Paper 2022/853
Hashing to Prime in Zero-Knowledge
Abstract
We establish a set of zero-knowledge arguments that allow for the hashing of a committed secret $a$-bit input $x$ to a committed secret $(k+1)$-bit prime number $p_x$. The zero-knowledge arguments can convince a verifier that a commitment indeed is the correctly generated prime number derived from $x$ with a soundness error probability of at most $2^{-k}+ 2^{-t}$ dependent on the number of zero-knowledge argument rounds $k$ and the number of primality bases $t$ to establish primality. Our constructions offer a range of contributions including enabling dynamic encodings for prime-based accumulator, signature and attribute-based credential schemes allowing to reduce these schemes' public key size and setup requirements considerably and rendering them extensible. While our new primality zero-knowledge arguments are of independent interest, we also show improvements on proving that a secret number is the product of two secret safe primes significantly more efficient than previously known results, with applications to setting up secure special RSA moduli.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
- Keywords
- Zero-knowledge proof of knowledge hash to prime special RSA modulus
- Contact author(s)
- thomas gross @ newcastle ac uk
- History
- 2022-06-29: approved
- 2022-06-28: received
- See all versions
- Short URL
- https://ia.cr/2022/853
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2022/853,
author = {Thomas Groß},
title = {Hashing to Prime in Zero-Knowledge},
howpublished = {Cryptology ePrint Archive, Paper 2022/853},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/853}},
url = {https://eprint.iacr.org/2022/853}
}
