Abstract
Some zero-knowledge interactive proofs (ZKIPs) have divertibility, that is, evidence of proof issued by a genuine prover, A, can be transferred to plural verifiers, B and then C, where the intermediate verifier, B, acts as A, with A’s help, to confound the other verifier C without revealing the relation between the A-B interaction and the B-C interaction. This property is a serious problem in practice, e.g. the mafia fraud attack on identification scheme and the multi-verifier attack against undeniable signatures.
This paper proposes a new concept, security against divertibility, and proves that Naor’s bit commitment function based on pseudo-random generators is secure against divertibility under the reasonable assumption. Usage of this bit commitment in ZKIP can convert a divertible ZKIP to a divertible-free-ZKIP which is secure against the mafia fraud attack and the multi-verifier attack.
Chapter PDF
Similar content being viewed by others
References
M. Burmester and Y. Desmedt, “All Languages in NP Have Divertible Zero-Knowledge Proofs and Arguments under Cryptographic Assumptions,” EUROCRYPT’90
D. Chaum, “Zero-Knowledge Undeniable Signatures,” EUROCRYPT’90
Y. Desmedt, “Subliminal-Free Authentication and Signature,” EUROCRYPT’88
D. Dolev, C. Dwork and M. Naor, “Non-Malleable Cryptography,” STOC’91
Y. Desmedt, C. Goutier and S. Bengio, “Special Uses and Abuses of the Fiat-Shamir Passport Protocol,” CRYPTO’87
Y. Desmedt and M. Yung, “Weaknesses of Undeniable Signature Schemes,” EUROCRYPT’91
A. Fiat and A. Shamir, “How to Prove Yourself,” CRYPTO’86
S. Goldwasser, S. Micali and C. Rackoff, “The Knowledge Complexity of Interactive Proof Systems,” STOC’85
O. Goldreich, S. Micali and A. Wigderson, “Proofs that Yield Nothing But their Validity and a Methodology of Cryptographic Protocol Design,” FOCS’86
J. Håstad, “Pseudo-Random Generators under Uniform Assumptions,” STOC’90
R. Impagliazzo, L. Levin and M. Ludy, “Pseudo-random generation from one-way functions,” STOC’89
T. Itoh, K. Sakurai and H. Shizuya, “Any Language in IP has a Divertible ZKIP,” ASIACRYPTO’91
M. Naor, “Bit Commitment Using Pseudo-Randomness,” CRYPTO’89
T. Okamoto and K. Ohta, “Divertible Zero-Knowledge Interactive Proofs and Commutative Random Self-Reducible,” EUROCRYPT’89
T. Okamoto and K. Ohta, “How to Utilize the Randomness of Zero-Knowledge Proofs,” CRYPTO’90
K. Ohta, T. Okamoto and A. Fujioka, “Abuses of Undeniable Signature and Their Countermeasures,” IEICE Transactions, Vol. E-74, No. 8, pp. 2109–2113, 1991
K. Ohta, T. Okamoto and A. Fujioka, “Multi-Verifier Digital Signature Scheme,” (in Japanese) Japanese Patent, File No. Toku-gan-hei 3-24856 (Feb. 19, 1991)
A. Yao, “Theory and Applications of Trapdoor Functions,” FOCS’82
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ohta, K., Okamoto, T., Fujioka, A. (1993). Secure Bit Commitment Function against Divertibility. In: Rueppel, R.A. (eds) Advances in Cryptology — EUROCRYPT’ 92. EUROCRYPT 1992. Lecture Notes in Computer Science, vol 658. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47555-9_27
Download citation
DOI: https://doi.org/10.1007/3-540-47555-9_27
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-56413-3
Online ISBN: 978-3-540-47555-2
eBook Packages: Springer Book Archive