5,577 research outputs found
On Sigma-Protocols and (packed) Black-Box Secret Sharing Schemes
-protocols are a widely utilized, relatively simple and well understood type of zero-knowledge proofs. However, the well known Schnorr -protocol for proving knowledge of discrete logarithm in a cyclic group of known prime order, and similar protocols working over this type of groups, are hard to generalize to dealing with other groups. In particular with hidden order groups, due to the inability of the knowledge extractor to invert elements modulo the order.
In this paper, we introduce a universal construction of -protocols designed to prove knowledge of preimages of group homomorphisms for any abelian finite group. In order to do this, we first establish a general construction of a -protocol for -module homomorphism given only a linear secret sharing scheme over the ring , where zero knowledge and special soundness can be related to the privacy and reconstruction properties of the secret sharing scheme. Then, we introduce a new construction of 2-out-of- packed black-box secret sharing scheme capable of sharing elements of an arbitrary (abelian, finite) group where each share consists of group elements.
From these two elements we obtain a generic ``batch\u27\u27 -protocol for proving knowledge of preimages of elements via the same group homomorphism, which communicates elements of the group to achieve knowledge error.
For the case of class groups, we show that our -protocol improves in several aspects on existing proofs for knowledge of discrete logarithm and other related statements that have been used in a number of works.
Finally, we extend our constructions from group homomorphisms to the case of ZK-ready functions, introduced by Cramer and Damg\aa rd in Crypto 09, which in particular include the case of proofs of knowledge of plaintext (and randomness) for some linearly homomorphic encryption schemes such as Joye-Libert encryption. However, in the case of Joye-Libert, we show an even better alternative, using Shamir secret sharing over Galois rings, which achieves knowledge soundness by communicating ciphertexts to prove statements
Zero-Knowledge Arguments for Subverted RSA Groups
This work investigates zero-knowledge protocols in subverted RSA groups where the prover can choose the modulus and where the verifier does not know the group order. We introduce a novel technique for extracting the witness from a general homomorphism over a group of unknown order that does not require parallel repetitions. We present a NIZK range proof for general homomorphisms such as Paillier encryptions in the designated verifier model that works under a subverted setup. The key ingredient of our proof is a constant sized NIZK proof of knowledge for a plaintext. Security is proven in the ROM assuming an IND-CPA additively homomorphic encryption scheme. The verifier\u27s public key is reusable, can be maliciously generated and is linear in the number of proofs to be verified
The equivariant topology of stable Kneser graphs
The stable Kneser graph , , , introduced by Schrijver
\cite{schrijver}, is a vertex critical graph with chromatic number , its
vertices are certain subsets of a set of cardinality . Bj\"orner and de
Longueville \cite{anders-mark} have shown that its box complex is homotopy
equivalent to a sphere, \Hom(K_2,SG_{n,k})\homot\Sphere^k. The dihedral group
acts canonically on , the group with 2 elements acts
on . We almost determine the -homotopy type of
\Hom(K_2,SG_{n,k}) and use this to prove the following results. The graphs
are homotopy test graphs, i.e. for every graph and such
that \Hom(SG_{2s,4},H) is -connected, the chromatic number
is at least . If and then
is not a homotopy test graph, i.e.\ there are a graph and an such
that \Hom(SG_{n,k}, G) is -connected and .Comment: 34 pp
Tame Class Field Theory for Global Function Fields
We give a function field specific, algebraic proof of the main results of
class field theory for abelian extensions of degree coprime to the
characteristic. By adapting some methods known for number fields and combining
them in a new way, we obtain a different and much simplified proof, which
builds directly on a standard basic knowledge of the theory of function fields.
Our methods are explicit and constructive and thus relevant for algorithmic
applications. We use generalized forms of the Tate-Lichtenbaum and Ate
pairings, which are well-known in cryptography, as an important tool.Comment: 25 pages, to appear in Journal of Number Theor
Equivariant Kirchberg-Phillips-type absorption for amenable group actions
We show an equivariant Kirchberg-Phillips-type absorption theorem for
pointwise outer actions of discrete amenable groups on Kirchberg algebras with
respect to natural model actions on the Cuntz algebras and
. This generalizes results known for finite groups and
poly- groups. The model actions are shown to be determined, up to
strong cocycle conjugacy, by natural abstract properties, which are verified
for some examples of actions arising from tensorial shifts. We also show the
following homotopy rigidity result, which may be understood as a precursor to a
general Kirchberg-Phillips-type classification theory: If two outer actions of
an amenable group on a unital Kirchberg algebra are equivariantly homotopy
equivalent, then they are conjugate. This marks the first C*-dynamical
classification result up to cocycle conjugacy that is applicable to actions of
all amenable groups.Comment: v3 42 pages; this version has been accepted for publication in
Communications in Mathematical Physic
- …