Composability and On-Line Deniability of Authentication
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
On the (Im)Possibility of Arthur-Merlin Witness Hiding Protocols
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Weak Verifiable Random Functions
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Relaxed security notions for signatures of knowledge
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Dwork-Naor ZAP and its application in deniable authentication, revisited
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Round optimal blind signatures
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Non-interactive opening for ciphertexts encrypted by shared keys
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Fair partially blind signatures
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Round-Optimal privacy-preserving protocols with smooth projective hash functions
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Journal of Network and Computer Applications
On the impossibility of approximate obfuscation and applications to resettable cryptography
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Hi-index | 0.00 |
A zap is a 2-round, public coin witness-indistinguishable protocol in which the first round, consisting of a message from the verifier to the prover, can be fixed “once and for all” and applied to any instance. We present a zap for every language in NP, based on the existence of noninteractive zero-knowledge proofs in the shared random string model. The zap is in the standard model and hence requires no common guaranteed random string. We present several applications for zaps, including 3-round concurrent zero-knowledge and 2-round concurrent deniable authentication, in the timing model of Dwork, Naor, and Sahai [J. ACM, 51 (2004), pp. 851-898], using moderately hard functions. We also characterize the existence of zaps in terms of a primitive called verifiable pseudorandom bit generators.