Strictly-Black-Box Zero-Knowledge and Efficient Validation of Financial Transactions

  • Michael O. Rabin
  • Yishay Mansour
  • S. Muthukrishnan
  • Moti Yung
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7391)


Zero Knowledge Proofs (ZKPs) are one of the most striking innovations in theoretical computer science. In practice, the prevalent ZKP methods are, at times, too complicated to be useful for real-life applications. In this paper we present a practically efficient method for ZKPs which has a wide range applications. Specifically, motivated by the need to provide an upon-demand efficient validation of various financial transactions (e.g., the high-volume Internet auctions), we have developed a novel secure and highly efficient method for validating correctness of the output of a transaction while keeping input values secret. The method applies to input values which are publicly committed to by employing generic commitment functions (even input values submitted using tamper-proof hardware solely with input/ output access can be used.) We call these: strictly black box [SBB] commitments. Hence these commitments are typically much faster than public-key ones, and are the only cryptographic/ security tool we give the poly-time players, throughout. The general problem we solve in this work is: Let SLC be a publicly known staight line computation on n input values taken from a finite field and having k output values. The inputs are publicly committed to in a SBB manner. An Evaluator performs the SLC on the inputs and announces the output values. Upon demand the Evaluator, or a Prover acting on his behalf, can present to a Verifier a proof of correctness of the announced output values. This is done in a manner that (1) The input values as well as all intermediate values of the SLC remain information theoretically secret. (2) The probability that the Verifier will accept a false claim of correctness of the output values can be made exponentially small. (3) The Prover can supply any required number of proofs of correctness to multiple Verifiers. (4) The method is highly efficient. The application to financial processes is straight forward. To this end (1) we first use a novel technique for representation of values from a finite field which we call “split representation”, the two coordinates of the split representation are generically committed to; (2) next, the SLC is augmented by the Prover into a ”translation” which is presented to the Verifier as a sequence of generically committed split representations of values; (3) using the translation, the Prover and Verifier conduct a secrecy preserving proof of correctness of the announced SLC output values; (4) in order to exponentially reduce the probability of cheating by the Prover and also to enable multiple proofs, a novel highly efficient method for preparation of any number of committed-to split representations of the n input values is employed. The extreme efficiency of these ZK methods is of decisive importance for large volume applications. Secrecy preserving validation of announced results of Vickrey auctions is our demonstrative example.


Interactive Proof Vickrey Auction Secure Multiparty Computation Generic Commitment Random Representation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abe, M., Suzuki, K.: M+1-st Price Auction Using Homomorphic Encryption. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 115–124. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Brandt, F.: How to obtain full privacy in auctions. Tech. rep., Carnegie Mellon University (2005) (online)Google Scholar
  3. 3.
    Burmaster, M., Magkos, E., Chrissikopoulos, V.: Uncoercible e-bidding games. Electrocronic Commerce Research 4(1-2), 113–125 (2004)CrossRefGoogle Scholar
  4. 4.
    Chen, X., Kim, K., Lee, B.: Receipt-Free Electronic Auction Schemes Using Homomorphic Encryption. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 259–273. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Damgard, I., Jurik, M.: A generalisation, a simplification and some applications of P probabilistic public-key system. In: PKC 2001 (2001)Google Scholar
  6. 6.
    Jurik, M.J.: Extensions to the paillier cryptosystem with applications to cryptological protocols. Ph.D. thesis, University of Arhus (2003)Google Scholar
  7. 7.
    Lipmaa, H., Asokan, N., Niemi, V.: Secure Vickrey Auctions Without Threshold Trust. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 87–101. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–239. Springer, Heidelberg (1999)Google Scholar
  9. 9.
    Rabin, M.O., Servedio, R.A., Thorpe, C.: Highly efficient secrecy-preserving proofs of correctness of computations and applications. In: Proc. IEEE Symposium on Logic in Computer Science (2007)Google Scholar
  10. 10.
    Parkes, D.C., Rabin, M.O., Shieber, S.M., Thorpe, C.A.: Practical secrecy-preserving, verifiably correct and trustworthy auctions. In: Proceedings of the 8th International Conference on Electronic Commerce (ICEC), pp. 70–81 (2006)Google Scholar
  11. 11.
    Thorpe, C., Parkes, D.C.: Cryptographic Combinatorial Securities Exchanges. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 285–304. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T., Krøigaard, M., Nielsen, J.D., Nielsen, J.B., Nielsen, K., Pagter, J., Schwartzbach, M., Toft, T.: Secure Multiparty Computation Goes Live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  13. 13.
    Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof Systems. SIAM Journal on Computing 18(1), 186–208 (1989)MathSciNetzbMATHCrossRefGoogle Scholar
  14. 14.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that Yield Nothing but Their Validity, or all Languages in NP have ZKP systems. Journal of the ACM 38(3), 691–729 (1991)MathSciNetzbMATHCrossRefGoogle Scholar
  15. 15.
    Brickell, E.F., Chaum, D., Damgård, I.B., van de Graaf, J.: Gradual and Verifiable Release of a Secret. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 156–166. Springer, Heidelberg (1988)Google Scholar
  16. 16.
    Camenisch, J.L., Shoup, V.: Practical Verifiable Encryption and Decryption of Discrete Logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Rabin, M.O., Shallit, J.O.: Randomized Algorithms in Number Theory. Comm. Pure and Applied Mathematics 39, 239–256 (1986)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  19. 19.
    Kilian, J.: A note on efficient zero-knowledge proofs and arguments. In: Proceedings of STOC 1992, pp. 723–732 (1992)Google Scholar
  20. 20.
    Brassard, G., Chaum, D., Crepeau, C.: Minimum disclosure proofs of knowledge. Journal of Computer and System Sciences 37, 156–189 (1988)MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Michael O. Rabin
    • 1
    • 2
  • Yishay Mansour
    • 3
  • S. Muthukrishnan
    • 4
  • Moti Yung
    • 5
  1. 1.Harvard UniversityUSA
  2. 2.Hebrew UniversityIsrael
  3. 3.Tel-Aviv UniversityIsrael
  4. 4.Google Inc. and Rutgers UniversityUSA
  5. 5.Google Inc. and Columbia UniversityUSA

Personalised recommendations