Chida and Yamamoto propose a batch proof algorithm to enhance the performance of multiple instances of zero knowledge proof of partial knowledge. When multiple instances of zero knowledge proof of partial knowledge need to be proved simultaneously, their proof algorithm employs a batching mechanism to reduce the cost in computation and communication. Unfortunately, their batch proof algorithm is not sound and vulnerable to an attack, which completely breaks soundness of the proof. More precisely, an adversary can design the multiple partial knowledge statements in a special way such that no matter how he is challenged he can always pass the verification as a prover in the batch proof scheme while he does not have the knowledge he claims. The attack is presented and is formally illustrated to always succeed.
[1]
Byoungcheon Lee,et al.
Batch Verification for Equality of Discrete Logarithms and Threshold Decryptions
,
2004,
ACNS.
[2]
Koji Chida,et al.
Batch Processing for Proofs of Partial Knowledge and Its Applications
,
2008,
IEICE Trans. Fundam. Electron. Commun. Comput. Sci..
[3]
Ed Dawson,et al.
Batch zero-knowledge proof and verification and its applications
,
2007,
TSEC.
[4]
Ed Dawson,et al.
A Correct, Private, and Efficient Mix Network
,
2004,
Public Key Cryptography.
[5]
Ed Dawson,et al.
Batch verification of validity of bids in homomorphic e-auction
,
2006,
Comput. Commun..