mirror of
https://github.com/calofmijuck/blog.git
synced 2025-12-06 22:53:51 +00:00
[PUBLISHER] upload files #159
* PUSH NOTE : 09. Transport Layer Security.md * PUSH ATTACHMENT : is-09-tls-handshake.png * PUSH NOTE : 08. Public Key Infrastructure.md * PUSH ATTACHMENT : is-08-certificate-validation.png * PUSH NOTE : 07. Public Key Cryptography.md * PUSH NOTE : 06. RSA and ElGamal Encryption.md * PUSH NOTE : 05. Modular Arithmetic (2).md * PUSH NOTE : 04. Modular Arithmetic (1).md * PUSH NOTE : 03. Symmetric Key Cryptography (2).md * PUSH ATTACHMENT : is-03-feistel-function.png * PUSH ATTACHMENT : is-03-ecb-encryption.png * PUSH ATTACHMENT : is-03-cbc-encryption.png * PUSH ATTACHMENT : is-03-cfb-encryption.png * PUSH ATTACHMENT : is-03-ofb-encryption.png * PUSH ATTACHMENT : is-03-ctr-encryption.png * PUSH NOTE : 02. Symmetric Key Cryptography (1).md * PUSH NOTE : 01. Security Introduction.md * PUSH ATTACHMENT : is-01-cryptosystem.png * PUSH NOTE : 9. Public Key Encryption.md * PUSH ATTACHMENT : mc-09-ss-pke.png * PUSH NOTE : 7. Key Exchange.md * PUSH ATTACHMENT : mc-07-dhke.png * PUSH ATTACHMENT : mc-07-dhke-mitm.png * PUSH ATTACHMENT : mc-07-merkle-puzzles.png * PUSH NOTE : 6. Hash Functions.md * PUSH ATTACHMENT : mc-06-merkle-damgard.png * PUSH ATTACHMENT : mc-06-davies-meyer.png * PUSH ATTACHMENT : mc-06-hmac.png * PUSH NOTE : 5. CCA-Security and Authenticated Encryption.md * PUSH ATTACHMENT : mc-05-ci.png * PUSH ATTACHMENT : mc-05-etm-mte.png * PUSH NOTE : 4. Message Authentication Codes.md * PUSH ATTACHMENT : mc-04-mac.png * PUSH ATTACHMENT : mc-04-mac-security.png * PUSH ATTACHMENT : mc-04-cbc-mac.png * PUSH ATTACHMENT : mc-04-ecbc-mac.png * PUSH NOTE : 2. PRFs, PRPs and Block Ciphers.md * PUSH ATTACHMENT : mc-02-block-cipher.png * PUSH ATTACHMENT : mc-02-feistel-network.png * PUSH ATTACHMENT : mc-02-des-round.png * PUSH ATTACHMENT : mc-02-DES.png * PUSH ATTACHMENT : mc-02-aes-128.png * PUSH ATTACHMENT : mc-02-2des-mitm.png * PUSH NOTE : 16. The GMW Protocol.md * PUSH ATTACHMENT : mc-16-beaver-triple.png * PUSH NOTE : 13. Sigma Protocols.md * PUSH ATTACHMENT : mc-13-sigma-protocol.png * PUSH ATTACHMENT : mc-10-schnorr-identification.png * PUSH ATTACHMENT : mc-13-okamoto.png * PUSH ATTACHMENT : mc-13-chaum-pedersen.png * PUSH ATTACHMENT : mc-13-gq-protocol.png * PUSH NOTE : 12. Zero-Knowledge Proofs (Introduction).md * PUSH ATTACHMENT : mc-12-id-protocol.png * PUSH NOTE : 10. Digital Signatures.md * PUSH ATTACHMENT : mc-10-dsig-security.png * PUSH NOTE : 1. OTP, Stream Ciphers and PRGs.md * PUSH ATTACHMENT : mc-01-prg-game.png * PUSH ATTACHMENT : mc-01-ss.png * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-09-10-security-intro.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-09-11-symmetric-key-cryptography-1.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-09-18-symmetric-key-cryptography-2.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-09-25-modular-arithmetic-1.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-10-04-modular-arithmetic-2.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-10-04-rsa-elgamal.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-10-09-public-key-cryptography.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-10-16-pki.md * DELETE FILE : _posts/Lecture Notes/Internet Security/2023-10-18-tls.md * DELETE FILE : _posts/lecture-notes/internet-security/2023-10-19-public-key-encryption.md * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-01-cryptosystem.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-03-cbc-encryption.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-03-cfb-encryption.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-03-ctr-encryption.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-03-ecb-encryption.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-03-feistel-function.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-03-ofb-encryption.