A Note on Computationally Sound Proof in Group of Unknown Order
スポンサーリンク
概要
- 論文の詳細を見る
Suppose we are given an Abelian group G of unknown order, such as RSA group (Z/nZ)^×, where the group operations in G can be efficiently computed.Let g, h be elements in G and let c=g^xh^r be a commitment to x (where the group operation is defined as the multiplication).In this paper we revisit a sound-proof-of-knowledge protocol for the representation problem in a group of unknown order - that is, a protocol in which the prover convinces the verifier that he knows the representation of c to base g, h in G.The proof of soundness for this protocol was initially provided in [5], but we have recently found it incomplete, although the protocol and its variants appear in many literatures, for instance PVSS [6], group signature [3, 4]and optimistic fair-exchange [2, 1].In this paper we fix a bug in [5]and prove this protocol indeed sound, trying to make the setting more general and fundamental.
- 一般社団法人電子情報通信学会の論文
- 2001-07-18
著者
関連論文
- How to Enhance the Security of Public-Key Encryption at Minimum Cost(Special Section on Cryptography and Information Security)
- Practical Escrow Cash Schemes (Special Section on Cryptography and Information Security)
- A Note on Computationally Sound Proof in Group of Unknown Order (コンピュータセキュリティ研究報告)
- Statistical Zero-Knowledge Protocols to Prove Modular Polynomial Relations (Special Section on Cryptography and Information Security)
- A Note on Computationally Sound Proof in Group of Unknown Order