Font Size: a A A

The Study Of Perfect Non-revelation Bit Commitment Protocol And Undeniable Signature Scheme

Posted on:2009-08-23Degree:MasterType:Thesis
Country:ChinaCandidate:N CengFull Text:PDF
GTID:2178360272480756Subject:Computer software and theory
Abstract/Summary:PDF Full Text Request
A Zero-knowledge proof allows one person to convince another person of a statement, without revealing anything other than the veracity of the statement. As a powerful tool for constructing secure cryptographic protocol, zero-knowledge proof is widely applied in cryptology domain, especially in identity authentication and digital signature.Since Blum firstly proposed the concept of bit commitment[1] in 1982, it has already become an active domain in cryptology research. The cryptology scientist pointed out that if there exitst a secure encryption scheme then every NP language has a zero-knowledge proof[2]. The encryption scheme here essentially is the bit commitment scheme. The bit commitment protocol is the important sub-protocol in constructing zero-knowledge proof. Not only that, the type of it immediately influences the zero-knowledge type of zero-knowledge proof which is constructed by it.Undeniable digital signature is the conception that is related to Zero-knowledge proof. In undeniable signature scheme, the receiver of a signature can't confirm the validity of the signature by himself, using a Zero-knowledge verification protocol, the signer can prove to the receiver wether the signature is ture or not. Undeniable signature can prevent the reproduction and dissemination of the signature and protect the privacy of the signer.This paper's work and research are as follows:Take several zero-knowledge proofs of identity authentication as examples to prove the completeness and soundness of them in detail, and analyze the zero-knowledge type which they can achieve. Summarize two kinds of zero-knowledge proof structures:"verifier challenging"and"verifier questioning". Under the second kind of structure, by using a bit commitment which is absolutely no revealing, it can construct a perfect zero-knowledge proof. Proposed a definition:"discrete logarithm pair collision problem", and prove that the solution difficulty is equivalent to the"discrete logarithm problem". According to the construction of zero-knowledge proof, the bit commitment protocol includes different types: perfect non-revelation, statistical non-revelation and computational non-revelation. Pointed out that the type of bit commitment determines the zero-knowledge type of upper zero-knowledge proof, while the perfect non-revelation bit commitment is the precondition for realizing the perfect zero-knowledge proof. Based on the"discrete logarithm pair collision problem", propose a new perfect non-revelation bit commitment scheme, which completely doesn't increase the probability of information revelation of upper protocol and can serve as the most perfect sub-protocol in constructing zero-knowledge proof. Through the example of zero-knowledge proof of graph three colorability (G3C) language, prove that the perfect zero-knowledge proof of NP language can be constructed according to this new perfect non-revelation bit commitment scheme.Make some improvements to the zero-knowledge undeniable digital signature scheme proposed by David Chaum. By using"cut and choice"and the newly proposed perfect non-revelation bit commitment technology, the new perfect zero-knowledge confirmation protocol and disavowal protocol can be constructed. Compared with the scheme of Chaum, under the same security rank, the required modular multiplication operations are reduced exponentially. Based the Schnorr signature and the generalized ELGamal signature, the new randomly undeniable digital signature algorithm is proposed. This algorithm eliminates the existence forge problem of former signature schemes, and repetitiously uses the former signature confirmation and disvowal agreement at the same time.
Keywords/Search Tags:Zero-knowledge proof, Perfect zero-knowledge proof, Discrete logarithm problem, Bit commitment protocol, Undeniable signature
PDF Full Text Request
Related items