The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Journal of the ACM (JACM)
Resettable zero-knowledge (extended abstract)
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
SIAM Journal on Computing
Black-Box Concurrent Zero-Knowledge Requires (Almost) Logarithmically Many Rounds
SIAM Journal on Computing
Soundness in the Public-Key Model
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Zero Knowledge Proofs of Knowledge in Two Rounds
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
New and Improved Constructions of Nonmalleable Cryptographic Protocols
SIAM Journal on Computing
Concurrent zero knowledge in the public-key model
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Interactive zero-knowledge with restricted random oracles
TCC'06 Proceedings of the Third conference on Theory of Cryptography
On round-optimal zero knowledge in the bare public-key model
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
| Hi-index | 0.00 |
Knowledge extraction is a fundamental notion, modeling machine possession of values (witnesses) in a computational complexity sense and enabling one to argue about the internal state of a party in a protocol without probing its internal secret state. However, when transactions are concurrent (e.g., over the Internet) with players possessing public-keys (as is common in cryptography), assuring that entities "know" what they claim to know, where adversaries may be well coordinated across different transactions, turns out to be much more subtle and in need of re-examination. Here, we investigate how to formally treat knowledge possession by parties (with registered public-keys) interacting over the Internet. Stated more technically, we look into the relative power of the notion of "concurrent knowledge-extraction" (CKE) in the concurrent zero-knowledge (CZK) bare public-key (BPK) model where statements being proven can be dynamically and adaptively chosen by the prover. We show the potential vulnerability of man-in-the-middle (MIM) attacks turn out to be a real security threat to existing natural protocols running concurrently in the public-key model, which motivates us to introduce and formalize the notion of CKE, alone with clarifications of various subtleties. Then, both generic (based on standard polynomial assumptions), and efficient (employing complexity leveraging in a novel way) implementations for NP are presented for constant-round (in particular, round-optimal) concurrently knowledge-extractable concurrent zeroknowledge (CZK-CKE) arguments in the BPK model. The efficient implementation can be further practically instantiated for specific number-theoretic language.