The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
Composition and integrity preservation of secure reactive systems
Proceedings of the 7th ACM conference on Computer and communications security
Practical forward secure group signature schemes
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Universally composable two-party and multi-party secure computation
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Security Analysis of IKE's Signature-Based Key-Exchange Protocol
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Zero-Knowledge Proofs for Finite Field Arithmetic; or: Can Zero-Knowledge be for Free?
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient Revocation in Group Signatures
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Bounded-concurrent secure two-party computation without setup assumptions
Proceedings of the thirty-fifth annual ACM symposium on Theory of computing
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Bounded-Concurrent Secure Two-Party Computation in a Constant Number of Rounds
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Untraceable Secret Credentials: Trust Establishment with Privacy
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
New notions of security: achieving universal composability without trusted setup
STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
Proceedings of the 11th ACM conference on Computer and communications security
Strengthening Zero-Knowledge Protocols Using Signatures
Journal of Cryptology
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Efficient Constructions of Composable Commitments and Zero-Knowledge Proofs
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Threshold Homomorphic Encryption in the Universally Composable Cryptographic Library
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
On the Portability of Generalized Schnorr Proofs
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Universally Composable Symmetric Encryption
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
The Group of Signed Quadratic Residues and Applications
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Rapid demonstration of linear relations connected by boolean operators
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Adaptively secure threshold cryptography: introducing concurrency, removing erasures
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Efficient proofs that a committed number lies in an interval
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Universally composable security with global setup
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Quasi-efficient revocation of group signatures
FC'02 Proceedings of the 6th international conference on Financial cryptography
Strengthening zero-knowledge protocols using signatures
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Credential authenticated identification and key exchange
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Highly-efficient universally-composable commitments based on the DDH assumption
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Group signatures with separate and distributed authorities
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Relaxing environmental security: monitored functionalities and client-server computation
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Short linkable ring signatures for e-voting, e-cash and attestation
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Separable linkable threshold ring signatures
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Private client-side profiling with random forests and hidden markov models
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Practical yet universally composable two-server password-authenticated secret sharing
Proceedings of the 2012 ACM conference on Computer and communications security
Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Optimally private access control
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Universally composable adaptive oblivious transfer (with access control) from standard assumptions
Proceedings of the 2013 ACM workshop on Digital identity management
Fair private set intersection with a semi-trusted arbiter
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
| Hi-index | 0.00 |
Zero-knowledge proofs of knowledge (ZK-PoK) for discrete logarithms and related problems are indispensable for practical cryptographic protocols. Recently, Camenisch, Kiayias, and Yung provided a specification language (the CKY-language) for such protocols which allows for a modular design and protocol analysis: for every zero-knowledge proof specified in this language, protocol designers are ensured that there exists an efficient protocol which indeed proves the specified statement. However, the protocols resulting from their compilation techniques only satisfy the classical notion of ZK-PoK, which is not retained are when they used as building blocks for higher-level applications or composed with other protocols. This problem can be tackled by moving to the Universal Composability (UC) framework, which guarantees retention of security when composing protocols in arbitrary ways. While there exist generic transformations from $#931;-protocols to UC-secure protocols, these transformation are often too inefficient for practice. In this paper we introduce a specification language akin to the CKY-language and a compiler such that the resulting protocols are UC-secure and efficient. To this end, we propose an extension of the UC-framework addressing the issue that UC-secure zero-knowledge proofs are by definition proofs of knowledge, and state a special composition theorem which allows one to use the weaker --- but more efficient and often sufficient --- notion of proofs of membership in the UC-framework. We believe that our contributions enable the design of practically efficient protocols that are UC-secure and thus themselves can be used as building blocks.