Bringing Zero-Knowledge Proofs of Knowledge to Practice

Bringing Zero-Knowledge Proofs of Knowledge to Practice

Stephan Krenn2012
A zero-knowledge proof of knowledge allows one party to convince another party that it knows a secret piece of information without revealing anything about it. Such protocols are important building blocks for many interesting higher-level cryptographic applications, such as e-voting and e-cash systems, digital signature and identification schemes, or anonymous credential systems. Unfortunately, their high computational costs, as well as long and error-prone implementation cycles, are major hurdles on their way to real-world usage. This thesis contributes to overcoming these restrictions. On the practical side, we introduce a compiler which automatically translates natural specifications of zero-knowledge proofs into concrete implementations. In addition, it generates formal proofs that the generated protocols are indeed sound. On the theoretical side, we analyze inherent efficiency limitations of igma-protocols, proving the optimality of currently known protocols. Finally, we consider zero-knowledge proofs in the Universal Composability framework. By enabling UC-compliant proofs of existence for the first time, we are able to decrease the computational complexity of many practically relevant UC-secure zero-knowledge protocols to an acceptable level.
Sign up to use