227 research outputs found
On a New, Efficient Framework for Falsifiable Non-interactive Zero-Knowledge Arguments
Et kunnskapslÞst bevis er en protokoll mellom en bevisfÞrer og en attestant. BevisfÞreren har som mÄl Ä overbevise attestanten om at visse utsagn er korrekte, som besittelse av kortnummeret til et gyldig kredittkort, uten Ä avslÞre noen private opplysninger, som for eksempel kortnummeret selv. I mange anvendelser er det Þnskelig Ä bruke IIK-bevis (Ikke-interaktive kunnskapslÞse bevis), der bevisfÞreren produserer kun en enkelt melding som kan bekreftes av mange attestanter.
En ulempe er at sikre IIK-bevis for ikke-trivielle sprÄk kun kan eksistere ved tilstedevÊrelsen av en pÄlitelig tredjepart som beregner en felles referansestreng som blir gjort tilgjengelig for bÄde bevisfÞreren og attestanten. NÄr ingen slik part eksisterer liter man av og til pÄ ikke-interaktiv vitne-uskillbarhet, en svakere form for personvern. Studiet av effektive og sikre IIK-bevis er en kritisk del av kryptografi som har blomstret opp i det siste grunnet anvendelser i blokkjeder.
I den fÞrste artikkelen konstruerer vi et nytt IIK-bevis for sprÄkene som bestÄr av alle felles nullpunkter for en endelig mengde polynomer over en endelig kropp. Vi demonstrerer nytteverdien av beviset ved flerfoldige eksempler pÄ anvendelser. SÊrlig verdt Ä merke seg er at det er mulig Ä gÄ nesten automatisk fra en beskrivelse av et sprÄk pÄ et hÞyt nivÄ til definisjonen av IIK-beviset, som minsker behovet for dedikert kryptografisk ekspertise. I den andre artikkelen konstruerer vi et IIV-bevis ved Ä bruke en ny kompilator. Vi utforsker begrepet Kunnskapslydighet (et sterkere sikkerhetsbegrep enn lydighet) for noen konstruksjoner av IIK-bevis. I den tredje artikkelen utvider vi arbeidet fra den fÞrste artikkelen ved Ä konstruere et nytt IIK-bevis for mengde-medlemskap som lar oss bevise at et element ligger, eller ikke ligger, i den gitte mengden.
Flere nye konstruksjoner har bedre effektivitet sammenlignet med allerede kjente konstruksjoner.A zero-knowledge proof is a protocol between a prover, and a verifier. The prover aims to convince the verifier of the truth of some statement, such as possessing credentials for a valid credit card, without revealing any private information, such as the credentials themselves. In many applications, it is desirable to use NIZKs (Non-Interactive Zero Knowledge) proofs, where the prover sends outputs only a single message that can be verified by many verifiers.
As a drawback, secure NIZKs for non-trivial languages can only exist in the presence of a trusted third party that computes a common reference string and makes it available to both the prover and verifier. When no such party exists, one sometimes relies on non interactive witness indistinguishability (NIWI), a weaker notion of privacy. The study of efficient and secure NIZKs is a crucial part of cryptography that has been thriving recently due to blockchain applications.
In the first paper, we construct a new NIZK for the language of common zeros of a finite set of polynomials over a finite field. We demonstrate its usefulness by giving a large number of example applications. Notably, it is possible to go from a high-level language description to the definition of the NIZK almost automatically, lessening the need for dedicated cryptographic expertise. In the second paper, we construct a NIWI using a new compiler. We explore the notion of Knowledge Soundness (a security notion stronger than soundness) of some NIZK constructions. In the third paper, we extended the first paperâs work by constructing a new set (non-)membership NIZK that allows us to prove that an element belongs or does not belong to the given set.
Many new constructions have better efficiency compared to already-known constructions.Doktorgradsavhandlin
On Adaptive Security of Delayed-Input Sigma Protocols and Fiat-Shamir NIZKs
We study adaptive security of delayed-input Sigma protocols and non-interactive zero-knowledge (NIZK) proof systems in the common reference string (CRS) model. Our contributions are threefold:
- We exhibit a generic compiler taking any delayed-input Sigma protocol and returning a delayed-input Sigma protocol satisfying adaptive-input special honest-verifier zero-knowledge (SHVZK). In case the initial Sigma protocol also satisfies adaptive-input special soundness, our compiler preserves this property.
- We revisit the recent paradigm by Canetti et al. (STOC 2019) for obtaining NIZK proof systems in the CRS model via the Fiat-Shamir transform applied to so-called trapdoor Sigma protocols, in the context of adaptive security. In particular, assuming correlation-intractable hash functions for all sparse relations, we prove that Fiat- Shamir NIZKs satisfy either:
(i) Adaptive soundness (and non-adaptive zero-knowledge), so long as the challenge is obtained by hashing both the proverâs first round and the instance being proven;
(ii) Adaptive zero-knowledge (and non-adaptive soundness), so long as the challenge is obtained by hashing only the proverâs first round, and further assuming that the initial trapdoor Sigma protocol satisfies adaptive-input SHVZK.
