1 / 14

Server-Aided Verification : Theory and Practice

Server-Aided Verification : Theory and Practice. Source: ASIACRYPT 2005, LNCS 3788, pp. 605-623 Author: Marc Girault and David Lefranc Presenter : Chun-Yen Lee. First SAV Protocols for Pairing-Based Schemes. Zhang, Safavi-Naini and Susilo ZSNS signature scheme

arne
Download Presentation

Server-Aided Verification : Theory and Practice

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Server-Aided Verification : Theory and Practice Source: ASIACRYPT 2005, LNCS 3788, pp. 605-623 Author: Marc Girault and David Lefranc Presenter: Chun-Yen Lee

  2. First SAV Protocols for Pairing-Based Schemes • Zhang, Safavi-Naini and Susilo • ZSNS signature scheme • Boneh-Boyen signature schemes

  3. First SAV Protocols for Pairing-Based Schemes • Verifier checks if • f is a public function • I : public parameters including the public key • (r, sigma): signature

  4. First SAV Protocols for Pairing-Based Schemes Verifier

  5. Proof • Auxiliary completeness. • Auxiliary soundness. • Computational gain. • Auxiliary non-repudiation.

  6. Application to the ZSNS Signature Scheme • Auxiliary completeness • Auxiliary non-repudiation • SAV construction allow the misbehaving prover to send any value . • Then, during the computation of , transmit the right value to • I is finally .

  7. Application to the ZSNS Signature Scheme • Signer • public parameters • public key U • private key x • signature • Verifier

  8. Application to the ZSNS Signature Scheme • π : ZSNS signature scheme • π* :generic protocol • :verification of the equation • : verification of the equation

  9. Application to the ZSNS Signature Scheme • Lemma 2. • Assuming • if communicating with • qH: hash oracle; qS: signing oracle • I be with a probability • q-BCAA problem (q≥qH+qS−1)

  10. Application to the ZSNS Signature Scheme • S1 • A • lH • S2 • makes a hash query • A answers wi and adds the couple (mi ,wi) inlH

  11. Application to the ZSNS Signature Scheme • S3 • A SH • makes a signing query mi • if has been queried to the hash oracle • there exists a unique couple (mi ,wi) in lH; • if ,then A fails, otherwise A answers • if has not been queried to the hash oracle • Aanswers • (mi ,hi)in lH ; hi in SH

  12. Application to the ZSNS Signature Scheme • S4 After making all the queries to the oracles • outputs a couple ( ). • If & ()is such that • A sends to the value • Otherwise, A fails and then stops • S5 Finally , answers a value • If • A the couple ( )

  13. Application to the ZSNS Signature Scheme • A end if : • 1. S3, the messages queried to the signing oracle are all different from which occurs with a probability equal to • 2.S4, If & ()is such that • 3.S5, answers a value

  14. Conclusion • 1.We have formalized the concept of a server-aided verification protocol. • 2.We have analyzed in new model. • 3.We have presented a generic SAV protocol for pairing-based schemes.

More Related