Designated-Verifier Anonymous Credential for Identity Management in Decentralized Systems

Most of the existing identity management is the centralized architecture that has to validate, certify, and manage identity in a centralized approach by trusted authorities. Decentralized identity is causing widespread public concern because it enables to give back control of identity to clients, and the client then has the ability to control when, where, and with whom they share their credentials. A decentralized solution atop on blockchain will bypass the centralized architecture and address the single point of the failure problem. To our knowledge, blockchain is an inherited pseudonym but it cannot achieve anonymity and auditability directly. In this paper, we approach the problem of decentralized identity management starting from the designated-verifier anonymous credential (DVAC in short). DVAC would assist to build a new practical decentralized identity management with anonymity and auditability. Apart from the advantages of the conventional anonymous credential, the main advantage of the proposed DVAC atop blockchain is that the issued cryptographic token will be divided into shares at the issue phase and will be combined at the showing credential phase. Further, the smooth projective hash function ( SPHF in short) is regarded as a designated-verifier zero-knowledge proof system. Thus, we introduce the SPHF to achieve the designated verifiability without compromising the privacy of clients. Finally, the security of the proposed DVAC is proved along with theoretical and experimental evaluations.

Download Full-text

Side-Channel Protections for Picnic Signatures

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i4.239-282 ◽

2021 ◽

pp. 239-282

Author(s):

Diego F. Aranha ◽

Sebastian Berndt ◽

Thomas Eisenbarth ◽

Okan Seker ◽

Akira Takahashi ◽

...

Keyword(s):

Hash Function ◽

Proof System ◽

Side Channel ◽

Side Channel Attacks ◽

Zero Knowledge ◽

Signature Schemes ◽

First Order ◽

The Third ◽

Zero Knowledge Proof

We study masking countermeasures for side-channel attacks against signature schemes constructed from the MPC-in-the-head paradigm, specifically when the MPC protocol uses preprocessing. This class of signature schemes includes Picnic, an alternate candidate in the third round of the NIST post-quantum standardization project. The only previously known approach to masking MPC-in-the-head signatures suffers from interoperability issues and increased signature sizes. Further, we present a new attack to demonstrate that known countermeasures are not sufficient when the MPC protocol uses a preprocessing phase, as in Picnic3.We overcome these challenges by showing how to mask the underlying zero-knowledge proof system due to Katz–Kolesnikov–Wang (CCS 2018) for any masking order, and by formally proving that our approach meets the standard security notions of non-interference for masking countermeasures. As a case study, we apply our masking technique to Picnic. We then implement different masked versions of Picnic signing providing first order protection for the ARM Cortex M4 platform, and quantify the overhead of these different masking approaches. We carefully analyze the side-channel risk of hashing operations, and give optimizations that reduce the CPU cost of protecting hashing in Picnic by a factor of five. The performance penalties of the masking countermeasures ranged from 1.8 to 5.5, depending on the degree of masking applied to hash function invocations.

Download Full-text

An access control model for the Internet of Things based on zero-knowledge token and blockchain

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-01986-4 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Lihua Song ◽

Xinran Ju ◽

Zongke Zhu ◽

Mengchen Li

Keyword(s):

Internet Of Things ◽

Access Control ◽

Single Point ◽

Control Model ◽

Third Party ◽

Security Level ◽

Zero Knowledge ◽

Access Control Model ◽

Test Analysis ◽

Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

Download Full-text

A zero-knowledge-proof-based digital identity management scheme in blockchain

Computers & Security ◽

10.1016/j.cose.2020.102050 ◽

2020 ◽

Vol 99 ◽

pp. 102050 ◽

Cited By ~ 1

Author(s):

Xiaohui Yang ◽

Wenjie Li

Keyword(s):

Identity Management ◽

Digital Identity ◽

Zero Knowledge ◽

Management Scheme ◽

Zero Knowledge Proof ◽

Digital Identity Management

Download Full-text

Attack against a batch zero-knowledge proof system

IET Information Security ◽

10.1049/iet-ifs.2011.0290 ◽

2012 ◽

Vol 6 (1) ◽

pp. 1 ◽

Cited By ~ 1

Author(s):

K. Peng

Keyword(s):

