Results 1 
5 of
5
NonTransitive Transfer of Confidence: A Perfect ZeroKnowledge Interactive Protocol for SAT and Beyond
, 1986
"... A perfect zeroknowledge interactive proof is a protocol by which Alice can convince Bob of the truth of some theorem in a way that yields no information as to how the proof might proceed (in the sense of Shannon's information theory). We give a general technique for achieving this goal for any prob ..."
Abstract

Cited by 57 (5 self)
 Add to MetaCart
A perfect zeroknowledge interactive proof is a protocol by which Alice can convince Bob of the truth of some theorem in a way that yields no information as to how the proof might proceed (in the sense of Shannon's information theory). We give a general technique for achieving this goal for any problem in NP (and beyond). The fact that our protocol is perfect zeroknowledge does not depend on unproved cryptographic assumptions. Furthermore, our protocol is powerful enough to allow Alice to convince Bob of theorems for which she does not even have a proof. Whenever Alice can convince herself probabilistically of a theorem, perhaps thanks to her knowledge of some trapdoor information, she can convince Bob as well, without compromising the trapdoor in any way. This results in a nontransitive transfer of confidence from Alice to Bob, because Bob will not be able to convince anyone else afterwards. Our protocol is dual to those of [GrMiWi86a, BrCr86]. 1. INTRODUCTION Assume that Alice h...
ZeroKnowledge Simulation of Boolean Circuits
, 1987
"... A zeroknowledge interactive proof is a protocol by which Alice can convince a polynomiallybounded Bob of the truth of some theorem without giving him any hint as to how the proof might proceed. Under cryptographic assumptions, we give a general technique for achieving this goal for any problem in ..."
Abstract

Cited by 37 (7 self)
 Add to MetaCart
A zeroknowledge interactive proof is a protocol by which Alice can convince a polynomiallybounded Bob of the truth of some theorem without giving him any hint as to how the proof might proceed. Under cryptographic assumptions, we give a general technique for achieving this goal for any problem in NP. This extends to a presumably larger class, which combines the powers of nondeterminism and randomness. Our protocol is powerful enough to allow Alice to convince Bob of theorems for which she does not even have a proof. Whenever Alice can convince herself probabilistically of a theorem, perhaps thanks to her knowledge of some trapdoor information, she can convince Bob as well, without compromising the trapdoor in any way. 1. INTRODUCTION The notion of zeroknowledge interactive proofs (ZKIP) introduced a few years ago by Goldwasser, Micali and Rackoff [GwMiRac85] has become a very active research area. Assume that Alice holds the proof of some theorem. A zeroknowledge interactive pr...
Primality testing
, 1992
"... Abstract For many years mathematicians have searched for a fast and reliable primality test. This is especially relevant nowadays, because the RSA publickey cryptosystem requires very large primes in order to generate secure keys. I will describe some efficient randomised algorithms that are useful ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Abstract For many years mathematicians have searched for a fast and reliable primality test. This is especially relevant nowadays, because the RSA publickey cryptosystem requires very large primes in order to generate secure keys. I will describe some efficient randomised algorithms that are useful in practice, but have the defect of occasionally giving the wrong answer, or taking a very long time to give an answer. Recently Agrawal, Kayal and Saxena found a deterministic polynomialtime primality test. I will describe their algorithm, mention some improvements by Bernstein and Lenstra, and explain why this is not the end of the story.
Two Observations on Probabilistic Primality Testing
, 1987
"... In this note, we make two loosely related observations on Rabin's probabilistic primality test. The first remark gives a rather strange and provocative reason as to why is Rabin's test so good. It turns out that a single iteration fails with a nonnegligible probability on a composite number of the ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
In this note, we make two loosely related observations on Rabin's probabilistic primality test. The first remark gives a rather strange and provocative reason as to why is Rabin's test so good. It turns out that a single iteration fails with a nonnegligible probability on a composite number of the form 4j +3 only if this number happens to be easy to split. The second observation is much more fundamental because is it not restricted to primality testing: it has profound consequences for the entire field of probabilistic algorithms. There we ask the question: how good is Rabin's algorithm? Whenever one wishes to produce a uniformly distributed random probabilistic prime with a given bound on the error probability, it turns out that the size of the desired prime must be taken into account. 1. Introduction In this note, we make two loosely related observations on Rabin's probabilistic primality test. The first remark gives a rather strange and provocative reason as to why is Rabin's te...
Primality testing
, 2003
"... We consider the classical problem of testing if a given (large) number n is prime or composite. First we outline some of the efficient randomised algorithms for solving this problem. For many years it has been an open question whether a deterministic polynomial time algorithm exists for primality ..."
Abstract
 Add to MetaCart
We consider the classical problem of testing if a given (large) number n is prime or composite. First we outline some of the efficient randomised algorithms for solving this problem. For many years it has been an open question whether a deterministic polynomial time algorithm exists for primality testing, i.e. whether "PRIMES is in P". Recently Agrawal, Kayal and Saxena answered this question in the affirmative. They gave a surprisingly simple deterministic algorithm. We describe their algorithm, mention some improvements by Bernstein and Lenstra, and consider whether the algorithm is useful in practice. Finally, as a topic for future research, we mention a conjecture that, if proved, would give a fast and practical deterministic primality test.