簡易檢索 / 詳目顯示

研究生: 呂昀修
Lu, Yun-Hsiu
論文名稱: 針對不可傳遞式零知識證明的研究
A Study on Non-Transferable Zero Knowledge Proof
指導教授: 紀博文
Chi, Po-Wen
口試委員: 紀博文
Chi, Po-Wen
王銘宏
Wang, Ming-Hung
曾一凡
Tseng, Yi-Fan
官振傑
Kuan, Chen-Chieh
口試日期: 2022/08/08
學位類別: 碩士
Master
系所名稱: 資訊工程學系
Department of Computer Science and Information Engineering
論文出版年: 2024
畢業學年度: 112
語文別: 英文
論文頁數: 82
中文關鍵詞: 零知識證明變色龍雜湊函數非傳遞性非交互式抗量子
英文關鍵詞: Zero-Knowledge Proof, Chameleon hash function, Non-transferability, Non- interaction, Quantum-resistance
研究方法: 實驗設計法
DOI URL: http://doi.org/10.6345/NTNU202400658
論文種類: 學術論文
相關次數: 點閱:64下載:5
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 在現今,零知識證明扮演了一個重要的角色,像是在區塊鏈中的驗證機制。 當擁有一些難題的知識時,證明者可以去通過驗證者的驗證。這個系統提供了一 個完美的模式,達到即使不洩漏個人資訊,證明者依舊能通過驗證。然而,我們 希望在驗證者驗證完證明者的資訊後,是沒有辦法將手中的訊息透漏給其他人, 讓其他人也知道證明者知道某項知識。在我們的研究中,我們提出了一個新的零 知識證明系統去達到不可傳遞性。由於不可傳遞性,無論證明是否合法,它可以 永遠通過驗證條件。

    Zero-Knowledge Proof plays an important role in today, such as the authentication in blockchain. With knowing the knowledge of some hard problems, a prover can generate a proof and pass the verification by a verifier. It gives a perfect scenario to avoid the parties to have other’s knowledge. However, we hope that the proof is non-transferable and the verifier cannot transfer the information. In our studies, we create a new Zero-Knowledge Proof scheme to achieve the non-transferability, called non-transferable Zero-Knowledge Proof. Due to the non-transferability, the proof will be always passed the verification whether it is valid or not.

    第一章 緒論 1 第一節 貢獻 5 第二節 架構 6 第二章 相關文獻 7 第一節 零知識證明 7 第二節 證明者設計證明 10 第三節 可否認式認證 11 第四節 變色龍雜湊函數 12 第三章 非傳遞式零知識證明 15 第一節 前提 16 第一小節 離散對數問題 16 第二小節 Schnorr的零知識證明 17 第三小節 最短向量問題假設 20 第四小節 Lyubashevsky的零知識證明 21 第二節 定義 27 第三節 離散對數的非傳遞式零知識證明 31 第一小節 架構 32 第二小節 證明 34 第四節 晶格式的非傳遞式零知識證明 38 第一小節 架構 39 第二小節 證明 43 第四章 非傳遞式且非互動式零知識證明 48 第一節 前提 49 第一小節 Santis的非互動式零知識證明 49 第二小節 Peikert的非互動式零知識證明 51 第二節 定義 53 第三節 離散對數的非傳遞式且非互動式零知識證明 57 第一小節 架構 58 第二小節 證明 60 第四節 晶格式的非傳遞式且非互動式零知識證明 63 第一小節 架構 64 第二小節 證明 66 第五章 效能分析 70 第六章 結論與未來可做 73 參考文獻 75

