13,378 research outputs found
Non-black-box Simulation in the Fully Concurrent Setting, Revisited
We give a new proof of the existence of -round public-coin concurrent zero-knowledge arguments for NP, where is an arbitrary constant. The security is proven in the plain model under the assumption that collision-resistant hash functions exist. (The existence of such concurrent zero-knowledge arguments was previously proven by Goyal (STOC\u2713) in the plain model under the same assumption.) In the proof, we use a new variant of the non-black-box simulation technique of Barak (FOCS\u2701). An important property of our simulation technique is that the simulator runs in a straight-line manner in the fully concurrent setting. Compared with the simulation technique of Goyal, which also has such a property, the analysis of our simulation technique is (arguably) simpler
On Constant-Round Concurrent Zero-Knowledge from a Knowledge Assumption
In this work, we consider the long-standing open question of constructing
constant-round concurrent zero-knowledge protocols in the plain model.
Resolving this question is known to require non-black-box techniques.
We consider non-black-box techniques for zero-knowledge based on knowledge
assumptions, a line of thinking initiated by the work of Hada and Tanaka
(CRYPTO 1998). Prior to our work, it was not known whether knowledge
assumptions could be used for achieving security in the concurrent setting, due
to a number of significant limitations that we discuss here. Nevertheless, we
obtain the following results:
1. We obtain the first constant round concurrent zero-knowledge argument for
\textbf{NP} in the plain model based on a new variant of knowledge of exponent
assumption. Furthermore, our construction avoids the inefficiency inherent in
previous non-black-box techniques such that those of Barak (FOCS 2001); we
obtain our result through an efficient protocol compiler.
2. Unlike Hada and Tanaka, we do not require a knowledge assumption to argue
the soundness of our protocol. Instead, we use a discrete log like assumption,
which we call Diffie-Hellman Logarithm Assumption, to prove the soundness of
our protocol.
3. We give evidence that our new variant of knowledge of exponent assumption
is in fact plausible. In particular, we show that our assumption holds in the
generic group model.
4. Knowledge assumptions are especially delicate assumptions whose
plausibility may be hard to gauge. We give a novel framework to express
knowledge assumptions in a more flexible way, which may allow for formulation
of plausible assumptions and exploration of their impact and application in
cryptography.Comment: 30 pages, 3 figure
Constant-Round Concurrent Zero-Knowledge From Falsifiable Assumptions
We present a constant-round concurrent zero-knowledge protocol for \NP. Our protocol is sound against uniform polynomial-time attackers, and relies on the existence of families of collision-resistant hash functions, and a new (but in our eyes, natural) falsifiable intractability assumption: Roughly speaking, that Micali's non-interactive CS-proofs are sound for languages in
eXtended Variational Quasicontinuum Methodology for Lattice Networks with Damage and Crack Propagation
Lattice networks with dissipative interactions are often employed to analyze
materials with discrete micro- or meso-structures, or for a description of
heterogeneous materials which can be modelled discretely. They are, however,
computationally prohibitive for engineering-scale applications. The
(variational) QuasiContinuum (QC) method is a concurrent multiscale approach
that reduces their computational cost by fully resolving the (dissipative)
lattice network in small regions of interest while coarsening elsewhere. When
applied to damageable lattices, moving crack tips can be captured by adaptive
mesh refinement schemes, whereas fully-resolved trails in crack wakes can be
removed by mesh coarsening. In order to address crack propagation efficiently
and accurately, we develop in this contribution the necessary generalizations
of the variational QC methodology. First, a suitable definition of crack paths
in discrete systems is introduced, which allows for their geometrical
representation in terms of the signed distance function. Second, special
function enrichments based on the partition of unity concept are adopted, in
order to capture kinematics in the wakes of crack tips. Third, a summation rule
that reflects the adopted enrichment functions with sufficient degree of
accuracy is developed. Finally, as our standpoint is variational, we discuss
implications of the mesh refinement and coarsening from an energy-consistency
point of view. All theoretical considerations are demonstrated using two
numerical examples for which the resulting reaction forces, energy evolutions,
and crack paths are compared to those of the direct numerical simulations.Comment: 36 pages, 23 figures, 1 table, 2 algorithms; small changes after
review, paper title change
Recommended from our members
Cryptography
The Oberwolfach workshop Cryptography brought together scientists from cryptography with mathematicians specializing in the algorithmic problems underlying cryptographic security. The goal of the workshop was to stimulate interaction and collaboration that enables a holistic approach to designing cryptography from the mathematical foundations to practical applications. The workshop covered basic computational problems such as factoring and computing discrete logarithms and short vectors. It addressed fundamental research results leading to innovative cryptography for protecting security and privacy in cloud applications. It also covered some practical applications
Data-based mechanistic modelling, forecasting, and control.
