The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
How to prove all NP-statements in zero-knowledge, and a methodology of cryptographic protocol design
Proceedings on Advances in cryptology---CRYPTO '86
Demonstrating that a public predicate can be satisfied without revealing any information about how
Proceedings on Advances in cryptology---CRYPTO '86
Zero-knowledge simulation of Boolean circuits
Proceedings on Advances in cryptology---CRYPTO '86
Equivalence Between Two Flavours of Oblivious Transfers
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
How to Solve any Protocol Problem - An Efficiency Improvement
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Multiparty unconditionally secure protocols
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Founding crytpography on oblivious transfer
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Multi-prover interactive proofs: how to remove intractability assumptions
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Everything provable is provable in zero-knowledge
CRYPTO '88 Proceedings on Advances in cryptology
CRYPTO '88 Proceedings on Advances in cryptology
Payment systems and credential mechanisms with provable security against abuse by individuals
CRYPTO '88 Proceedings on Advances in cryptology
The round complexity of secure protocols
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
On the existence of bit commitment schemes and zero-knowledge proofs
CRYPTO '89 Proceedings on Advances in cryptology
Bit commitment using pseudo-randomness (extended abstract)
CRYPTO '89 Proceedings on Advances in cryptology
On the concrete complexity of zero-knowledge proofs
CRYPTO '89 Proceedings on Advances in cryptology
CRYPTO '89 Proceedings on Advances in cryptology
How convincing is your protocol?
ACM SIGACT News
Journal of the ACM (JACM)
Adaptive zero knowledge and computational equivocation (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
PODC '97 Proceedings of the sixteenth annual ACM symposium on Principles of distributed computing
Asymmetric fingerprinting for larger collusions
Proceedings of the 4th ACM conference on Computer and communications security
Robust efficient distributed RSA-key generation
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Designs, Codes and Cryptography
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Selective private function evaluation with applications to private statistics
Proceedings of the twentieth annual ACM symposium on Principles of distributed computing
On securely scheduling a meeting
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Semi-trusted Hosts and Mobile Agents: Enabling Secure Distributed Computations
MATA '00 Proceedings of the Second International Workshop on Mobile Agents for Telecommunication Applications
An Asymmetric Traceability Scheme for Copyright Protection without Trust Assumptions
EC-Web 2001 Proceedings of the Second International Conference on Electronic Commerce and Web Technologies
One-Round Secure Computation and Secure Autonomous Mobile Agents
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
Anonymous Fingerprinting as Secure as the Bilinear Diffie-Hellman Assumption
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
ICISC '00 Proceedings of the Third International Conference on Information Security and Cryptology
One-Time Tables for Two-Party Computation
COCOON '98 Proceedings of the 4th Annual International Conference on Computing and Combinatorics
Optimistic Fair Secure Computation
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Gradual and Verifiable Release of a Secret
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Security with Low Communication Overhead
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Fair Computation of General Functions in Presence of Immoral Majority
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
How To Break and Repair A "Provably Secure" Untraceable Payment System
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Joint Encryption and Message-Efficient Secure Computation
CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
Committed Oblivious Transfer and Private Multi-Party Computation
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Never Trust Victor: An Alternative Resettable Zero-Knowledge Proof System
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Mix and Match: Secure Function Evaluation via Ciphertexts
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Introduction to Secure Computation
Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
Anonymous Fingerprinting Based on Committed Oblivious Transfer
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
Policy-hiding access control in open environment
Proceedings of the twenty-fourth annual ACM symposium on Principles of distributed computing
Data Mining and Knowledge Discovery
An Efficient Anonymous Fingerprinting Protocol
Computational Intelligence and Security
Dual encryption for query integrity assurance
Proceedings of the 17th ACM conference on Information and knowledge management
Voting with unconditional privacy by merging Prêt à voter and PunchScan
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Weaknesses of undeniable signature schemes
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Distributed provers with applications to undeniable signatures
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Non-interactive circuit based proofs and non-interactive perfect zero-knowledge with preprocessing
