SIAM Journal on Computing
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Invariant Signatures and Non-Interactive Zero-Knowledge Proofs are Equivalent (Extended Abstract)
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Independent zero-knowledge sets
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Updatable zero-knowledge databases
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Mercurial commitments with applications to zero-knowledge sets
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Security analysis of the strong diffie-hellman problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Mercurial commitments: minimal assumptions and efficient constructions
TCC'06 Proceedings of the Third conference on Theory of Cryptography
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
BLAC: Revoking Repeatedly Misbehaving Anonymous Users without Relying on TTPs
ACM Transactions on Information and System Security (TISSEC)
A new efficient construction for non-malleable zero-knowledge sets
WISA'10 Proceedings of the 11th international conference on Information security applications
Concise mercurial vector commitments and independent zero-knowledge sets with short proofs
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Universally composable zero-knowledge sets
International Journal of Grid and Utility Computing
Batch proofs of partial knowledge
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Providing a data location assurance service for cloud storage environments
Journal of Mobile Multimedia
Hi-index | 0.01 |
Zero Knowledge Sets, introduced by Micali, Rabin and Kilian in [17], allow a prover to commit to a secret set S in a way such that it can later prove, non interactively, statements of the form x ∈ S (or x ∉ S), without revealing any further information (on top of what explicitly revealed by the inclusion/exclusion statements above) on S, not even its size. Later, Chase et al. [5] abstracted away the Micali, Rabin and Kilian's construction by introducing an elegant new variant of commitments that they called (trapdoor) mercurial commitments. Using this primitive, it was shown in [5,4] how to construct zero knowledge sets from a variety of assumptions (both general and number theoretic). In this paper we introduce the notion of trapdoor q-mercurial commitments (qTMCs), a notion of mercurial commitment that allows the sender to commit to an ordered sequence of exactly q messages, rather than to a single one. Following [17,5] we show how to construct ZKS from qTMCs and collision resistant hash functions. Then, we present an efficient realization of qTMCs that is secure under the so called Strong Diffie Hellman assumption, a number theoretic conjecture recently introduced by Boneh and Boyen in [3]. Using our scheme as basic building block, we obtain a construction of ZKS that allows for proofs that are much shorter with respect to the best previously known implementations. In particular, for an appropriate choice of the parameters, our proofs are up to 33% shorter for the case of proofs of membership, and up to 73% shorter for the case of proofs of non membership.