Rapid Demonstration of Linear Relations Connected by Boolean Operators (1997)
| Venue: | In EUROCRYPT ’97 |
| Citations: | 31 - 0 self |
BibTeX
@INPROCEEDINGS{Brands97rapiddemonstration,
author = {Stefan Brands},
title = {Rapid Demonstration of Linear Relations Connected by Boolean Operators},
booktitle = {In EUROCRYPT ’97},
year = {1997},
pages = {318--333},
publisher = {Springer Verlag}
}
Years of Citing Articles
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
. Consider a polynomial-time prover holding a set of secrets. We describe how the prover can rapidly demonstrate any satisfiable boolean formula for which the atomic propositions are relations that are linear in the secrets, without revealing more information about the secrets than what is conveyed by the formula itself. Our protocols support many proof modes, and are as secure as the Discrete Logarithm assumption or the RSA/factoring assumption. 1 Introduction Consider a polynomial-time prover that has committed to a vector of secrets and wants to demonstrate that the secrets satisfy some satisfiable formula from propositional logic, where the atomic propositions are relations that are linear in the secrets. An example formula is \Gamma (5x 1 \Gamma 3x 2 = 5) AND (2x 2 + 3x 3 = 7) \Delta OR \Gamma NOT(x 1 + 4x 3 = 5) \Delta ; where (x 1 ; : : : ; x k ) is the prover's vector of secrets. The prover does not want to reveal any more information about its secrets than what is co...
