Results 1  10
of
1,127,211
Perfect zeroknowledge in constant rounds
 In Proceedings of the Twenty Second Annual ACM Symposium on Theory of Computing
, 1990
"... Rafail Ostrovsky z Quadratic residuosity and graph isomorphism are classic problems and the canonical examples of zeroknowledge languages. However, despite much research e ort, all previous zeroknowledge proofs for them required either cryptography (and thus unproven assumptions) or an unbounded nu ..."
Abstract

Cited by 42 (3 self)
 Add to MetaCart
number of rounds of message exchange. For both (and similar) languages, we exhibit zeroknowledge proofs that require 5 rounds and no unproven assumptions. Our solution is essentially optimal, in this setting, due to a recent lowerbound argument of Goldreich and Krawzcyk. 1
On ConstantRound Concurrent ZeroKnowledge
"... Abstract. Loosely speaking, an interactive proof is said to be zeroknowledge if the view of every “efficient ” verifier can be “efficiently” simulated. An outstanding open question regarding zeroknowledge is whether constantround concurrent zeroknowledge proofs exists for nontrivial languages. We ..."
Abstract

Cited by 13 (7 self)
 Add to MetaCart
Abstract. Loosely speaking, an interactive proof is said to be zeroknowledge if the view of every “efficient ” verifier can be “efficiently” simulated. An outstanding open question regarding zeroknowledge is whether constantround concurrent zeroknowledge proofs exists for nontrivial languages
Perfect ZeroKnowledge in Constant Rounds
, 1990
"... Quadratic residuosity and graph isomorphism are classic problems and the canonical examples of zeroknowledge languages. However, despite much research effort, all previous zeroknowledge proofs for them required either cryptography (and thus unproven assumptions) or an unbounded number of rounds of ..."
Abstract
 Add to MetaCart
of message exchange. For both (and similar) languages, we exhibit zeroknowledge proofs that require 5 rounds and no unproven assumptions. Our solution is essentially optimal, in this setting, due to a recent lowerbound argument of Goldreich and Krawzcyk. 1 Introduction Interactive proofs and especially
Concurrent ZeroKnowledge
 IN 30TH STOC
, 1999
"... Concurrent executions of a zeroknowledge protocol by a single prover (with one or more verifiers) may leak information and may not be zeroknowledge in toto. In this paper, we study the problem of maintaining zeroknowledge We introduce the notion of an (; ) timing constraint: for any two proces ..."
Abstract

Cited by 177 (18 self)
 Add to MetaCart
processors P1 and P2 , if P1 measures elapsed time on its local clock and P2 measures elapsed time on its local clock, and P2 starts after P1 does, then P2 will finish after P1 does. We show that if the adversary is constrained by an (; ) assumption then there exist fourround almost concurrent zeroknowledge
Practical and ProvablySecure Commitment Schemes from CollisionFree Hashing
 in Advances in Cryptology  CRYPTO96, Lecture Notes in Computer Science 1109
, 1996
"... . We present a very practical stringcommitment scheme which is provably secure based solely on collisionfree hashing. Our scheme enables a computationally bounded party to commit strings to an unbounded one, and is optimal (within a small constant factor) in terms of interaction, communication, a ..."
Abstract

Cited by 77 (5 self)
 Add to MetaCart
, and computation. Our result also proves that constant round statistical zeroknowledge arguments and constantround computational zeroknowledge proofs for NP exist based on the existence of collisionfree hash functions. 1 Introduction String commitment is a fundamental primitive for cryptographic protocols. A
On the Composition of ZeroKnowledge Proof Systems
 SIAM Journal on Computing
, 1990
"... : The wide applicability of zeroknowledge interactive proofs comes from the possibility of using these proofs as subroutines in cryptographic protocols. A basic question concerning this use is whether the (sequential and/or parallel) composition of zeroknowledge protocols is zeroknowledge too. We ..."
Abstract

Cited by 214 (15 self)
 Add to MetaCart
execution. We present lower bounds on the round complexity of zeroknowledge proofs, with significant implications to the parallelization of zeroknowledge protocols. We prove that 3round interactive proofs and constantround ArthurMerlin proofs that are blackbox simulation zeroknowledge exist only
How to Construct ConstantRound ZeroKnowledge Proof Systems for NP
 Journal of Cryptology
, 1995
"... Constantround zeroknowledge proof systems for every language in NP are presented, assuming the existence of a collection of clawfree functions. In particular, it follows that such proof systems exist assuming the intractability of either the Discrete Logarithm Problem or the Factoring Problem for ..."
Abstract

Cited by 169 (8 self)
 Add to MetaCart
Constantround zeroknowledge proof systems for every language in NP are presented, assuming the existence of a collection of clawfree functions. In particular, it follows that such proof systems exist assuming the intractability of either the Discrete Logarithm Problem or the Factoring Problem
Noninteractive ZeroKnowledge
 SIAM J. COMPUTING
, 1991
"... This paper investigates the possibility of disposing of interaction between prover and verifier in a zeroknowledge proof if they share beforehand a short random string. Without any assumption, it is proven that noninteractive zeroknowledge proofs exist for some numbertheoretic languages for which ..."
Abstract

Cited by 216 (19 self)
 Add to MetaCart
This paper investigates the possibility of disposing of interaction between prover and verifier in a zeroknowledge proof if they share beforehand a short random string. Without any assumption, it is proven that noninteractive zeroknowledge proofs exist for some numbertheoretic languages
ConstantRound LeakageResilient ZeroKnowledge Arguments of Knowledge for NP
"... Abstract. Garg, Jain, and Sahai first consider zero knowledge proofs in the presence of leakage on the local state of the prover, and present a leakageresilientzeroknowledge proof system for HC (Hamiltonian Cycle) problem. Their construction is called (1 + ε)leakageresilient zeroknowledge, for ..."
Abstract
 Add to MetaCart
, for any constant ε> 0, because the total length of the leakage the simulator needs is (1 + ε) times as large as that of the leakage received by the verifier. In recent, Pandey provides a constantround leakageresilient zeroknowledge argument satisfying the ideal requirement of ε = 0. Whether
On Diophantine Complexity and Statistical ZeroKnowledge Arguments
 Advances on Cryptology — ASIACRYPT 2003
, 2003
"... Abstract. We show how to construct practical honestverifier statistical zeroknowledge Diophantine arguments of knowledge (HVSZK AoK) that a committed tuple of integers belongs to an arbitrary language in bounded arithmetic. While doing this, we propose a new algorithm for computing the Lagrange re ..."
Abstract

Cited by 41 (9 self)
 Add to MetaCart
Abstract. We show how to construct practical honestverifier statistical zeroknowledge Diophantine arguments of knowledge (HVSZK AoK) that a committed tuple of integers belongs to an arbitrary language in bounded arithmetic. While doing this, we propose a new algorithm for computing the Lagrange
Results 1  10
of
1,127,211