WEKO3
アイテム
A Note on Computationally Sound Proof in Group of Unknown Order
https://ipsj.ixsq.nii.ac.jp/records/45210
https://ipsj.ixsq.nii.ac.jp/records/452100610603e-0abb-4ccf-9dce-74c191eb76c0
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-CSEC01014006.pdf (1.0 MB)
|
Copyright (c) 2001 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | SIG Technical Reports(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2001-07-25 | |||||||
| タイトル | ||||||||
| タイトル | A Note on Computationally Sound Proof in Group of Unknown Order | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | A Note on Computationally Sound Proof in Group of Unknown Order | |||||||
| 言語 | ||||||||
| 言語 | jpn | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_18gh | |||||||
| 資源タイプ | technical report | |||||||
| 著者所属 | ||||||||
| Aarhus University | ||||||||
| 著者所属 | ||||||||
| NTT Laboratories | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Aarhus University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| NTT Laboratories | ||||||||
| 著者名 |
Ivan, Damgard
× Ivan, Damgard
|
|||||||
| 著者名(英) |
Ivan, Damgard
× Ivan, Damgard
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | Suppose we are given an Abelian group G of unknown order such as RSA group(Z/nZ)x where the group operations in G can be efficiently computed. Let g h be elements in G and let c=gx hr be a commitment to x (where the group operation is defined as the multiplication). In this paper we revisit a sound-proof-of-knowledge protocol in which the prover convinces the verifier that he knows the representation of c to base g h in G. The proof of soundness for this protocol was initially provided in [5] but we have recently found it incomplete although the protocol and its variants appear in many literatures for instance PVSS [6] group signature [3 4] and optimistic fair-exchange [2 1]. In this paper we fix a bug in [5] and prove this protocol indeed sound trying to make the setting more general and fundamental. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | Suppose we are given an Abelian group G of unknown order, such as RSA group(Z/nZ)x, where the group operations in G can be efficiently computed. Let g, h be elements in G and let c=gx hr be a commitment to x (where the group operation is defined as the multiplication). In this paper we revisit a sound-proof-of-knowledge protocol in which the prover convinces the verifier that he knows the representation of c to base g, h in G. The proof of soundness for this protocol was initially provided in [5], but we have recently found it incomplete, although the protocol and its variants appear in many literatures, for instance PVSS [6], group signature [3,4] and optimistic fair-exchange [2,1]. In this paper we fix a bug in [5] and prove this protocol indeed sound, trying to make the setting more general and fundamental. | |||||||
| 書誌レコードID | ||||||||
| 収録物識別子タイプ | NCID | |||||||
| 収録物識別子 | AA11235941 | |||||||
| 書誌情報 |
情報処理学会研究報告コンピュータセキュリティ(CSEC) 巻 2001, 号 75(2001-CSEC-014), p. 37-44, 発行日 2001-07-25 |
|||||||
| Notice | ||||||||
| SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc. | ||||||||
| 出版者 | ||||||||
| 言語 | ja | |||||||
| 出版者 | 情報処理学会 | |||||||
