Short Proofs of Knowledge for Factoring

The aim of this paper is to design a proof of knowledge for the factorization of an integer n. We propose a statistical zero-knowledge protocol similar to proofs of knowledge of discrete logarithm a la Schnorr. The efficiency improvement in comparison with the previously known schemes can be compared with the difference between the Fiat-Shamir scheme and the Schnorr one. Furthermore, the proof can be made non-interactive. From a practical point of view, the improvement is dramatic: the size of such a non-interactive proof is comparable to the size of the integer n and the computational resources needed can be kept low; three modular exponentiations both for the prover and the verifier are enough to reach a high level of security.

[1]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[2]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[3]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[4]  S. Micali,et al.  Noninteractive Zero-Knowledge , 1990, SIAM J. Comput..

[5]  Gary L. Miller,et al.  Riemann's Hypothesis and tests for primality , 1975, STOC.

[6]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[7]  Moti Yung,et al.  A private interactive test of a boolean predicate a minimum-knowledge public-key cryptosystems , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[8]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[9]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’89 , 1991, Lecture Notes in Computer Science.

[10]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[11]  Carsten Lund,et al.  Practical Zero-Knowledge Proofs: Giving Hints and Using Deficiencies , 1989, EUROCRYPT.

[12]  Jacques Traoré,et al.  Efficient Publicly Verifiable Secret Sharing Schemes with Fast or Delayed Recovery , 1999, ICICS.

[13]  M. Stadler Publicly Veriiable Secret Sharing , 1996 .

[14]  Robert D. Silverman,et al.  A STATISTICAL LIMITED-KNOWLEDGE PROOF FOR SECURE RSA KEYS , 1998 .

[15]  Jacques Stern,et al.  Security Analysis of a Practical "on the fly" Authentication and Signature Generation , 1998, EUROCRYPT.

[16]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[17]  Jacques Stern,et al.  On the Length of Cryptographic Hash-Values Used in Identification Schemes , 1994, CRYPTO.

[18]  Carl Pomerance,et al.  Advances in Cryptology — CRYPTO ’87 , 2000, Lecture Notes in Computer Science.

[19]  J. Rosser,et al.  Approximate formulas for some functions of prime numbers , 1962 .

[20]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[21]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[22]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[23]  Vijay Varadharajan,et al.  Information and Communication Security , 1999, Lecture Notes in Computer Science.

[24]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1988, Journal of Cryptology.

[25]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[26]  Jeroen van de Graaf,et al.  A Simple and Secure Way to Show the Validity of Your Public Key , 1987, CRYPTO.

[27]  Leon Sterling,et al.  Meta-Level Inference and Program Verification , 1982, CADE.

[28]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[29]  Philippe Flajolet,et al.  Random Mapping Statistics , 1990, EUROCRYPT.

[30]  Jan Camenisch,et al.  Proving in Zero-Knowledge that a Number Is the Product of Two Safe Primes , 1998, EUROCRYPT.

[31]  Martin Tompa,et al.  Random self-reducibility and zero knowledge interactive proofs of possession of information , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[32]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[33]  Tal Rabin,et al.  An efficient non-interactive statistical zero-knowledge proof system for quasi-safe prime products , 1998, CCS '98.

[34]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[35]  Shafi Goldwasser,et al.  Advances in Cryptology — CRYPTO’ 88: Proceedings , 1990, Lecture Notes in Computer Science.

[36]  Andrew Odlyzko,et al.  Advances in Cryptology — CRYPTO’ 86 , 2000, Lecture Notes in Computer Science.

[37]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[38]  Ueli Maurer,et al.  Advances in Cryptology — EUROCRYPT ’96 , 2001, Lecture Notes in Computer Science.