Zero-Knowledge Arguments for Subverted RSA Groups

CryptoDB

Zero-Knowledge Arguments for Subverted RSA Groups

Authors:	Dimitris Kolonelos , IMDEA Software Institute & Universidad Politécnica de Madrid Mary Maller , Ethereum Foundation Mikhail Volkhov , The University of Edinburgh
Download:	DOI: 10.1007/978-3-031-31371-4_18 Search ePrint Search Google
Presentation:	Slides
Conference:	PKC 2023
Abstract:	This work investigates zero-knowledge protocols in subverted RSA groups where the prover can choose the modulus and where the verifier does not know the group order. We introduce a novel technique for extracting the witness from a general homomorphism over a group of unknown order that does not require parallel repetitions. We then present a NIZK range proof for general homomorphisms as Paillier encryptions in the designated verifier model that works under a subverted setup. The key ingredient of our proof is a constant sized NIZK proof of knowledge for a plaintext. Security is proven in the ROM assuming an IND-CPA additively homomorphic encryption scheme. The verifier's public key can be maliciously generated and is reusable and linear in the number of proofs to be verified.

BibTeX

@inproceedings{pkc-2023-32807,
  title={Zero-Knowledge Arguments for Subverted RSA Groups},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-31371-4_18},
  author={Dimitris Kolonelos and Mary Maller and Mikhail Volkhov},
  year=2023
}

International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Zero-Knowledge Arguments for Subverted RSA Groups

BibTeX

International Association for Cryptologic Research

International Associationfor Cryptologic Research

CryptoDB

Zero-Knowledge Arguments for Subverted RSA Groups

BibTeX

International Association
for Cryptologic Research