2 research outputs found
Deterministic-Prover Zero-Knowledge Proofs
Zero-knowledge proof systems enable a prover to convince a verifier of the
validity of a statement without revealing anything beyond that fact. The role
of randomness in interactive proofs in general, and in zero-knowledge in
particular, is well known. In particular, zero-knowledge with a deterministic
verifier is impossible for non-trivial languages (outside of
). Likewise, it was shown by Goldreich and Oren (Journal of
Cryptology, 1994) that zero-knowledge with a deterministic prover is also
impossible for non-trivial languages. However, their proof holds only for
auxiliary-input zero knowledge and a malicious verifier.
In this paper, we initiate the study of the feasibility of zero-knowledge
proof systems with a deterministic prover in settings not covered by the
result of Goldreich and Oren. We prove the existence of deterministic-prover
auxiliary-input honest-verifier zero-knowledge for any
language, under standard assumptions. In addition, we show that any language
with a hash proof system has a deterministic-prover honest-verifier
statistical zero-knowledge proof, with an efficient prover. Finally, we show
that in some cases, it is even possible to achieve deterministic-prover
uniform zero-knowledge for a malicious verifier.
Our contribution is primarily conceptual, and sheds light on the necessity of
randomness in zero knowledge in settings where either the verifier is honest
or there is no auxiliary input
That’s not my signature! Fail-stop signatures for a post-quantum world
The Snowden\u27s revelations kick-started a community-wide effort to develop cryptographic tools against mass surveillance.
In this work, we propose to add another primitive to that toolbox: Fail-Stop Signatures (FSS) [EC\u2789].
FSS are digital signatures enhanced with a forgery-detection mechanism that can protect a PPT signer from more powerful attackers.
Despite the fascinating concept, research in this area stalled after the \u2790s. However, the ongoing transition to post-quantum cryptography, with its hiccups due to the novelty of underlying assumptions, has become the perfect use case for FSS.
This paper aims to reboot research on FSS with practical use in mind: Our framework for FSS includes ``fine-grained\u27\u27 security definitions (that assume a powerful, but bounded adversary e.g: can break -bit of security, but not -bit).
As an application, we show new FSS constructions for the post-quantum setting.
We show that FSS are equivalent to standard, provably secure digital signatures that do not require rewinding or programming random oracles, and that this implies lattice-based FSS.
Our main construction is an FSS version of SPHINCS, which required building FSS versions of all its building blocks: WOTS, XMSS, and FORS.
In the process, we identify and provide generic solutions for two fundamental issues arising when deriving a large number of private keys from a single seed, and when building FSS for Hash-and-Sign-based signatures