TY - CHAP
T1 - On deniability in the common reference string and random oracle model
AU - Pass, Rafael
PY - 2003
Y1 - 2003
N2 - We revisit the definitions of zero-knowledge in the Common Reference String (CRS) model and the Random Oracle (RO) model. We argue that even though these definitions syntactically mimic the standard zero-knowledge definition, they loose some of its spirit. In particular, we show that there exist a specific natural security property that is not captured by these definitions. This is the property of deniability. We formally define the notion of deniable zero-knowledge in these models and investigate the possibility of achieving it. Our results are different for the two models: - Concerning the CRS model, we rule out the possibility of achieving deniable zero-knowledge protocols in "natural" settings where such protocols cannot already be achieved in plain model. - In the RO model, on the other hand, we construct an efficient 2-round deniable zero-knowledge argument of knowledge, that preserves both the zero-knowledge property and the proof of knowledge property under concurrent executions (concurrent zero-knowledge and concurrent proof-of knowledge).
AB - We revisit the definitions of zero-knowledge in the Common Reference String (CRS) model and the Random Oracle (RO) model. We argue that even though these definitions syntactically mimic the standard zero-knowledge definition, they loose some of its spirit. In particular, we show that there exist a specific natural security property that is not captured by these definitions. This is the property of deniability. We formally define the notion of deniable zero-knowledge in these models and investigate the possibility of achieving it. Our results are different for the two models: - Concerning the CRS model, we rule out the possibility of achieving deniable zero-knowledge protocols in "natural" settings where such protocols cannot already be achieved in plain model. - In the RO model, on the other hand, we construct an efficient 2-round deniable zero-knowledge argument of knowledge, that preserves both the zero-knowledge property and the proof of knowledge property under concurrent executions (concurrent zero-knowledge and concurrent proof-of knowledge).
UR - https://www.scopus.com/pages/publications/35248825608
U2 - 10.1007/978-3-540-45146-4_19
DO - 10.1007/978-3-540-45146-4_19
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.chapter???
AN - SCOPUS:35248825608
SN - 9783540406747
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 316
EP - 337
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
A2 - Boneh, Dan
PB - Springer Verlag
ER -