    [1] G. Ateniese and B. de Medeiros. Identity-based chameleon hash and applications. IACR Cryptol. ePrint Arch., page 167, 2003.
    [2] G.AtenieseandB.deMedeiros.Onthekeyexposureprobleminchameleonhashes. In C. Blundo and S. Cimato, editors, Security in Communication Networks, 4th International Conference, SCN 2004, Amalfi, Italy, September 8-10, 2004, Revised Selected Papers, volume 3352 of Lecture Notes in Computer Science, pages 165– 179. Springer, 2004.
    [3] T. Attema and R. Cramer. Compressed ς-protocol theory and practical applica- tion to plug & play secure algorithmics. In D. Micciancio and T. Ristenpart, editors, Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17-21, 2020, Proceedings, Part III, volume 12172 of Lecture Notes in Computer Science, pages 513–543. Springer, 2020.
    [4] T. Attema, R. Cramer, and L. Kohl. A compressed ς-protocol theory for lattices. In T. Malkin and C. Peikert, editors, Advances in Cryptology - CRYPTO 2021 - 41st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, August 16-20, 2021, Proceedings, Part II, volume 12826 of Lecture Notes in Computer Science, pages 549–579. Springer, 2021.
    [5] Y. Aumann and M. O. Rabin. Authentication, enhanced security and error correct- ing codes (extended abstract). In H. Krawczyk, editor, Advances in Cryptology - CRYPTO ’98, 18th Annual International Cryptology Conference, Santa Barbara, California, USA, August 23-27, 1998, Proceedings, volume 1462 of Lecture Notes in Computer Science, pages 299–303. Springer, 1998.
    [6] C. Baum, I. Damgård, V. Lyubashevsky, S. Oechsner, and C. Peikert. More efficient commitments from structured lattice assumptions. In D. Catalano and R. D. Prisco, editors, Security and Cryptography for Networks - 11th International Conference, SCN 2018, Amalfi, Italy, September 5-7, 2018, Proceedings, volume 11035 of Lecture Notes in Computer Science, pages 368–385. Springer, 2018.
    [7] D. Cabarcas, D. Demirel, F. Göpfert, J. Lancrenon, and T. Wunderer. An uncon- ditionally hiding and long-term binding post-quantum commitment scheme. Cryp- tology ePrint Archive, Paper 2015/628, 2015. https://eprint.iacr.org/2015/ 628.
    [8] M. Campanelli and H. Khoshakhlagh. Succinct publicly-certifiable proofs (or: Can a blockchain verify a designated-verifier proof?). Cryptology ePrint Archive, Paper 2021/1618, 2021. https://eprint.iacr.org/2021/1618.
    [9] P. Chaidos and G. Couteau. Efficient designated-verifier non-interactive zero- knowledge proofs of knowledge. In J. B. Nielsen and V. Rijmen, editors, Advances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29 - May 3, 2018 Proceedings, Part III, volume 10822 of Lecture Notes in Computer Science, pages 193–221. Springer, 2018.
    [10] X.Chen,G.Chen,F.Zhang,B.Wei,andY.Mu.Identity-baseduniversaldesignated verifier signature proof system. Int. J. Netw. Secur., 8(1):52–58, 2009.
    [11] J.ChoiandS.Jung.Ahandoverauthenticationusingcredentialsbasedonchameleon hashing. IEEE Communications Letters, 14(1):54–56, 2010.
    [12] I. Damgard, T. Pedersen, and B. Pfitzmann. Statistical secrecy and multibit commit- ments. IEEE Transactions on Information Theory, 44(3):1143–1151, 1998.
    [13] A. De Santis, S. Micali, and G. Persiano. Non-interactive zero-knowledge proof systems. In C. Pomerance, editor, Advances in Cryptology — CRYPTO ’87, pages 52–72, Berlin, Heidelberg, 1988. Springer Berlin Heidelberg.
    [14] L. Fan, C. Xu, and J. Li. Deniable authentication protocol based on deffie-hellman algorithm. Electronics letters, 38(14):1, 2002.
    [15] D. Gabay, K. Akkaya, and M. Cebe. A privacy framework for charging connected electric vehicles using blockchain and zero knowledge proofs. In 2019 IEEE 44th LCN Symposium on Emerging Topics in Networking (LCN Symposium), pages 66– 73, 2019.
    [16] R. Gennaro, D. Micciancio, and T. Rabin. An efficient non-interactive statisti- cal zero-knowledge proof system for quasi-safe prime products. Cryptology ePrint Archive, Paper 1998/008, 1998. https://eprint.iacr.org/1998/008.
    [17] O. Goldreich and E. Kushilevitz. A perfect zero-knowledge proof for a problem equivalent to discrete logarithm. In S. Goldwasser, editor, Advances in Cryptology - CRYPTO ’88, 8th Annual International Cryptology Conference, Santa Barbara, California, USA, August 21-25, 1988, Proceedings, volume 403 of Lecture Notes in Computer Science, pages 57–70. Springer, 1988.
    [18] S. Goldwasser, S. Micali, and C. Rackoff. The knowledge complexity of interac- tive proof-systems. In Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing, STOC ’85, page 291–304, New York, NY, USA, 1985. Association for Computing Machinery.
