Fiat–Shamir transformation of multi-round interactive proofs (extended version)

The celebrated Fiat–Shamir transformation turns any public-coin interactive proof into a non-interactive one, which inherits the main security properties (in the random oracle model) of the interactive version. While originally considered in the context of 3-move public-coin interactive proofs, i.e., so-called Σ -protocols, it is now applied to multi-round protocols as well. Unfortunately, the security loss for a (2 μ+ 1) -move protocol is, in general, approximately Qμ , where Q is the number of oracle queries performed by the attacker. In general, this is the best one can hope for, as it is easy to see that this loss applies to the μ -fold sequential repetition of Σ -protocols, but it raises the question whether certain (natural) classes of interactive proofs feature a milder security loss. In this work, we give positive and negative results on this question. On the positive side, we show that for (k1, … , kμ) -special-sound protocols (which cover a broad class of use cases), the knowledge error degrades linearly in Q, instead of Qμ . On the negative side, we show that for t-fold parallel repetitions of typical (k1, … , kμ) -special-sound protocols with t≥ μ (and assuming for simplicity that t and Q are integer multiples of μ), there is an attack that results in a security loss of approximately 12Qμ/μμ+t

Fiat-Shamir transformation of multi-round interactive proofs

The celebrated Fiat-Shamir transformation turns any public-coin interactive proof into a non-interactive one, which inherits the main security properties (in the random oracle model) of the interactive version. While originally considered in the context of 3-move public-coin interactive proofs, i.e., so-called Σ-protocols, it is now applied to multi-round protocols as well. Unfortunately, the security loss for a (2μ+1)-move protocol is, in general, approximately Qμ, where Q is the number of oracle queries performed by the attacker. In general, this is the best one can hope for, as it is easy to see that this loss applies to the μ-fold sequential repetition of Σ -protocols, but it raises the question whether certain (natural) classes of interactive proofs feature a milder security loss. In this work, we give positive and negative results on this question. On the positive side, we show that for (k1,…,kμ) -special-sound protocols (which cover a broad class of use cases), the knowledge error degrades linearly in Q, instead of Qμ. On the negative side, we show that for t-fold parallel repetitions of typical (k1,…,kμ)-special-sound protocols with t≥μ (and assuming for simplicity that t and Q are integer multiples of μ), there is an attack that results in a security loss of approximately 12Qμ/μμ+t

New AMS 14C dates track the arrival and spread of broomcorn millet cultivation and agricultural change in prehistoric Europe

Broomcorn millet (Panicum miliaceum L.) is not one of the founder crops domesticated in Southwest Asia in the early Holocene, but was domesticated in northeast China by 6000 bc. In Europe, millet was reported in Early Neolithic contexts formed by 6000 bc, but recent radiocarbon dating of a dozen 'early' grains cast doubt on these claims. Archaeobotanical evidence reveals that millet was common in Europe from the 2nd millennium bc, when major societal and economic transformations took place in the Bronze Age. We conducted an extensive programme of AMS-dating of charred broomcorn millet grains from 75 prehistoric sites in Europe. Our Bayesian model reveals that millet cultivation began in Europe at the earliest during the sixteenth century bc, and spread rapidly during the fifteenth/fourteenth centuries bc. Broomcorn millet succeeds in exceptionally wide range of growing conditions and completes its lifecycle in less than three summer months. Offering an additional harvest and thus surplus food/fodder, it likely was a transformative innovation in European prehistoric agriculture previously based mainly on (winter) cropping of wheat and barley. We provide a new, high-resolution chronological framework for this key agricultural development that likely contributed to far-reaching changes in lifestyle in late 2nd millennium bc Europe

Kurzbericht über die Ausgrabung des kaiser- bis völkerwanderungszeitlichen und wikingerzeitlichen Siedlungsplatzes Hörup LA 28, Kreis Schleswig-Flensburg

In Hörup a settlement of the late Imperialto Migration Period could be documentedwith houses and fence-parallel structures.Numerous slag pits as remains of bloomeryfurnaces probably also belong to this epoch.During the Migration Period thereis a break-off of the settlement. The nextbuilding activities do not begin again untilthe late 8th and 9th centuries. A settlementcontinuity from the Migration Period tothe Viking Age cannot be proven in Hörup

Efficient Range Proofs with Transparent Setup from Bounded Integer Commitments

International audienceWe introduce a new approach for constructing range proofs. Our approach is modular, and leads to highly competitive range proofs under standard assumption, using less communication and (much) less computation than the state of the art methods, without relying on a trusted setup. Our range proofs can be used as a drop-in replacement in a variety of protocols such as distributed ledgers, anonymous transaction systems, and many more, leading to significant reductions in communication and computation for these applications. At the heart of our result is a new method to transform any commitment over a finite field into a commitment scheme which allows to commit to and efficiently prove relations about bounded integers. Combining these new commitments with a classical approach for range proofs based on square decomposition, we obtain several new instantiations of a paradigm which was previously limited to RSA-based range proofs (with high communication and computation, and trusted setup). More specifically, we get:-Under the discrete logarithm assumption, we obtain the most compact and efficient range proof among all existing candidates (with or without trusted setup). Our proofs are 12% to 20% shorter than the state of the art Bulletproof (Bünz et al., IEEE S&P '18) for standard choices of range size and security parameter, and are more efficient (both for the prover and the verifier) by more than an order of magnitude.-Under the LWE assumption, we obtain range proofs that improve over the state of the art in a batch setting when at least a few dozen range proofs are required.-Eventually, under standard class group assumptions, we obtain the first concretely efficient standard integer commitment scheme (without bounds on the size of the committed integer) which does not assume trusted setup

Versunkene Landschaften im Nordfriesischen Watt – Das aktuelle RUNGHOLT-Projekt zur Erforschung von Kulturspuren

The North Frisian Wadden Sea is regardedas an important natural area and isnow protected as a national park and aUNESCOWorld Heritage Site. At thesame time, it is a relic of a submerged culturallandscape. Environmental influences,extreme weather conditions but alsodyke construction and artificial land reclamationhave constantly changed the regionover the past millennia. While someareas could be regained after a devastatingflood, other parts sank into the sea forever. Remains of the lost terps and theiragricultural land are preserved under thepresent-day surface of the Wadden Sea.An interdisciplinary, partly DFG-fundedresearch project is addressing the systematicinvestigation of selected areasin the North Frisian Wadden Sea. Largescalenon-invasive methods of geophysicstogether with analyses of aerial photographsand drone photography are combinedwith targeted geoarchaeological andarchaeological investigations.A defined working area is located nearthe present-day Hallig Südfall, where thetrading centre of Rungholt, which sank on16 January 1362, is assumed to have beenlocated. Here, for the first time, the pathof a medieval dyke, terps, and drainageditches could be reconstructed, and variouslocations of tide gates identified.Hallig Hooge and the surrounding tidalflats form another area of investigation.A large number of submerged settlement60areas as well as new insights into the extentand organisation of medieval salt peatquarrying are the focus of the current investigationshere