• Title, Summary, Keyword: Zero Knowledge Proof

Search Result 23, Processing Time 0.048 seconds

Efficient Proof of Vote Validity Without Honest-Verifier Assumption in Homomorphic E-Voting

  • Peng, Kun
    • Journal of Information Processing Systems
    • /
    • v.7 no.3
    • /
    • pp.549-560
    • /
    • 2011
  • Vote validity proof and verification is an efficiency bottleneck and privacy drawback in homomorphic e-voting. The existing vote validity proof technique is inefficient and only achieves honest-verifier zero knowledge. In this paper, an efficient proof and verification technique is proposed to guarantee vote validity in homomorphic e-voting. The new proof technique is mainly based on hash function operations that only need a very small number of costly public key cryptographic operations. It can handle untrusted verifiers and achieve stronger zero knowledge privacy. As a result, the efficiency and privacy of homomorphic e-voting applications will be significantly improved.

Privacy-Preserving Credit Scoring Using Zero-Knowledge Proofs (영지식 증명을 활용한 프라이버시 보장 신용평가방법)

  • Park, Chul;Kim, Jonghyun;Lee, Dong Hoon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.6
    • /
    • pp.1285-1303
    • /
    • 2019
  • In the current credit scoring system, the credit bureau gathers credit information from financial institutions and calculates a credit score based on it. However, because all sensitive credit information is stored in one central authority, there are possibilities of privacy violations and successful external attacks can breach large amounts of personal information. To handle this problem, we propose privacy-preserving credit scoring in which a user gathers credit information from financial institutions, calculates a credit score and proves that the score is calculated correctly using a zero-knowledge proof and a blockchain. In addition, we propose a zero-knowledge proof scheme that can efficiently prove committed inputs to check whether the inputs of a zero-knowledge proof are actually provided by financial institutions with a blockchain. This scheme provides perfect zero-knowledge unlike Agrawal et al.'s scheme, short CRSs and proofs, and fast proof and verification. We confirmed that the proposed credit scoring can be used in the real world by implementing it and experimenting with a credit score algorithm which is similar to that of the real world.

Compact E-Cash with Practical and Complete Tracing

  • Lian, Bin;Chen, Gongliang;Cui, Jialin;He, Dake
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.7
    • /
    • pp.3733-3755
    • /
    • 2019
  • E-cash has its merits comparing with other payment modes. However, there are two problems, which are how to achieve practical/complete tracing and how to achieve it in compact E-cash. First, the bank and the TTP (i.e., trusted third party) have different duties and powers in the reality. Therefore, double-spending tracing is bank's task, while unconditional tracing is TTP's task. In addition, it is desirable to provide lost-coin tracing before they are spent by anyone else. Second, compact E-cash is an efficient scheme, but tracing the coins from double-spender without TTP results in poor efficiency. To solve the problems, we present a compact E-cash scheme. For this purpose, we design an embedded structure of knowledge proof based on a new pseudorandom function and improve the computation complexity from O(k) to O(1). Double-spending tracing needs leaking dishonest users' secret knowledge, but preserving the anonymity of honest users needs zero-knowledge property, and our special knowledge proof achieves it with complete proofs. Moreover, the design is also useful for other applications, where both keeping zero-knowledge and leaking information are necessary.

Zero-knowledge proof based authentication protocol in ad-hoc wireless network (Ad-hoc wireless network에서의 authentication을 보장하는 zero-knowledge proof 기반의 프로토콜)

  • 윤여원;예흥진
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • /
    • pp.473-476
    • /
    • 2002
  • 본 논문에서는 ad-hoc wireless network에서 상호간의 사전지식 없이 상대편을 authenticate하는 프로토콜을 제시한다. 기존에 Dirk Balfanz et al에 의해 제시된 변형된interactive Guy Fawkes protocol은 해쉬함수의, 전달하고자 하는 메시지와 그 authenticator의 해쉬값을 보내고, 다음 단계에서 그 원본을 밝히는 원리를 이용한 것으로, PKI 없이 해쉬함수 만으로 상호인증과 메시지의 무결성을 보장함으로써 전반적인 ID 체계와 public key encryption, decryption 연산에 대한 부담을 덜었다. 하지만, 이것은 여전히 eavesdropping같은 passive attack에 노출되어 있다[1]. 본 논문에서는 zero-knowledge 기반의 프로토콜을 이용하여 상호 정보를 교환할 수 없는 환경에서도 안전하게 상호 authentication을 가능하게 하는 방법을 제시한다.

  • PDF

Generalization of Zero-Knowledge Proof of Polynomial Equality (다항식 상등성 영지식 증명의 일반화)

  • Kim, Myungsun;Kang, Bolam
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.40 no.5
    • /
    • pp.833-840
    • /
    • 2015
  • In this paper, we are interested in a generalization of zero-knowledge interactive protocols between prover and verifier, especially to show that the product of an encrypted polynomial and a random polynomial, but published by a secure commitment scheme was correctly computed by the prover. To this end, we provide a generalized protocol for proving that the resulting polynomial is correctly computed by an encrypted polynomial and another committed polynomial. Further we show that the protocol is also secure in the random oracle model. We expect that our generalized protocol can play a role of building blocks in implementing secure multi-party computation including private set operations.

