The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Witness indistinguishable and witness hiding protocols
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
SIAM Journal on Computing
Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions
SIAM Journal on Computing
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
A verifiable secret shuffle and its application to e-voting
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Efficient Scheme for Proving a Shuffle
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Robust Non-interactive Zero Knowledge
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Mix-Networks on Permutation Networks
ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Remarks on Mix-Network Based on Permutation Networks
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
A Verifiable Secret Shuffle of Homomorphic Encryptions
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Homomorphic Encryption with CCA Security
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Fully homomorphic encryption using ideal lattices
Proceedings of the forty-first annual ACM symposium on Theory of computing
Randomizable Proofs and Delegatable Anonymous Credentials
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Receipt-free mix-type voting scheme: a practical solution to the implementation of a voting booth
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Rerandomizable RCCA encryption
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
A non-interactive shuffle with pairing based verifiability
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Efficient non-interactive proof systems for bilinear groups
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Structure-preserving signatures and commitments to group elements
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Cryptography against Continuous Memory Attacks
FOCS '10 Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science
Revocation for delegatable anonymous credentials
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Commuting signatures and verifiable encryption
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Optimal structure-preserving signatures in asymmetric bilinear groups
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Simulation-sound NIZK proofs for a practical language and constant size group signatures
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Targeted malleability: homomorphic encryption for restricted computations
Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
A sender verifiable mix-net and a new proof of a shuffle
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Fully homomorphic encryption with relatively small key and ciphertext sizes
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Fully homomorphic encryption over the integers
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Malleable proof systems and applications
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Malleable proof systems and applications
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Constant-Size structure-preserving signatures: generic constructions and simple assumptions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
On the (im)possibility of projecting property in prime-order setting
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Computing on authenticated data: new privacy definitions and constructions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
How not to prove yourself: pitfalls of the fiat-shamir heuristic and applications to helios
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Succinct malleable NIZKs and an application to compact shuffles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Towards a practical cryptographic voting scheme based on malleable proofs
Vote-ID'13 Proceedings of the 4th international conference on E-Voting and Identity
Hi-index | 0.00 |
Malleability for cryptography is not necessarily an opportunity for attack; in many cases it is a potentially useful feature that can be exploited. In this work, we examine notions of malleability for non-interactive zero-knowledge (NIZK) proofs. We start by defining a malleable proof system, and then consider ways to meaningfully control the malleability of the proof system, as in many settings we would like to guarantee that only certain types of transformations can be performed. As our motivating application, we consider a shorter proof for verifiable shuffles. Our controlled-malleable proofs allow us for the first time to use one compact proof to prove the correctness of an entire multi-step shuffle. Each authority takes as input a set of encrypted votes and a controlled-malleable NIZK proof that these are a shuffle of the original encrypted votes submitted by the voters; it then permutes and re-randomizes these votes and updates the proof by exploiting its controlled malleability. As another application, we generically use controlled-malleable proofs to realize a strong notion of encryption security. Finally, we examine malleability in existing proof systems and observe that Groth-Sahai proofs are malleable. We then go beyond this observation by characterizing all the ways in which they are malleable, and use them to efficiently instantiate our generic constructions from above; this means we can instantiate our proofs and all their applications using only the Decision Linear (DLIN) assumption.