    [19] S. Guo, D. Zeng, and Y. Xiang. Chameleon hashing for secure and privacy-preserving vehicular communications. IEEE Transactions on Parallel and Distributed Systems, 25(11):2794–2803, 2014.
    [20] S. Halevi and S. Micali. Practical and provably-secure commitment schemes from collision-free hashing. In N. Koblitz, editor, Advances in Cryptology — CRYPTO ’96, pages 201–215, Berlin, Heidelberg, 1996. Springer Berlin Heidelberg.
    [21] M. Jakobsson, K. Sako, and R. Impagliazzo. Designated verifier proofs and their applications. In U. Maurer, editor, Advances in Cryptology — EUROCRYPT ’96, pages 143–154, Berlin, Heidelberg, 1996. Springer Berlin Heidelberg.
    [22] H. Krawczyk and T. Rabin. Chameleon hashing and signatures. Cryptology ePrint Archive, Report 1998/010, 1998. https://ia.cr/1998/010.
    [23] W.-B. Lee, C.-C. Wu, and W.-J. Tsaur. A novel deniable authentication protocol using generalized elgamal signature scheme. Information Sciences, 177(6):1376– 1381, 2007.
    [24] V. Lyubashevsky. Lattice signatures without trapdoors. In D. Pointcheval and T. Jo- hansson, editors, Advances in Cryptology – EUROCRYPT 2012, pages 738–755, Berlin, Heidelberg, 2012. Springer Berlin Heidelberg.
    [25] V. Lyubashevsky, N. K. Nguyen, and M. Plançon. Lattice-based zero-knowledge proofs and applications: Shorter, simpler, and more general. IACR Cryptol. ePrint Arch., page 284, 2022.
    [26] F. Martín-Fernández, P. Caballero-Gil, and C. Caballero-Gil. Authentication based on non-interactive zero-knowledge proofs for the internet of things. Sensors, 16(1):75, 2016.
    [27] D. Micciancio and S. Goldwasser. Complexity of Lattice Problems: a cryptographic perspective, volume 671 of The Kluwer International Series in Engineering and Computer Science. Kluwer Academic Publishers, Boston, Massachusetts, Mar. 2002.
    [28] P. Mohassel. One-time signatures and chameleon hash functions. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography, pages 302– 319, Berlin, Heidelberg, 2011. Springer Berlin Heidelberg.
    [29] S. Panja and B. K. Roy. A secure end-to-end verifiable e-voting system using zero knowledge based blockchain. Cryptology ePrint Archive, Paper 2018/466, 2018. https://eprint.iacr.org/2018/466.
    [30] C. Peikert and V. Vaikuntanathan. Noninteractive statistical zero-knowledge proofs for lattice problems. In D. Wagner, editor, Advances in Cryptology – CRYPTO 2008, pages 536–553, Berlin, Heidelberg, 2008. Springer Berlin Heidelberg.
    [31] G. Persiano and I. Visconti. On non-interactive zero-knowledge proofs of knowl- edge in the shared random string model. In R. Královič and P. Urzyczyn, editors, Mathematical Foundations of Computer Science 2006, pages 753–764, Berlin, Hei- delberg, 2006. Springer Berlin Heidelberg.
    [32] C. P. Schnorr. Efficient identification and signatures for smart cards. In G. Brassard, editor, Advances in Cryptology — CRYPTO’ 89 Proceedings, pages 239–252, New York, NY, 1990. Springer New York.
    [33] P. W. Shor. Polynomial-time algorithms for prime factorization and discrete loga- rithms on a quantum computer. SIAM Review, 41(2):303–332, 1999.
    [34] H. Tian, X. Chen, and Z. Jiang. Non-interactive deniable authentication protocols. In C. Wu, M. Yung, and D. Lin, editors, Information Security and Cryptology - 7th International Conference, Inscrypt 2011, Beijing, China, November 30 - December 3, 2011. Revised Selected Papers, volume 7537 of Lecture Notes in Computer Science, pages 142–159. Springer, 2011.
    [35] B. Wang. A non-interactive deniable authentication scheme based on designated verifier proofs. IACR Cryptol. ePrint Arch., page 159, 2008.
    [36] C. Wu, L. Ke, and Y. Du. Quantum resistant key-exposure free chameleon hash and applications in redactable blockchain. Inf. Sci., 548:438–449, 2021.
    [37] K. Xagawa and K. Tanaka. Zero-knowledge protocols for ntru: Application to iden- tification and proof of plaintext knowledge. In J. Pieprzyk and F. Zhang, editors, Provable Security, pages 198–213, Berlin, Heidelberg, 2009. Springer Berlin Hei- delberg.
    [38] X.Xie,R.Xue,andM.Wang.Zeroknowledgeproofsfromring-lwe.InM.Abdalla, C. Nita-Rotaru, and R. Dahab, editors, Cryptology and Network Security, pages 57– 73, Cham, 2013. Springer International Publishing.
    [39] H. Zhu. A simplified deniable authentication scheme in cloud-based pay-tv system with privacy protection. Int. J. Commun. Syst., 32(11), 2019.

    下載圖示
    QR CODE