Communication-efficient non-interactive proofs of knowledge with online extractors

Authors:
Marc Fischlin
Affiliations:
Institute for Theoretical Computer Science, ETH Zürich, Switzerland
Venue:
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Year:
2005

Citing 18
Cited 20

How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
On the Exact Security of Full Domain Hash

CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
A Digital Signature Based on a Conventional Encryption Function

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Wallet Databases with Observers

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Optimal Security Proofs for PSS and Other Signature Schemes

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
On the Performance of Signature Schemes Based on Elliptic Curves

ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme

CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
On the (In)security of the Fiat-Shamir Paradigm

FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Efficiency improvements for signature schemes with tight security reductions

Proceedings of the 10th ACM conference on Computer and communications security
Zero-knowledge proofs of knowledge without interaction

SFCS '92 Proceedings of the 33rd Annual Symposium on Foundations of Computer Science
On monotone formula closure of SZK

SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
A signature scheme as secure as the Diffie-Hellman problem

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques

Multi-signatures in the plain public-Key model and a general forking lemma

Proceedings of the 13th ACM conference on Computer and communications security
The Power of Proofs-of-Possession: Securing Multiparty Signatures against Rogue-Key Attacks

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
A Discrete-Logarithm Based Non-interactive Non-malleable Commitment Scheme with an Online Knowledge Extractor

Information Security and Cryptology
Unlinkable Randomizable Signature and Its Application in Group Signature

Information Security and Cryptology
Multisignatures Using Proofs of Secret Key Possession, as Secure as the Diffie-Hellman Problem

SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Multisignatures secure under the discrete logarithm assumption and a generalized forking lemma

Proceedings of the 15th ACM conference on Computer and communications security
An Identification Scheme with Tight Reduction

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Traceable Ring Signature

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Zero Knowledge in the Random Oracle Model, Revisited

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Traceable ring signature

PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Construction of threshold (hybrid) encryption in the random oracle model: how to construct secure threshold tag-KEM from weakly secure threshold KEM

ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Miniature CCA2 PK encryption: tight security without redundancy

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Incrementally verifiable computation or proofs of knowledge imply time/space efficiency

TCC'08 Proceedings of the 5th conference on Theory of cryptography
Adapting helios for provable ballot privacy

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Password-protected secret sharing

Proceedings of the 18th ACM conference on Computer and communications security
An efficient compiler from Σ-protocol to 2-move deniable zero-knowledge

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Unclonable group identification

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
On the exact security of schnorr-type signatures in the random oracle model

EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
A robust and plaintext-aware variant of signed elgamal encryption

CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
On the (in)security of fischlin’s paradigm

TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

We show how to turn three-move proofs of knowledge into non-interactive ones in the random oracle model. Unlike the classical Fiat-Shamir transformation our solution supports an online extractor which outputs the witness from such a non-interactive proof instantaneously, without having to rewind or fork. Additionally, the communication complexity of our solution is significantly lower than for previous proofs with online extractors. We furthermore give a superlogarithmic lower bound on the number of hash function evaluations for such online extractable proofs, matching the number in our construction, and we also show how to enhance security of the group signature scheme suggested recently by Boneh, Boyen and Shacham with our construction.