EUROCRYPT'92 Proceedings of the 11th annual international conference on Theory and application of cryptographic techniques
Minimal-latency secure function evaluation
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Simulatable commitments and efficient concurrent zero-knowledge
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Scalable and unconditionally secure multiparty computation
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Simple and efficient perfectly-secure asynchronous MPC
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Perfectly-secure MPC with linear communication complexity
TCC'08 Proceedings of the 5th conference on Theory of cryptography
On the theoretical gap between synchronous and asynchronous MPC protocols
Proceedings of the 29th ACM SIGACT-SIGOPS symposium on Principles of distributed computing
Hybrid-secure MPC: trading information-theoretic robustness for computational privacy
Proceedings of the 29th ACM SIGACT-SIGOPS symposium on Principles of distributed computing
Graceful degradation in multi-party computation
ICITS'11 Proceedings of the 5th international conference on Information theoretic security
Building oblivious transfer on channel delays
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
An efficient fingerprinting scheme with symmetric and commutative encryption
IWDW'05 Proceedings of the 4th international conference on Digital Watermarking
IH'04 Proceedings of the 6th international conference on Information Hiding
An efficient and verifiable solution to the millionaire problem
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
An efficient fingerprinting scheme with secret sharing
DRMTICS'05 Proceedings of the First international conference on Digital Rights Management: technologies, Issues, Challenges and Systems
Hybrid approach for secure mobile agent computations
MADNES'05 Proceedings of the First international conference on Secure Mobile Ad-hoc Networks and Sensors
Robust multiparty computation with linear communication complexity
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Communication-efficient distributed oblivious transfer
Journal of Computer and System Sciences
Efficient multi-party computation with dispute control
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Implementing information-theoretically secure oblivious transfer from packet reordering
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Improving Helios with everlasting privacy towards the public
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
Hi-index | 0.01 |
A protocol is presented that allows a set of parties to collectively perform any agreed computation, where every party is able to choose secret inputs and verify that the resulting output is correct, and where all secret inputs are optimally protected. The protocol has the following properties: 驴 One participant is allowed to hide his secrets unconditionally, i.e. the protocol releases no Shannon information about these secrets. This means that a participant with bounded resources can perform computations securely with a participant who may have unlimited computing power. To the best of our knowledge, our protocol is the first of its kind to provide this possibility. 驴 The cost of our protocol is linear in the number of gates in a circuit performing the computation, and in the number of participants. We believe it is conceptually simpler and more efficient than other protocols solving related problems ([Y1], [GoMiWi] and [GaHaYu]). It therefore leads to practical solutions of problems involving small circuits. 驴 The protocol is openly verifiable, i.e. any number of people can later come in and rechallenge any participant to verify that no cheating has occurred. 驴 The protocol is optimally secure against conspiracies: even if n - 1 out of the n participants collude, they will not find out more about the remaining participants' secrets than what they could already infer from their own input and the public output. 驴 Each participant has a chance of undetected cheating that is only exponentially small in the amount of time and space needed for the protocol. 驴 The protocol adapts easily, and with negligible extra cost, to various additional requirements, e.g. making part of the output private to some participant, ensuring that the participants learn the output simultaneously, etc. 驴 Participants can prove relations between data used in different instances of the protocol, even if those instances involve different groups of participants. For example, it can be proved that the output of one computation was used as input to another, without revealing more about this data. 驴 The protocol can be usen as an essential tool in proving that all languages in IP have zero knowledge proof systems, i.e. any statement which can be proved interactively can also be proved in zero knowledge.The rest of this paper is organised as follows: First we survey some related results. Then Section 2 gives an intuitive introduction to the protocol. In Section 3, we present one of the main tools used in this paper: bit commitment schemes. Sections 4 and 5 contain the notation, terrninology, etc. used in the paper. In Section 6, the protocol is presented, along with proofs of its security and correctness. In Section 7, we show how to adapt the protocol to various extra requirements and discuss some generalisations and optimisations. Finally, Section 8 contains some remarks on how to construct zero knowledge proof systems for any language in IP.