Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Simulatable Adaptive Oblivious Transfer
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A signature scheme with efficient protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Efficient proofs of knowledge of discrete logarithms and representations in groups with hidden order
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
A verifiable random function with short proofs and keys
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Non-interactive zero-knowledge arguments for voting
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
k-times anonymous authentication with a constant proving cost
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Security analysis of the strong diffie-hellman problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Efficient Non-interactive Range Proof
COCOON '09 Proceedings of the 15th Annual International Conference on Computing and Combinatorics
Compact E-Cash and Simulatable VRFs Revisited
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Universally Composable Adaptive Priced Oblivious Transfer
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
On e-vote integrity in the case of malicious voter computers
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
On server trust in private proxy auctions
Electronic Commerce Research
Efficiency improvement of homomorphic e-auction
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Additive combinatorics and discrete logarithm based range protocols
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
ZKPDL: a language-based system for efficient zero-knowledge proofs and electronic cash
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
A general, flexible and efficient proof of inclusion and exclusion
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Practical adaptive oblivious transfer from simple assumptions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Two-output secure computation with malicious adversaries
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Secure authenticated comparisons
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
PEREA: Practical TTP-free revocation of repeatedly misbehaving anonymous users
ACM Transactions on Information and System Security (TISSEC)
Towards ensuring client-side computational integrity
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Unlinkable priced oblivious transfer with rechargeable wallets
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Batch range proof for practical small ranges
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Optimistic fair priced oblivious transfer
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Efficient zero-knowledge arguments from two-tiered homomorphic commitments
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Mutual private set intersection with linear complexity
WISA'11 Proceedings of the 12th international conference on Information Security Applications
A secure and efficient proof of integer in an interval range
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Block-wise p-signatures and non-interactive anonymous credentials with efficient attributes
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Scalable group signatures with revocation
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Private client-side profiling with random forests and hidden markov models
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
A general, flexible and efficient proof of inclusion and exclusion
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
PERM: practical reputation-based blacklisting without TTPS
Proceedings of the 2012 ACM conference on Computer and communications security
Efficient structure-preserving signature scheme from standard assumptions
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
A new hash-and-sign approach and structure-preserving signatures from DLIN
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Efficient proofs for CNF formulas on attributes in pairing-based anonymous credential system
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Verifiable auctions for online ad exchanges
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
A more efficient computationally sound non-interactive zero-knowledge shuffle argument
Journal of Computer Security - Advances in Security for Communication Networks
| Hi-index | 0.00 |
We consider the following problem: Given a commitment to a valueσ , prove in zero-knowledge that σ belongs to some discrete set φ . The set φ can perhaps be a list of cities or clubs; often φ canbe a numerical range such as [1,220]. This problemarises in e-cash systems, anonymous credential systems, and variousother practical uses of zero-knowledge protocols. When using commitment schemes relying on RSA-like assumptions,there are solutions to this problem which require only a constantnumber of RSA-group elements to be exchanged between the prover andverifier [5, 15, 16]. However, for many commitment schemes based onbilinear group assumptions, these techniques do not work, and thebest known protocols require O (k ) group elementsto be exchanged where k is a security parameter. In this paper, we present two new approaches to buildingset-membership proofs. The first is based on bilinear groupassumptions. When applied to the case where φ is arange of integers, our protocols require $O(\frac{k}{\log k -\log\log k})$ group elements to be exchanged. Not only is thisresult asymptotically better, but the constants are small enough toprovide significant improvements even for small ranges. Indeed, fora discrete logarithm based setting, our new protocol is an order ofmagnitude more efficient than previously known ones. We also discuss alternative implementations of our membershipproof based on the strong RSA assumption. Depending on theapplication, e.g., when φ is a published set of valuessuch a frequent flyer clubs, cities, or other ad hoc collections,these alternative also outperform prior solutions.