229,374 research outputs found
Concurrent Knowledge-Extraction in the Public-Key Model
Knowledge extraction is a fundamental notion, modelling machine possession of
values (witnesses) in a computational complexity sense. The notion provides an
essential tool for cryptographic protocol design and analysis, enabling one to
argue about the internal state of protocol players without ever looking at this
supposedly secret state. However, when transactions are concurrent (e.g., over
the Internet) with players possessing public-keys (as is common in
cryptography), assuring that entities ``know'' what they claim to know, where
adversaries may be well coordinated across different transactions, turns out to
be much more subtle and in need of re-examination. Here, we investigate how to
formally treat knowledge possession by parties (with registered public-keys)
interacting over the Internet. Stated more technically, we look into the
relative power of the notion of ``concurrent knowledge-extraction'' (CKE) in
the concurrent zero-knowledge (CZK) bare public-key (BPK) model.Comment: 38 pages, 4 figure
Concurrently Non-Malleable Zero Knowledge in the Authenticated Public-Key Model
We consider a type of zero-knowledge protocols that are of interest for their
practical applications within networks like the Internet: efficient
zero-knowledge arguments of knowledge that remain secure against concurrent
man-in-the-middle attacks. In an effort to reduce the setup assumptions
required for efficient zero-knowledge arguments of knowledge that remain secure
against concurrent man-in-the-middle attacks, we consider a model, which we
call the Authenticated Public-Key (APK) model. The APK model seems to
significantly reduce the setup assumptions made by the CRS model (as no trusted
party or honest execution of a centralized algorithm are required), and can be
seen as a slightly stronger variation of the Bare Public-Key (BPK) model from
\cite{CGGM,MR}, and a weaker variation of the registered public-key model used
in \cite{BCNP}. We then define and study man-in-the-middle attacks in the APK
model. Our main result is a constant-round concurrent non-malleable
zero-knowledge argument of knowledge for any polynomial-time relation
(associated to a language in ), under the (minimal) assumption of
the existence of a one-way function family. Furthermore,We show time-efficient
instantiations of our protocol based on known number-theoretic assumptions. We
also note a negative result with respect to further reducing the setup
assumptions of our protocol to those in the (unauthenticated) BPK model, by
showing that concurrently non-malleable zero-knowledge arguments of knowledge
in the BPK model are only possible for trivial languages
Self-Stabilizing Repeated Balls-into-Bins
We study the following synchronous process that we call "repeated
balls-into-bins". The process is started by assigning balls to bins in
an arbitrary way. In every subsequent round, from each non-empty bin one ball
is chosen according to some fixed strategy (random, FIFO, etc), and re-assigned
to one of the bins uniformly at random.
We define a configuration "legitimate" if its maximum load is
. We prove that, starting from any configuration, the
process will converge to a legitimate configuration in linear time and then it
will only take on legitimate configurations over a period of length bounded by
any polynomial in , with high probability (w.h.p.). This implies that the
process is self-stabilizing and that every ball traverses all bins in
rounds, w.h.p
Predictable arguments of knowledge
We initiate a formal investigation on the power of predictability for argument of knowledge systems for NP. Specifically, we consider private-coin argument systems where the answer of the prover can be predicted, given the private randomness of the verifier; we call such protocols Predictable Arguments of Knowledge (PAoK).
Our study encompasses a full characterization of PAoK, showing that such arguments can be made extremely laconic, with the prover sending a single bit, and assumed to have only one round (i.e., two messages) of communication without loss of generality.
We additionally explore PAoK satisfying additional properties (including zero-knowledge and the possibility of re-using the same challenge across multiple executions with the prover), present several constructions of PAoK relying on different cryptographic tools, and discuss applications to cryptography
Complexity of Multi-Value Byzantine Agreement
In this paper, we consider the problem of maximizing the throughput of
Byzantine agreement, given that the sum capacity of all links in between nodes
in the system is finite. We have proposed a highly efficient Byzantine
agreement algorithm on values of length l>1 bits. This algorithm uses error
detecting network codes to ensure that fault-free nodes will never disagree,
and routing scheme that is adaptive to the result of error detection. Our
algorithm has a bit complexity of n(n-1)l/(n-t), which leads to a linear cost
(O(n)) per bit agreed upon, and overcomes the quadratic lower bound
(Omega(n^2)) in the literature. Such linear per bit complexity has only been
achieved in the literature by allowing a positive probability of error. Our
algorithm achieves the linear per bit complexity while guaranteeing agreement
is achieved correctly even in the worst case. We also conjecture that our
algorithm can be used to achieve agreement throughput arbitrarily close to the
agreement capacity of a network, when the sum capacity is given
Resettable Zero Knowledge in the Bare Public-Key Model under Standard Assumption
In this paper we resolve an open problem regarding resettable zero knowledge
in the bare public-key (BPK for short) model: Does there exist constant round
resettable zero knowledge argument with concurrent soundness for
in BPK model without assuming \emph{sub-exponential hardness}? We give a
positive answer to this question by presenting such a protocol for any language
in in the bare public-key model assuming only
collision-resistant hash functions against \emph{polynomial-time} adversaries.Comment: 19 pag
- …