Research On Properties Of ∑-Protocol And Its Applications

Proof protocol of knowledge has become a very important research direction in cryptography and its application fields, and as a special proof protocol of knowledge,∑-protocol plays an important role in the field of cryptography and its applications.In this paper, we research the properties of∑-protocol and its applications, and obtain three fruitful results:Firstly, we carry on an investigation into the basic attributes of the∑-protocol. We prove that any∑-protocol for the relationship R has the following four characters:1) it is a witness hiding protocol if there exist at least two witnesses on R ; 2) there exists a∑-protocol on any NP statement under the assumption of the existence of one-way permutation; 3) there exist∑-protocol with computational zero-knowledge; 4)∑-protocol can be changed into zero-knowledge proof.Secondly, we construct two multi-prover zero-knowledge argument systems. But only one of provers holds the secret in the existed multi-prover zero-knowledge proof system, and other provers only jointly run a commitment scheme with the prover. So, we think that their multi-prover proof system is not a "real" multi-prover zero-knowledge proof system. We hope that each of all provers holds a share of witness instead of only one prover holds this witness. In this paper, we construct two multi-prover zero-knowledge argument systems in which all provers prove that they jointly hold a witness. It should be noted here that the main difference between proof system and argument system is the different ability of the prover.Finally, we give the definition of leakproof secret sharing scheme, and propose two leakproof secret sharing protocols by using multi-prover zero-knowledge argument of knowledge, a computational secure protocol and an information-theoretic secure protocol. In traditional secret sharing schemes, the secret K will be leaked once it has been reconstructed by any qualified subset of participants. In some sense, the qualified participants prove that they hold K by revealing it. Hence the secret K is only shared for one time. In this paper, we propose leakproof secret sharing protocol, i.e., a ( t ,n)-threshold verifiable secret sharing scheme from proof of knowledge, in which t or more participants can jointly prove that they hold the secret by using multi-prover zero-knowledge argument of knowledge, as a result, the secret K can be shared for as many times as desired.Based on the leakproof secret sharing protocol, we define and construct the group identification schemes.