- We exhibit a generic compiler taking any Sigma protocol and returning a trapdoor Sigma protocol. Unfortunately, this transform does not preserve the delayed-input property of the initial Sigma protocol (if any). To complement this result, we also give yet another compiler taking any delayed-input trapdoor Sigma protocol and returning a delayed-input trapdoor Sigma protocol with adaptive-input SHVZK.
An attractive feature of our first two compilers is that they allow obtaining efficient delayed-input Sigma protocols with adaptive security, and efficient Fiat-Shamir NIZKs with adaptive soundness (and non-adaptive zero-knowledge) in the CRS model. Prior to our work, the latter was only possible using generic NP reductions
Glycosaminoglycans in the human cornea: age-related changes
Abstract
AIM:
To investigate possible age-related changes in glycosaminoglycans (GAGs) in the human cornea. The substances today called GAGs were previously referred to as mucopolysaccharides.
METHODS:
Samples of human cornea were taken from 12 younger (age 21 ± 1.2) and 12 older (age 72 ± 1.6) male subjects. Samples were weighed, homogenized, and used for biochemical and molecular analyses. All the quantitative results were statistically analyzed.
RESULTS:
The human cornea appears to undergo age-related changes, as evidenced by our biochemical and molecular results. The total GAG and hyaluronic acid counts were significantly higher in the younger subjects than in the older subjects. The sulfated heavy GAGs, such as chondroitin, dermatan, keratan, and heparan sulfate, were lower in the younger subjects than in the older subjects.
DISCUSSION:
GAGs of the human cornea undergo numerous age-related changes. Their quantity is significantly altered in the elderly in comparison with younger subjects. GAGs play an important role in age-related diseases of the human cornea
Set (Non-)Membership NIZKs from Determinantal Accumulators
We construct a falsifiable set (non-)membership NIZK that is considerably more efficient than known falsifiable set (non-)membership NIZKs. It also has a universal CRS. is based on the novel concept of determinantal accumulators. Determinantal primitives have a similar relation to recent pairing-based (non-succinct) NIZKs of Couteau and Hartmann (Crypto 2020) and Couteau et al. (CLPĂ, Asiacrypt 2021) that structure-preserving primitives have to the Groth-Sahai NIZK. We also extend CLPĂ by proposing efficient (non-succinct) set non-membership arguments for a large class of languages
Algebraic Group Model with Oblivious Sampling
In the algebraic group model (AGM), an adversary has to return with each group element a linear representation with respect to input group elements. In many groups, it is easy to sample group elements obliviously without knowing such linear representations. Since the AGM does not model this, it can be used to prove the security of spurious knowledge assumptions. We show several well-known zk-SNARKs use such assumptions. We propose AGM with oblivious sampling (AGMOS), an AGM variant where the adversary can access an oracle that allows sampling group elements obliviously from some distribution. We show that AGM and AGMOS are different by studying the family of ``total knowledge-of-exponent\u27\u27 assumptions, showing that they are all secure in the AGM, but most are not secure in the AGMOS if the DL holds. We show an important separation in the case of the KZG commitment scheme. We show that many known AGM reductions go through also in the AGMOS, assuming a novel falsifiable assumption TOFR. We prove that TOFR is secure in a version of GGM with oblivious sampling
Allergic contact dermatitis to cell phone
No abstract availabl
Constant-Size zk-SNARKs in ROM from Falsifiable Assumptions
We prove that the seminal KZG polynomial commitment scheme (PCS) is black-box extractable under a simple falsifiable assumption ARSDH. To create an interactive argument, we construct a compiler that combines a black-box extractable non-interactive PCS and a polynomial IOP (PIOP). The compiler incurs a minor cost per every committed polynomial. Applying the Fiat-Shamir transformation, we obtain slightly less efficient variants of well-known PIOP-based zk-SNARKs, such as Plonk, that are knowledge-sound in the ROM under the ARSDH assumption. Importantly, there is no need for idealized group models or knowledge assumptions. This results in the first known zk-SNARKs in the ROM from falsifiable assumptions with both an efficient prover and constant-size argument
Local reactions to the second dose of the BNT162 COVID-19 vaccine
Multiple strategies have been implemented worldwide to fight the
burden of the pandemic caused by COVID-19, with vaccination being
one of the most promising.1
Notably, the first vaccine to be authorized in Italy was the
BNT162 mRNA-based vaccine, which has also been approved in
the USA, United Kingdom, and Canada.1,2 As a matter of fact, RNA
vaccines are immunogenic and cost-effective.
- âŠ