Proof System ◽

Zero Knowledge ◽

Zero Knowledge Proof

Download Full-text

A Survey of Noninteractive Zero Knowledge Proof System and Its Applications

The Scientific World JOURNAL ◽

10.1155/2014/560484 ◽

2014 ◽

Vol 2014 ◽

pp. 1-7 ◽

Cited By ~ 4

Author(s):

Huixin Wu ◽

Feng Wang

Keyword(s):

Research Progress ◽

Proof System ◽

Future Research ◽

Zero Knowledge ◽

Basic Principles ◽

Research Directions ◽

Future Research Directions ◽

Np Problems ◽

Important Branch ◽

Zero Knowledge Proof

Zero knowledge proof system which has received extensive attention since it was proposed is an important branch of cryptography and computational complexity theory. Thereinto, noninteractive zero knowledge proof system contains only one message sent by the prover to the verifier. It is widely used in the construction of various types of cryptographic protocols and cryptographic algorithms because of its good privacy, authentication, and lower interactive complexity. This paper reviews and analyzes the basic principles of noninteractive zero knowledge proof system, and summarizes the research progress achieved by noninteractive zero knowledge proof system on the following aspects: the definition and related models of noninteractive zero knowledge proof system, noninteractive zero knowledge proof system of NP problems, noninteractive statistical and perfect zero knowledge, the connection between noninteractive zero knowledge proof system, interactive zero knowledge proof system, and zap, and the specific applications of noninteractive zero knowledge proof system. This paper also points out the future research directions.

Download Full-text

Latest Research Progress on Non-interactive Zero Knowledge Proof System

Information Technology Journal ◽

10.3923/itj.2013.4114.4121 ◽

2013 ◽

Vol 12 (17) ◽

pp. 4114-4121

Author(s):

Wu Huixin ◽

Wang Feng ◽

Mo Duo

Keyword(s):

Research Progress ◽

Proof System ◽

Zero Knowledge ◽

Zero Knowledge Proof

Download Full-text

Introducing proxy zero-knowledge proof and utilization in anonymous credential systems

Security and Communication Networks ◽

10.1002/sec.543 ◽

2012 ◽

Vol 6 (2) ◽

pp. 161-172

Author(s):

Hoda Jannati ◽

Mahmoud Salmasizadeh ◽

Javad Mohajeri ◽

Amir Moradi

Keyword(s):

Zero Knowledge ◽

Anonymous Credential ◽

Zero Knowledge Proof

Download Full-text

A zero-knowledge proof system for OpenLibra

10.1145/3491086.3492469 ◽

2021 ◽

Author(s):

Patrick Biel ◽

Shiquan Zhang ◽

Hans-Arno Jacobsen

Keyword(s):

Proof System ◽

Zero Knowledge ◽

Zero Knowledge Proof

Download Full-text

MPC-in-Multi-Heads: A Multi-Prover Zero-Knowledge Proof System

10.1007/978-3-030-88428-4_17 ◽

2021 ◽

pp. 332-351

Author(s):

Hongrui Cui ◽

Kaiyi Zhang ◽

Yu Chen ◽

Zhen Liu ◽

Yu Yu

Keyword(s):

Proof System ◽

Zero Knowledge ◽

Zero Knowledge Proof

Download Full-text

Non-interactive zero-knowledge proof scheme from RLWE-based key exchange

PLoS ONE ◽

10.1371/journal.pone.0256372 ◽

2021 ◽

Vol 16 (8) ◽

pp. e0256372

Author(s):

Shaofen Xie ◽

Wang Yao ◽

Faguo Wu ◽

Zhiming Zheng

Keyword(s):

Hash Function ◽

Key Exchange ◽

Public Key ◽

Public Key Encryption ◽

Zero Knowledge ◽

Proof Schemes ◽

Proof Scheme ◽

Verification Time ◽

Public Verification ◽

Zero Knowledge Proof

Lattice-based non-interactive zero-knowledge proof has been widely used in one-way communication and can be effectively applied to resist quantum attacks. However, lattice-based non-interactive zero-knowledge proof schemes have long faced and paid more attention to some efficiency issues, such as proof size and verification time. In this paper, we propose the non-interactive zero-knowledge proof schemes from RLWE-based key exchange by making use of the Hash function and public-key encryption. We then show how to apply the proposed schemes to achieve the fixed proof size and rapid public verification. Compared with previous approaches, our schemes can realize better effectiveness in proof size and verification time. In addition, the proposed schemes are secure from completeness, soundness, and zero-knowledge.

Download Full-text