: Collision-Free Accumulators and Fail-Stop Signature Schemes without Trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    Boneh, D., Boyen, X.: Short Signatures Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Canetti, R., Fischlin, M.: Universally Composable Commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Catalano, D., Dodis, Y., Visconti, I.: Mercurial Commitments: Minimal Assumptions and Efficient Constructions. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 120–144. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Cramer, R.J.F., Damgård, I.B.: New Generation of Secure and Practical RSA-Based Signatures. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 173–185. Springer, Heidelberg (1996)Google Scholar
  7. 7.
    Damgård, I., Groth, J.: Non-interactive and reusable non-malleable commitment schemes. In: STOC 2003, pp. 426–437 (2003)Google Scholar
  8. 8.
    Di Crescenzo, G., Ishai, Y., Ostrovsky, R.: Non-Interactive and Non-Malleable Commitment. In: STOC, pp. 141–150 (1998)Google Scholar
  9. 9.
    Di Crescenzo, G., Ostrovsky, R., Katz, J., Smith, A.: Efficient and Non-interactive Non-malleable Commitment. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Dolev, D., Dwork, C., Naor, M.: Non-malleable Cryptography. SIAM J. Comp. 30(2), 391–437 (2000)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Dwork, C., Naor, M., Reingold, O., Stockmeyer, L.: Magic Functions. In: FOCS (1999)Google Scholar
  12. 12.
    Gennaro, R.: Multi-trapdoor Commitments and Their Applications to Proofs of Knowledge Secure Under Concurrent Man-in-the-Middle Attacks. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 220–236. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof Systems. SIAM J. Comput. 18(1), 186–208 (1989)MATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Malkin, T.G., Reyzin, L., Lysyanskaya, A., Chase, M., Healy, A.: Mercurial Commitments with Applications to Zero-Knowledge Sets. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 422–439. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  15. 15.
    MacKenzie, P.D., Yang, K.: On Simulation-Sound Trapdoor Commitments. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 382–400. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Merkle, R.C.: A Digital Signature Based on a Conventional Encryption Function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988)Google Scholar
  17. 17.
    Micali, S., Rabin, M.O., Kilian, J.: Zero-Knowledge Sets. In: FOCS 2003, pp. 80–91 (2003)Google Scholar
  18. 18.
    Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  19. 19.
    Rackoff, C., Ostrovsky, R., Smith, A.: Efficient Consistency Proofs for Generalized Queries on a Committed Database. In: Díaz, J., Karhumäki, J., Lepistö, A., Sannella, D. (eds.) ICALP 2004. LNCS, vol. 3142, pp. 1041–1053. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  20. 20.
    Rivest, R., Shamir, A., Adelman, L.: A Method for Obtaining Digital Signature and Public Key Cryptosystems. Comm. of ACM 21, 120–126 (1978)MATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Rosario Gennaro
    • 1
  • Silvio Micali
    • 2
  1. 1.IBM T.J.Watson Research CenterYorktown HeightsUSA
  2. 2.MIT CSAILCambridgeUSA

Personalised recommendations