Zero-knowledge proofs of knowledge for group homomorphisms
Ueli Maurer
A simple zero-knowledge proof of knowledge protocol is presented of which many known protocols are instantiations. These include Schnorr's protocol for proving knowledge of a discrete logarithm, the Fiat-Shamir and Guillou-Quisquater protocols for proving knowledge of a modular root, protocols for proving knowledge of representations (like Okamoto's protocol), protocols for proving equality of secret values, a protocol for proving the correctness of a Diffie-Hellman key, protocols for proving the multiplicative relation of three commitments (as required in secure multi-party computation), and protocols used in credential systems. This unifies a substantial body of work and can also lead to instantiations of the protocol for new applications.
BibTeX Citation
@article{Maurer15,
author = {Ueli Maurer},
title = {Zero-knowledge proofs of knowledge for group homomorphisms},
journal = {Designs, Codes and Cryptography},
pages = 663--676,
volume = 77,
year = 2015,
}