Anonymous Authentication Scheme based on NTRU for the Protection of Payment Information in NFC Mobile Environment

  • Park, Sung-Wook;Lee, Im-Yeong
    • Journal of Information Processing Systems
    • /
    • v.9 no.3
    • /
    • pp.461-476
    • /
    • 2013
  • Recently, smart devices for various services have been developed using converged telecommunications, and the markets for near field communication mobile services is expected to grow rapidly. In particular, the realization of mobile NFC payment services is expected to go commercial, and it is widely attracting attention both on a domestic and global level. However, this realization would increase privacy infringement, as personal information is extensively used in the NFC technology. One example of such privacy infringement would be the case of the Google wallet service. In this paper, we propose an zero-knowledge proof scheme and ring signature based on NTRU for protecting user information in NFC mobile payment systems without directly using private financial information of the user.

On the Length of Hash-values for Digital Signature Schemes

  • Lim, Chae-Hoon;Lee, Pil-Joong-
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • /
    • pp.29-31
    • /
    • 1994
  • In digital signature schemes derived from the zero-knowledge proof techniques, some authors often claims that the length of hash-values for their schemes could be as short as 64 or 72 bits for the security level of 2$^{-64}$ or 2$^{-72}$ . This letter shows that signature schemes with such short hash values cannot achieve the security levels as stated, due to the birthday attack by the signer.

  • PDF

Scheme for Verification Between Mobile Devices in a Service with Expiration Time by Using Zero-knowledge Proof (영지식 증명을 이용한 가입기간이 정해진 서비스에서 이동 통신 기기간 인증 기법)

  • Park, Young-Hoon;Seo, Seung-Woo
    • Journal of the Institute of Electronics and Information Engineers
    • /
    • v.50 no.3
    • /
    • pp.23-32
    • /
    • 2013
  • As the mobile communication technology is developed, the services for communication between the mobile devices are provided, and the amount of usage is increasing tremendously. For the device-to-device communication, the device should be verified if it is a service member. The existing verification schemes include interactions with the third party, while this may cause the problems that the bandwidth is dissipated and the devices which are out of the communication range of the base station cannot communicate with other devices. To solve such problems, we propose a new scheme for verification between mobile devices without interaction of third party. For the proposed scheme, we develop and employ a new zero-knowledge proof protocol, which verifies the device's membership and its expiration time. Furthermore, the scheme guarantees privacy of the mobile device since it checks the encrypted verification message without decrypting, and protects replaying attack since it uses challenge-response method.

A Study on the Key Distribution System based on the Zero-Knowledge Proof (영지식증명을 이용한 키분배방식에 관한 연구)

  • 이윤호;양형규;장청룡;원동호
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • /
    • pp.85-94
    • /
    • 1991
  • Fiat, Shamir의 ZKIP(zero knowledge interactive proofs) 방식을 이용한 새로운 키분배방식을 제안한다. 본 방식은 평방잉여를 이용한 Fiat, Shamir의 ZKIP 방식을 이용하여 상호인증을 행하고 그 과정에서 교환되는 데이타를 사용하여 비밀통신용 공통키를 생성한다. 공통키 생성 과정에 사용된 데이타가 인증 과정에서 사용된 데이타이고, 인증 과정은 ZKIP 방식을 이용했으므로 제안한 키분배방식 역시 zero knowledge일 것으로 생각되며 ZKIP 방식은 인증 과정의 반복으로 인한 통신량이 많은 반면 제안한 방식은 인증과정에서의 반복횟수가 1이기 때문에 상대적으로 통신량이 적은 이점이 있다.

  • PDF

A Study on An Enhancement Scheme of Privacy and Anonymity through Convergence of Security Mechanisms in Blockchain Environments (블록체인 환경에서 보안 기법들의 융합을 통한 프라이버시 및 익명성 강화 기법에 대한 연구)

  • Kang, Yong-Hyeog
    • Journal of the Korea Convergence Society
    • /
    • v.9 no.11
    • /
    • pp.75-81
    • /
    • 2018
  • Anonymity and privacy issues are becoming important as all transactions in the blockchain are open to users. Public blockchains appear to guarantee anonymity by using public-key addresses on behalf of users, but they can weaken anonymity by tracking with various analytic techniques based on transaction graph. In this paper, we propose a scheme to protect anonymity and privacy by converging various security techniques such as k-anonymity, mixing, blind signature, multi-phase processing, random selection, and zero-knowledge proof techniques with incentive mechanism and contributor participation. Through performance analysis, our proposed scheme shows that it is difficult to invade privacy and anonymity through collusion attacks if the number of contributors is larger than that of conspirators.