Unifying Zero-knowledge Proofs of Knowledge
Ueli Maurer
We present a simple zero-knowledge proof of knowledge protocol of which many protocols in the literature are instantiations. These include Schnorr's protocol for proving knowledge of a discrete logarithm, the Fiat-Shamir and Guillou-Quisquater protocols for proving knowledge of a modular root, protocols for proving knowledge of representations (like Okamoto's protocol), protocols for proving equality of secret values, a protocol for proving the correctness of a Diffie-Hellman key, protocols for proving the multiplicative relation of three commitments (as required in secure multi-party computation), and protocols used in credential systems. This shows that a single simple treatment (and proof), at a high level of abstraction, can replace the individual previous treatments. Moreover, one can devise new instantiations of the protocol.
BibTeX Citation
@inproceedings{Maurer09,
author = {Ueli Maurer},
title = {Unifying Zero-knowledge Proofs of Knowledge},
editor = {B. Preneel},
booktitle = {Advances in Cryptology - AfricaCrypt 2009},
series = {Lecture Notes in Computer Science},
year = {2009},
month = {6},
publisher = {Springer-Verlag},
}