Download Alternative Variants of Zero-Knowledge Proofs by Rafael Pass PDF

By Rafael Pass

Show description

Read Online or Download Alternative Variants of Zero-Knowledge Proofs PDF

Best nonfiction_5 books

Cities and Citizenship at the U.S.-Mexico Border: The Paso del Norte Metropolitan Region

On the heart of the 2,000 mile U. S. -Mexico border, a sprawling transnational city house has mushroomed right into a metropolitan zone with over million humans whose livelihoods rely on international production, cross-border alternate, and border regulate jobs.  Our quantity advances wisdom on city area, gender, schooling, defense, and paintings, targeting Ciudad Ju?

Packet Guide to Routing and Switching

This booklet will disguise constitution, habit and fields, all of as a way to be supported by way of packet captures and research. This moment installment will conceal layers 2 and three and is anxious with the major protocols and operations. it really is intended to be a persist with as much as the 1st ebook within the feel that those are extra complicated principles that think and/or construct at the earlier rules.

Virtual Mode (Mode, Book 1)

Whilst she falls in love with an odd guy who disappears ahead of her eyes, Colene says so long to reality--and hi to an unlimited global of dragons, monsters, and most unlikely desires.

Extra info for Alternative Variants of Zero-Knowledge Proofs

Sample text

Remark 7 1. We note that the same proof can not be applied in the case of simply simulatable proofs, as the stand-alone verifier constructed in the hybrid argument has a running time of poly(T (n)). 2. It is interesting to note that the notions of straight-line strong T (n)-simulatability is strictly stronger than the notion of straight-line concurrent T (n)-simulatability. 5 constitutes an evidence of this fact. See remark 11. 7 We formalize this feature through a composition theorem, which loosely speaking states that for a large class of natural protocols the security of these protocols is not affected when concurrently executed with multiple straight-line concurrent T (n)-simulatable arguments.

2 The Random Oracle Model In the Random Oracle (RO) model, a random function RO : {0, 1}poly(n) → {0, 1}poly(n) is selected at startup, and is thereafter made accessible to all parties through oracle calls. 4 The RO model attempt to fill this space by providing a framework for the construction of practical, yet provably secure protocols. Since its introduction the RO model has indeed been successfully used to formally analyze the security of many practical protocols. Note, however, that in the “real” world truly random functions unfortunately do not exist.

We say that an interactive proof (or argument) (P, V ) for the language L ∈ N P, with the witness relation RL , is T (n)-simulatable if there for every PPT machine V ∗ exists a probabilistic simulator S with running time bounded by T (n) such that the following two ensembles are computationally indistinguishable (when the distinguishing gap is a function in n = |x|) 38 CHAPTER 3. SIMULATABLE PROOFS • {( P (y), V ∗ (z) (x))}z∈{0,1}∗ ,x∈L for arbitrary y ∈ RL (x) • {S(x, z)}z∈{0,1}∗,x∈L That is, for every probabilistic algorithm D running in time polynomial in the length of its first input, every polynomial p, all sufficiently long x ∈ L, all y ∈ RL (x) and all auxiliary inputs z, z ′ ∈ {0, 1}∗ it holds that |P r[D(x, z ′ , ( P (y), V ∗ (z) (x))) = 1] − P r[D(x, z ′ , S(x, z)) = 1]| < 1 p(|x|) Remark 4 The standard definition of zero-knowledge can be simplified to only provide the distinguisher with the auxiliary input z of the verifier (instead of providing it with its own auxiliary input z ′ (see [32] pages 214-215 for a proof of this fact).

Download PDF sample

Rated 4.91 of 5 – based on 9 votes