支援零知識查詢的集合封存方案

Chien-Lin Chen; 陳建霖

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/45954

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	呂學一(Hsueh-I Lu)
dc.contributor.author	Chien-Lin Chen	en
dc.contributor.author	陳建霖	zh_TW
dc.date.accessioned	2021-06-15T04:49:44Z	-
dc.date.available	2012-08-06
dc.date.copyright	2010-08-06
dc.date.issued	2010
dc.date.submitted	2010-08-02
dc.identifier.citation	[1] A. Buldas, P. Laud, and H. Lipmaa. Eliminating counterevidence with applications to accountable certi cate management. Journal of Computer Security, 10(3):273-296, 2002. [2] D. Catalano, Y. Dodis, and I. Visconti. Mercurial commitments: Minimal assumptions and e cient constructions. In Proceedings of the 3rd Theory of Cryptography Conference, pages 120-144, 2006. [3] D. Catalano, D. Fiore, and M. Messina. Zero-knowledge sets with short proofs. In Proceedings of the 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, pages 433-450, 2008. [4] M. Chase, A. Healy, A. Lysyanskaya, T. Malkin, and L. Reyzin. Mercurial commitments with applications to zero-knowledge sets. In Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, pages 125-142, 2005. [5] W. Ford. A public key infrastructure for U.S. government unclassi ed but sensitive applications. Technical report, National Institute of Standards and Technology, 1995. [6] R. Gennaro and S. Micali. Independent zero-knowledge sets. In Proceedings of the 33rd International Colloquium on Automata, Languages and Programming, pages 34-45, 2006. [7] O. Goldreich. Theoretical Foundations of Cryptography, volume 1. Cambridge University Press, 2001. [8] P. Kocher. On certi cate revocation and validation. In Proceedings of the 2nd International Conference on Financial Cryptography, pages 172-177, 1998. [9] M. Liskov. Updatable zero-knowledge databases. In Proceedings of the 11th International Conference on the Theory and Application of Cryptology and Information Security Advances in Cryptology, pages 174-198, 2005. [10] S. Micali, M. Rabin, and J. Kilian. Zero-knowledge sets. In Proceedings of the 44th IEEE Symposium on Foundations of Computer Science, pages 80-91, 2003. [11] M. Naor and K. Nissim. Certi cate revocation and certi cate update. IEEE Journal on Selected Areas in Communications, 18:561-570, 2000. [12] R. Ostrovsky, C. Racko , and A. Smith. E cient consistency proofs for generalized queries on a committed database. In Proceedings of the 31st International Colloquium on Automata, Languages and Programming, pages 1041-1053, 2004. [13] T. Pedersen. Non-interactive and information-theoretic secure veri able secret sharing. In Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, volume 576, pages 129-140, 1991.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/45954	-
dc.description.abstract	在離散對數問題很難在多項式時間解決的假設下，Micali, Rabin, 和Kilian 三位作者提供了一個零知識的集合封存法，此集合是由有限個字串所組成。事先給定一個公開且夠隨機的字串，此集合封存法以非交談式的方法運作如下：證明者先將他的集合在多項式時間內封存起來，並且公開一個字串以代表此集合。之後證明者可根據驗證者所提出的問題對於某字串在或不在集合中給出證明，驗證者可以根據事先給定的字串以及公開的字串來驗證證明者給出的證明是否正確。此三位作者的集合封存法有一個很好的性質是驗證者無法根據證明者給出的證明計算出他本來在多項式時間內算不出來的資訊。 Micali 等作者提供的方法不能直接推廣到一段範圍的查詢，Ostrovsky, Racko , 和 Smith 三位作者提供另一種集合封存法來處理這類型的查詢並將每個字串皆視為某個正整數。此推廣犧牲的是在證明過程中驗證者會得知此集合的正整數個數，並且是交談式的證明法。除此之外，此集合封存法仍然讓驗證者無法根據證明者給出的證明計算出他本來在多項式時間內算不出來的資訊。在這篇論文中，我們對Ostrovsky 等作者的結果再加以延伸，因此，我們的集合封存法仍然是交談式的證明法且驗證者會得知此集合的正整數個數。然而我們提供了更多的問題可以查詢，包括了加法、減法與乘法的查詢，且仍然讓驗證者無法根據證明者給出的證明計算出他本來在多項式時間內算不出來的資訊。	zh_TW
dc.description.provenance	Made available in DSpace on 2021-06-15T04:49:44Z (GMT). No. of bitstreams: 1 ntu-99-R96922115-1.pdf: 788290 bytes, checksum: bc6aee646677806c55c63d49179b5b5e (MD5) Previous issue date: 2010	en
dc.description.tableofcontents	Acknowledgements i Chinese Abstract ii English Abstract iii List of Tables vi 1 Introduction 1 1.1 Related work . . . . . . . . . . . . . . . . . . . 3 2 Preliminary 5 3 The First Construction of Commitment Scheme Z1 for sets 9 3.1 Our construction for keygen in Z1 .. . . . . . . . . 9 3.2 The interaction between P and V in Z1 . . . . . . . . . . . . . . . . . . . 10 4 Proof of the lemmas for Z1 14 4.1 Proof of Lemma 3.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.2 Proof of Lemma 3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.3 Completeness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.4 Soundness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 4.5 size-\|S\|-zero-knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 5 Proof of Theorem 1.1 20 6 The Second Construction of Commitment Scheme Z2 for sets 21 6.1 Explict-Hash Merkle Trees . . . . . . . . . . . . . . . . . . . . . . . . . . 21 6.2 Our construction for keygen in Z2 . . . . . . . . . . . . . . . . . 22 6.3 The interaction between P and V in Z2 . . . . . . . . . . . . . . . . . . . 23 7 Proof of the lemmas for Z2 26 7.1 Completeness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 7.2 Soundness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 7.3 polysize-k-zero-knowledge . . . . . . . . . . . . . . . . . . . . . . . . . . 32 8 Proof of Theorem 1.2 33 9 Conclusion 34 Bibliography 35
dc.language.iso	zh-TW
dc.subject	離散對數問題	zh_TW
dc.subject	零知識查詢	zh_TW
dc.subject	zero-knowledge sets	en
dc.subject	commitment scheme	en
dc.title	支援零知識查詢的集合封存方案	zh_TW
dc.title	Set Commitment Schemes with Zero Knowledge Queries	en
dc.type	Thesis
dc.date.schoolyear	98-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	高明達(Ming-Tat Ko),王大為(Da-Wei Wang)
dc.subject.keyword	離散對數問題,零知識查詢,	zh_TW
dc.subject.keyword	commitment scheme,zero-knowledge sets,	en
dc.relation.page	36
dc.rights.note	有償授權
dc.date.accepted	2010-08-03
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	資訊工程學研究所	zh_TW
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-99-1.pdf 未授權公開取用	769.81 kB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。