How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Zero-knowledge proofs of identity
Journal of Cryptology
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Proceedings of the 4th ACM conference on Computer and communications security
Signature schemes based on the strong RSA assumption
ACM Transactions on Information and System Security (TISSEC)
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
RSA-Based Undeniable Signatures
Journal of Cryptology
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Proving in zero-knowledge that a number is the product of two safe primes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On fair e-cash systems based on group signature schemes
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Fair E-Cash: Be Compact, Spend Faster
ISC '09 Proceedings of the 12th International Conference on Information Security
Anonymity in transferable e-cash
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Anonymous credentials from (indexed) aggregate signatures
Proceedings of the 7th ACM workshop on Digital identity management
Multiple denominations in e-cash with compact transaction data
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Hi-index | 0.00 |
Since 1985 and their introduction by Goldwasser, Micali and Rackoff, followed in 1988 by Feige, Fiat and Shamir, zero-knowledge proofs of knowledge have become a central tool in modern cryptography. Many articles use them as building blocks to construct more complex protocols, for which security is often hard to prove. The aim of this paper is to simplify analysis of many of these protocols, by providing the cryptographers with a theorem which will save them from stating explicit security proofs. Kiayias, Tsiounis and Yung made a first step in this direction at Eurocrypt'04, but they only addressed the case of so-called "triangular set of discrete-log relations". By generalizing their result to any set of discrete-log relations, we greatly extend the range of protocols it can be applied to.