This article briefly reviews the main aspects of the generic data based mechanistic (DBM) approach to modeling stochastic dynamic systems and shown how it is being applied to the analysis, forecasting, and control of environmental and agricultural systems. The advantages of this inductive approach to modeling lie in its wide range of applicability. It can be used to model linear, nonstationary, and nonlinear stochastic systems, and its exploitation of recursive estimation means that the modeling results are useful for both online and offline applications. To demonstrate the practical utility of the various methodological tools that underpin the DBM approach, the article also outlines several typical, practical examples in the area of environmental and agricultural systems analysis, where DBM models have formed the basis for simulation model reduction, control system design, and forecastin
Fiat-Shamir for highly sound protocols is instantiable
The Fiat–Shamir (FS) transformation (Fiat and Shamir, Crypto '86) is a popular paradigm for constructing very efficient non-interactive zero-knowledge (NIZK) arguments and signature schemes from a hash function and any three-move interactive protocol satisfying certain properties. Despite its wide-spread applicability both in theory and in practice, the known positive results for proving security of the FS paradigm are in the random oracle model only, i.e., they assume that the hash function is modeled as an external random function accessible to all parties. On the other hand, a sequence of negative results shows that for certain classes of interactive protocols, the FS transform cannot be instantiated in the standard model.
We initiate the study of complementary positive results, namely, studying classes of interactive protocols where the FS transform does have standard-model instantiations. In particular, we show that for a class of “highly sound” protocols that we define, instantiating the FS transform via a q-wise independent hash function yields NIZK arguments and secure signature schemes. In the case of NIZK, we obtain a weaker “q-bounded” zero-knowledge flavor where the simulator works for all adversaries asking an a-priori bounded number of queries q; in the case of signatures, we obtain the weaker notion of random-message unforgeability against q-bounded random message attacks.
Our main idea is that when the protocol is highly sound, then instead of using random-oracle programming, one can use complexity leveraging. The question is whether such highly sound protocols exist and if so, which protocols lie in this class. We answer this question in the affirmative in the common reference string (CRS) model and under strong assumptions. Namely, assuming indistinguishability obfuscation and puncturable pseudorandom functions we construct a compiler that transforms any 3-move interactive protocol with instance-independent commitments and simulators (a property satisfied by the Lapidot–Shamir protocol, Crypto '90) into a compiled protocol in the CRS model that is highly sound. We also present a second compiler, in order to be able to start from a larger class of protocols, which only requires instance-independent commitments (a property for example satisfied by the classical protocol for quadratic residuosity due to Blum, Crypto '81). For the second compiler we require dual-mode commitments.
We hope that our work inspires more research on classes of (efficient) 3-move protocols where Fiat–Shamir is (efficiently) instantiable
Co-simulation of Continuous Systems: A Tutorial
Co-simulation consists of the theory and techniques to enable global
simulation of a coupled system via the composition of simulators. Despite the
large number of applications and growing interest in the challenges, the field
remains fragmented into multiple application domains, with limited sharing of
knowledge.
This tutorial aims at introducing co-simulation of continuous systems,
targeted at researchers new to the field
- …