How to construct random functions
Journal of the ACM (JACM)
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Non-interactive zero-knowledge and its applications
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
SIAM Journal on Computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions
SIAM Journal on Computing
Randomness-Efficient Non-Interactive Zero-Knowledge (Extended Abstract)
ICALP '97 Proceedings of the 24th International Colloquium on Automata, Languages and Programming
Unique Signatures and Verifiable Random Functions from the DH-DDH Separation
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof Systems
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Invariant Signatures and Non-Interactive Zero-Knowledge Proofs are Equivalent (Extended Abstract)
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Efficient Construction of (Distributed) Verifiable Random Functions
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
On the (In)security of the Fiat-Shamir Paradigm
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Proceedings of the 11th ACM conference on Computer and communications security
A verifiable random function with short proofs and keys
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Evaluating 2-DNF formulas on ciphertexts
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Weak Verifiable Random Functions
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Verifiable Random Functions from Identity-Based Key Encapsulation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Compact E-Cash and Simulatable VRFs Revisited
Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Sub-linear size traceable ring signatures without random oracles
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Efficiency preserving transformations for concurrent non-malleable zero knowledge
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Constructing verifiable random functions with large input spaces
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Divisible e-cash in the standard model
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Hi-index | 0.00 |
This paper introduces simulatable verifiable random functions (sVRF). VRFs are similar to pseudorandom functions, except that they are also verifiable: corresponding to each seed SK, there is a public key PK, and for y = FPK(x), it is possible to prove that y is indeed the value of the function seeded by SK. A simulatable VRF is a VRF for which this proof can be simulated, so a simulator can pretend that the value of FPK(x) is any y. Our contributions are as follows. We introduce the notion of sVRF. We give two constructions: one from general assumptions (based on NIZK), but inefficient, just as a proof of concept; the other construction is practical and based on a special assumption about composite-order groups with bilinear maps. We then use an sVRF to get a direct transformation from a single-theorem non-interactive zero-knowledge proof system for a language L to a multi-theorem non-interactive proof system for the same language L.