Abstract
This paper examines "batch zero-knowledge" protocols for communication- and computation-efficient proofs of propositions composed of many simple predicates. We focus specifically on batch protocols that use Cramer, Damgård, and Schoenmakers' proofs of partial knowledge framework (Crypto 1994) to prove propositions that may be true even when some of their input predicates are false. Our main result is a novel system for batch zero-knowledge arguments of knowledge and equality of k-out-of-n discrete logarithms. Along the way, we propose the first general definition for batch zero-knowledge proofs and we revisit Peng and Bao's batch zero-knowledge proofs of knowledge and equality of one-out-of-n discrete logarithms (Inscrypt 2008). Our analysis of the latter protocol uncovers a critical flaw in the security proof, and we present a practical lattice-based attack to exploit it. © 2013 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Henry, R., & Goldberg, I. (2013). Batch proofs of partial knowledge. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7954 LNCS, pp. 502–517). https://doi.org/10.1007/978-3-642-38980-1_32
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
