A certifying compiler for zero-knowledge proofs of knowledge based on Σ-protocols

Authors:
José Bacelar Almeida;Endre Bangerter;Manuel Barbosa;Stephan Krenn;Ahmad-Reza Sadeghi;Thomas Schneider
Affiliations:
Universidade do Minho, Portugal;Bern University of Applied Sciences, Biel-Bienne, Switzerland;Universidade do Minho, Portugal;Bern University of Applied Sciences, Biel-Bienne, Switzerland, and, University of Fribourg, Switzerland;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany
Venue:
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Year:
2010

Citing 39
Cited 10

How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
Untraceable off-line cash in wallet with observers

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
How to share a secret

Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
Design and implementation of the idemix anonymous credential system

Proceedings of the 9th ACM conference on Computer and communications security
A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proofs of Knowledge for Non-monotone Discrete-Log Formulae and Applications

ISC '02 Proceedings of the 5th International Conference on Information Security
On Defining Proofs of Knowledge

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Automatic generation of two-party computations

Proceedings of the 10th ACM conference on Computer and communications security
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
A Computationally Sound Mechanized Prover for Security Protocols

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Fairplay—a secure two-party computation system

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Computational Soundness of Symbolic Zero-Knowledge Proofs Against Active Attackers

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Implementing Two-Party Computation Efficiently with Security Against Malicious Adversaries

SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Verified interoperable implementations of security protocols

ACM Transactions on Programming Languages and Systems (TOPLAS)
Type-checking zero-knowledge

Proceedings of the 15th ACM conference on Computer and communications security
Cryptographically verified implementations for TLS

Proceedings of the 15th ACM conference on Computer and communications security
Formal certification of code-based cryptographic proofs

Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Asynchronous Multiparty Computation: Theory and Implementation

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Privacy-preserving similarity evaluation and application to remote biometrics authentication

Soft Computing - A Fusion of Foundations, Methodologies and Applications - Special Issue on Soft Computing in Decision Modeling; Guest Editors: Vicenc Torra, Yasuo Narukawa
Rapid demonstration of linear relations connected by boolean operators

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Proving in zero-knowledge that a number is the product of two safe primes

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Isabelle/HOL: a proof assistant for higher-order logic

Isabelle/HOL: a proof assistant for higher-order logic
A Machine-Checked Formalization of Sigma-Protocols

CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Automatic generation of sigma-protocols

EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
ZKPDL: a language-based system for efficient zero-knowledge proofs and electronic cash

USENIX Security'10 Proceedings of the 19th USENIX conference on Security
A dolev-yao model for zero knowledge

ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Cryptographic protocol analysis on real c code

VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Efficient proofs of knowledge of discrete logarithms and representations in groups with hidden order

PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Cryptanalysis of an efficient proof of knowledge of discrete logarithm

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography

ZKPDL: a language-based system for efficient zero-knowledge proofs and electronic cash

USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Verified indifferentiable hashing into elliptic curves

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Private client-side profiling with random forests and hidden markov models

PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Machine-generated algorithms, proofs and software for the batch verification of digital signature schemes

Proceedings of the 2012 ACM conference on Computer and communications security
Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols

Proceedings of the 2012 ACM conference on Computer and communications security
Expression rewriting for optimizing secure computation

Proceedings of the third ACM conference on Data and application security and privacy
JavaSPI: A Framework for Security Protocol Implementation

International Journal of Secure Software Engineering
Using SMT solvers to automate design tasks for encryption and signature schemes

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
PCF: a portable circuit format for scalable two-party secure computation

SEC'13 Proceedings of the 22nd USENIX conference on Security
Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementations

Journal of Computer Security - Foundational Aspects of Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Zero-knowledge proofs of knowledge (ZK-PoK) are important building blocks for numerous cryptographic applications. Although ZK-PoK have a high potential impact, their real world deployment is typically hindered by their significant complexity compared to other (non-interactive) crypto primitives. Moreover, their design and implementation are time-consuming and error-prone. We contribute to overcoming these challenges as follows: We present a comprehensive specification language and a compiler for ZK-PoK protocols based on Σ-protocols. The compiler allows the fully automatic translation of an abstract description of a proof goal into an executable implementation. Moreover, the compiler overcomes various restrictions of previous approaches, e.g., it supports the important class of exponentiation homomorphisms with hidden-order co-domain, needed for privacy-preserving applications such as DAA. Finally, our compiler is certifying, in the sense that it automatically produces a formal proof of the soundness of the compiled protocol for a large class of protocols using the Isabelle/HOL theorem prover.