The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Verifiable disclose for secrets and applications (abstract)
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the Composition of Zero-Knowledge Proof Systems
SIAM Journal on Computing
Protecting data privacy in private information retrieval schemes
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Privacy preserving auctions and mechanism design
Proceedings of the 1st ACM conference on Electronic commerce
Efficient Identification and Signatures for Smart Cards
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Committed Oblivious Transfer and Private Multi-Party Computation
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Priced Oblivious Transfer: How to Sell Digital Goods
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Zero-knowledge from secure multiparty computation
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Improved Garbled Circuit: Free XOR Gates and Applications
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
A Framework for Efficient and Composable Oblivious Transfer
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Proving in zero-knowledge that a number is the product of two safe primes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Non-interactive verifiable computing: outsourcing computation to untrusted workers
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Two-output secure computation with malicious adversaries
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Highly-efficient universally-composable commitments based on the DDH assumption
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Faster secure two-party computation using garbled circuits
SEC'11 Proceedings of the 20th USENIX conference on Security
Threshold decryption and zero-knowledge proofs for lattice-based cryptosystems
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Non-interactive zaps and new techniques for NIZK
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
A framework for practical universally composable zero-knowledge protocols
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
On the security of the "Free-XOR" technique
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Point obfuscation and 3-round zero-knowledge
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Efficient zero-knowledge argument for correctness of a shuffle
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Foundations of garbled circuits
Proceedings of the 2012 ACM conference on Computer and communications security
Adaptively secure garbling with applications to one-time programs and secure outsourcing
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
A mix-net from any CCA2 secure cryptosystem
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Commitments and efficient zero-knowledge proofs from learning parity with noise
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Pinocchio: Nearly Practical Verifiable Computation
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Efficient Garbling from a Fixed-Key Blockcipher
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
| Hi-index | 0.00 |
Zero-knowledge protocols are one of the fundamental concepts in modern cryptography and have countless applications. However, after more than 30 years from their introduction, there are only very few languages (essentially those with a group structure) for which we can construct zero-knowledge protocols that are efficient enough to be used in practice. In this paper we address the problem of how to construct efficient zero-knowledge protocols for generic languages and we propose a protocol based on Yao's garbled circuit technique. The motivation for our work is that in many cryptographic applications it is useful to be able to prove efficiently statements of the form e.g., "I know x s.t.y = SHA-256(x)" for a common input y (or other "unstructured" languages), but no efficient protocols for this task are currently known. It is clear that zero-knowledge is a subset of secure two-party computation (i.e., any protocol for generic secure computation can be used to do zero-knowledge). The main contribution of this paper is to construct an efficient protocol for the special case of secure two-party computation where only one party has input (like in the zero-knowledge case). The protocol achieves active security and is essentially only twice as slow as the passive secure version of Yao's garbled circuit protocol. This is a great improvement with respect to the cut-n-choose technique to make Yao's protocol actively secure, where the complexity grows linearly with the security parameter.