Abstract
Pass observed that universal composable zero-knowledge (UCZK) protocols in the common reference string (CRS) model, where a common reference string is selected trustily by a trusted third party and is known to all players, lose deniability that is a natural property of any ZK protocol in the plain model [33]. An open problem (or, natural query) raised in the literature is: are there any other essential security properties, other than the well-known deniability property, that could be lost by universal composable zero-knowledge in the common reference string model, in comparison with UC security in the plain model? In this work, we answer this open question (or, natural query), by showing that UCZK protocols in the CRS model could lose concurrent general composability (CGC) and proof of knowledge (POK) properties that are very important and essential security implications of UCZK in the plain model. This is demonstrated by concrete attacks.
The work described in this paper was supported in part by a grant from the Research Grants Council of the Hong Kong Special Administrative Region, China (Project Number CityU 122105) and CityU Research Grant (9380039) and 973 project of China (No. 2007CB807901).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barak, B., Prabhakaran, M., Sahai, A.: Concurrent Non-Malleable Zero-Knowledge. Cryptology ePrint Archive, Report No. 2006/355. Extended abstract appears in FOCS 2006 (2006)
Blum, M.: Coin Flipping by Telephone. In: Proc. IEEE Spring COMPCOM, pp. 133–137 (1982)
Blum, M.: How to Prove a Theorem so No One Else can Claim It. In: Proceedings of the International Congress of Mathematicians, Berkeley, California, USA, pp. 1444–1451 (1986)
Bellare, M., Goldreich, O.: On Defining Proofs of Knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)
Bellare, M., Goldreich, O.: On Probabilistic versus Deterministic Provers in the Definition of Proofs Of Knowledge. Electronic Colloquium on Computational Complexity 13(136) (2006), Available also from Cryptology ePrint Archive, Report No. 2006/359.
Canetti, R.: Universally Composable Security: A New Paradigm for Cryptographic Protocols. In: IEEE Symposium on Foundations of Computer Science, pp. 136–145 (2001)
Canetti, R.: Security and Composition of Cryptographic Protocols: A Tutorial. Distributed Computing column of SIGACT News 37(3-4) (2006), Available also from Cryptology ePrint Archive, Report 2006/465.
Canetti, R., et al.: Universally Composable Security with Global Setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61–85. Springer, Heidelberg (2007)
Canetti, R., Fischlin, M.: Universal Composable Commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001)
Canetti, R., Kushilevitz, E., Lindell, Y.: On the Limitations of Universal Composition Without Set-Up Assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 68–86. Springer, Heidelberg (2003)
Canetti, R., et al.: Universally Composable Two-Party and Multi-Party Secure Computation. In: ACM Symposium on Theory of Computing, pp. 494–503 (2002)
Canetti, R., Rabin, T.: Universal Composition with Joint State. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265–281. Springer, Heidelberg (2003)
Cramer, R.: Modular Design of Secure, yet Practical Cryptographic Protocols. PhD Thesis, University of Amsterdam (1996)
Cramer, R., Damgard, I., Schoenmakers, B.: Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)
Damgard, I.: Efficient Concurrent Zero-Knowledge in the Auxiliary String Model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 418–430. Springer, Heidelberg (2000)
Damgard, I.: Lecture Notes on Cryptographic Protocol Theory. BRICS, Aarhus University (2003)
Dolev, D., Dwork, C., Naor, M.: Non-Malleable Cryptography. SIAM Journal on Computing 30(2), 391–437 (2000), Preliminary version in ACM Symposium on Theory of Computing, pp. 542–552 (1991)
Garay, J.A., MacKenzie, P., Yang, K.: Strengthening Zero-Knowledge Protocols Using Signatures. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 177–194. Springer, Heidelberg (2003)
Goldreich, O.: Foundation of Cryptography-Basic Tools. Cambridge University Press, Cambridge (2001)
Goldreich, O., Micali, S., Wigderson, A.: Proofs that Yield Nothing but Their Validity and a Methodology of Cryptographic Protocol Design. In: IEEE Symposium on Foundations of Computer Science, pp. 174–187 (1986)
Goldreich, O., Micali, S., Wigderson, A.: How to Prove All NP-Statements in Zero-Knowledge and a Methodology of Cryptographic Protocol Design. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 171–185. Springer, Heidelberg (1987)
Goldreich, O., Micali, S., Wigderson, A.: Proofs that Yield Nothing But Their Validity or All language in \(\mathcal{NP}\) Have Zero-Knowledge Proof Systems. Journal of the Association for Computing Machinery 38(1), 691–729 (1991), Preliminary version appears in IEEE Symposium on Foundations of Computer Science, pp. 174–187 (1986), and Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 171–185. Springer, Heidelberg (1987)
Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof-Systems. In: ACM Symposium on Theory of Computing, pp. 291–304 (1985)
Goldwasser, S., Micali, S., Rivest, R.L.: A Digital Signature Scheme Secure Against Adaptive Chosen Message Attacks. SIAM Journal on Computing 17(2), 281–308 (1988)
Guillou, L., Quisquater, J.J.: A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing both Transmission and Memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988)
Hastad, J., et al.: Construction of a Pseudorandom Generator from Any One-Way Function. SIAM Journal on Computing 28(4), 1364–1396 (1999)
Katz, J.: Efficient and Non-Malleable Proofs of Plaintext Knowledge and Applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 211–228. Springer, Heidelberg (2003)
Kilian, J.: Uses of Randomness in Algorithms and Protocols. MIT Press, Cambridge (1990)
Lindell, Y.: General Composition and Universal Composability in Secure Multi-Party Computation. In: IEEE Symposium on Foundations of Computer Science, pp. 394–403 (2003)
Lindell, Y.: Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 171–189. Springer, Heidelberg (2001)
Lindell, Y.: Lower Bounds for Concurrent Self Composition. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 203–222. Springer, Heidelberg (2004)
Naor, M.: Bit Commitment Using Pseudorandomness. Journal of Cryptology 4(2), 151–158 (1991)
Pass, R.: On Deniabililty in the Common Reference String and Random Oracle Models. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 316–337. Springer, Heidelberg (2003)
Schnorr, C.: Efficient Signature Generation by Smart Cards. Journal of Cryptology 4(3), 24 (1991)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yao, A.C.C., Yao, F.F., Zhao, Y. (2007). A Note on Universal Composable Zero Knowledge in Common Reference String Model. In: Cai, JY., Cooper, S.B., Zhu, H. (eds) Theory and Applications of Models of Computation. TAMC 2007. Lecture Notes in Computer Science, vol 4484. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72504-6_42
Download citation
DOI: https://doi.org/10.1007/978-3-540-72504-6_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72503-9
Online ISBN: 978-3-540-72504-6
eBook Packages: Computer ScienceComputer Science (R0)