This paper proposes a bit commitment scheme, BC(·), and efficient statistical zero knowledge (in short, SZK) protocols in which, for any given multi-variable polynomial f(X 1,..,X t) and any given modulus n, prover P gives (I 1,..,I t) to verifier V and can convince V that V knows (x 1,..,x t) satisfying f(x 1,..,x t) = 0 (mod n) and I i = BC(x i), (i = l,..,t). The proposed protocols are O(n) times more efficient than the corresponding previous ones [Dam93, Dam95, Oka95]. The (knowledge) soundness of our protocols holds under a computational assumption, the intractability of a modified RSA problem (see Def.3), while the (statistical) zero-knowledgeness of the protocols needs no computational assumption. The protocols can be employed to construct various practical cryptographic protocols, such as fair exchange, untraceable electronic cash and verifiable secret snaring protocols.
- Success Probability
- Secret Sharing
- Cryptographic Protocol
- Commitment Scheme
- Basic Protocol
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
G.Brassard, D.Chaum, and C.Crépeau, “Minimum Disclosure Proofs of Knowledge,” Journal of Computer and System Sciences, Vol.37, pp.156–189 (1988)
Bellare, M. and Goldreich, O., “On Defining Proofs of Knowledge”, Proceedings of Crypto 92, pp.390–420 (1992).
Brands, S., “Restrictive Blinding of Secret-Key Certificates”, Proceedings of Eurocrypt 95, pp.231–247 (1995).
Cramer, R., Damgård, I. and Schoenmakers, B., “Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols”, Proc. of Crypto'94, LNCS, Springer, pp.174–187 (1994)
Chor, B., Goldwasser, S., Micali, S. and Awerbuch, B., “Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults”, Proc. of FOCS, pp.383–395 (1985).
Damgård, I., “Practical and Provably Secure Release of a Secret and Exchange of Signatures,” Proceedings of Eurocrypt 93 (1993).
Damgård, I., “Practical and Provably Secure Release of a Secret and Exchange of Signatures,” vol. 8 pp.201–222, Journal of CRYPTOLOGY(1995).
U.Feige, A.Fiat and A.Shamir, “Zero Knowledge Proofs of Identity,” Journal of Cryptology, Vol. 1, pp.77–94 (1988).
U.Feige, and A.Shamir, “Witness Indistinguishable and Witness Hiding Protocols,” Proc. of STOC90.
Goldwasser, S., Micali, S., and Rackoff, C., “The knowledge complexity of interactive proof systems”, SIAM J. Comput., vol.18, pp.186–208 (1989).
O.Goldreich, S.Micali, and A.Wigderson, “Proofs that Yield Nothing But their Validity and a Methodology of Cryptographic Protocol Design,” Proc. FOCS, pp.174–187 (1986)
Miller, G.L., “Riemann's Hypothesis and Tests for Primality”, Journal of Computer and System Sciences 13, 300–317 (1976).
Okamoto, T., “An Efficient Divisible Electronic Cash Scheme”, Proceedings of Crypto 95, pp.438–451 (1995).
Pedersen, T. P., “Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing”, Proceedings of Crypto 91, pp. 129–140 (1992).
Stadler, M., “Publicly Verifiable Secret Sharing”, Proc. of Eurocrypt'96, LNCS 1070, Springer, pp.190–199 (1996)
Tompa, M., and Woll, H., “Random Self-Reducibility and Zero-Knowledge Interactive-Proofs of Possession of Information”, Proc. FOCS, pp 472–482 (1987).
Editors and Affiliations
© 1997 Springer-Verlag
About this paper
Cite this paper
Fujisaki, E., Okamoto, T. (1997). Statistical zero knowledge protocols to prove modular polynomial relations. In: Kaliski, B.S. (eds) Advances in Cryptology — CRYPTO '97. CRYPTO 1997. Lecture Notes in Computer Science, vol 1294. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0052225
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63384-6
Online ISBN: 978-3-540-69528-8
eBook Packages: Springer Book Archive