IACR News item: 29 May 2012
Philippe Camacho
ePrint Report
We propose a protocol to exchange Boneh-Boyen short signatures in a fair way, without relying on a trusted third party. Our protocol is quite practical and is the first of the sort to the bestof our knowledge.
Our construction uses a new non-interactive zero-knowledge (NIZK) argument to prove that a commitment is the encryption of a bit vector.
We also design a NIZK argument to prove that a commitment to a bit vector $v=(b_1,b_2,...,b_\\secparam)$ is such that $\\sum_{i \\in [\\secparam]}b_i2^{i-1}=\\Blinding$ where $\\Blinding$
is the discrete logarithm of some public value $\\BasicCommitment=g^\\Blinding$.These arguments may be of independent interest.
Additional news items may be found on the IACR news page.