|
Witness-indistinguishable Proof
A witness-indistinguishable proof (WIP) is a variant of a zero-knowledge proof for languages in NP. In a typical zero-knowledge proof of a statement, the prover will use a witness for the statement as input to the protocol, and the verifier will learn nothing other than the truth of the statement. In a WIP, this zero-knowledge condition is weakened, and the only guarantee is that the verifier will not be able to distinguish between provers that use different witnesses. In particular, the protocol may leak information about the set of all witnesses, or even leak the witness that was used when there is only one possible witness. Witness-indistinguishable proof systems were first introduced by Feige and Shamir. Unlike zero-knowledge proofs, they remain secure when multiple proofs are being performed in parallel. See also * Ring signature In cryptography, a ring signature is a type of digital signature that can be performed by any member of a set of users that each have keys. T ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Zero-knowledge Proof
In cryptography, a zero-knowledge proof (also known as a ZK proof or ZKP) is a protocol in which one party (the prover) can convince another party (the verifier) that some given statement is true, without conveying to the verifier any information ''beyond'' the mere fact of that statement's truth. The intuition underlying zero-knowledge proofs is that it is trivial to prove possession of the relevant information simply by revealing it; the hard part is to prove this possession without revealing this information (or any aspect of it whatsoever). In light of the fact that one should be able to generate a proof of some statement ''only'' when in possession of certain secret information connected to the statement, the verifier, even after having become convinced of the statement's truth, should nonetheless remain unable to prove the statement to further third parties. Zero-knowledge proofs can be interactive, meaning that the prover and verifier exchange messages according to some pro ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NP (complexity)
In computational complexity theory, NP (nondeterministic polynomial time) is a complexity class used to classify decision problems. NP is the Set (mathematics), set of decision problems for which the Computational complexity theory#Problem instances, problem instances, where the answer is "yes", have mathematical proof, proofs verifiable in polynomial time by a deterministic Turing machine, or alternatively the set of problems that can be solved in polynomial time by a nondeterministic Turing machine.''Polynomial time'' refers to how quickly the number of operations needed by an algorithm, relative to the size of the problem, grows. It is therefore a measure of efficiency of an algorithm. * NP is the set of decision problems ''solvable'' in polynomial time by a nondeterministic Turing machine. * NP is the set of decision problems ''verifiable'' in polynomial time by a deterministic Turing machine. The first definition is the basis for the abbreviation NP; "Nondeterministic alg ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Ring Signature
In cryptography, a ring signature is a type of digital signature that can be performed by any member of a set of users that each have keys. Therefore, a message signed with a ring signature is endorsed by someone in a particular set of people. One of the security properties of a ring signature is that it should be computationally infeasible to determine ''which'' of the set's members' keys was used to produce the signature. Ring signatures are similar to group signatures but differ in two key ways: first, there is no way to revoke the anonymity of an individual signature; and second, any set of users can be used as a signing set without additional setup. Ring signatures were invented by Ron Rivest, Adi Shamir, and Yael Tauman Kalai, and introduced at ASIACRYPT in 2001. The name, ''ring signature'', comes from the ring-like structure of the signature algorithm. Definition Suppose that a set of entities each have public/private key pairs, (''P''1, ''S''1), (''P''2, ''S''2), ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