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-08-certificate-validation.png * DELETE FILE : assets/img/posts/Lecture Notes/Internet Security/is-09-tls-handshake.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-01-prg-game.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-01-ss.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-02-2des-mitm.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-02-DES.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-02-aes-128.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-02-block-cipher.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-02-des-round.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-02-feistel-network.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-04-cbc-mac.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-04-ecbc-mac.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-04-mac-security.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-04-mac.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-05-ci.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-05-etm-mte.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-06-davies-meyer.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-06-hmac.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-06-merkle-damgard.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-07-dhke-mitm.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-07-dhke.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-07-merkle-puzzles.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-09-ss-pke.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-10-dsig-security.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-10-schnorr-identification.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-12-id-protocol.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-13-chaum-pedersen.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-13-gq-protocol.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-13-okamoto.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-13-sigma-protocol.png * DELETE FILE : assets/img/posts/Lecture Notes/Modern Cryptography/mc-16-beaver-triple.png
This commit is contained in:
GitHub
@@ -14,9 +14,9 @@ title: 13. Sigma Protocols
|
||||
date: 2023-11-07
|
||||
github_title: 2023-11-07-sigma-protocols
|
||||
image:
|
||||
path: assets/img/posts/Lecture Notes/Modern Cryptography/mc-13-sigma-protocol.png
|
||||
path: assets/img/posts/lecture-notes/modern-cryptography/mc-13-sigma-protocol.png
|
||||
attachment:
|
||||
folder: assets/img/posts/Lecture Notes/Modern Cryptography
|
||||
folder: assets/img/posts/lecture-notes/modern-cryptography
|
||||
---
|
||||
|
||||
The previous [3-coloring example](./2023-11-02-zkp-intro.md#example-3-coloring) certainly works as a zero knowledge proof, but is quite slow, and requires a lot of interaction. There are efficient protocols for interactive proofs, we will study sigma protocols.
|
||||
@@ -27,7 +27,7 @@ The previous [3-coloring example](./2023-11-02-zkp-intro.md#example-3-coloring)
|
||||
|
||||
> **Definition.** An **effective relation** is a binary relation $\mc{R} \subset \mc{X} \times \mc{Y}$, where $\mc{X}$, $\mc{Y}$, $\mc{R}$ are efficiently recognizable finite sets. Elements of $\mc{Y}$ are called **statements**. If $(x, y) \in \mc{R}$, then $x$ is called a **witness for** $y$.
|
||||
|
||||
|
||||
|
||||
|
||||
> **Definition.** Let $\mc{R} \subset \mc{X} \times \mc{Y}$ be an effective relation. A **sigma protocol** for $\mc{R}$ is a pair of algorithms $(P, V)$ satisfying the following.
|
||||
>
|
||||
@@ -107,7 +107,7 @@ Also note that **the simulator is free to generate the messages in any convenien
|
||||
|
||||
The Schnorr identification protocol is actually a sigma protocol. Refer to [Schnorr identification protocol (Modern Cryptography)](./2023-10-26-digital-signatures.md#the-schnorr-identification-protocol) for the full description.
|
||||
|
||||
|
||||
|
||||
|
||||
> The pair $(P, V)$ is a sigma protocol for the relation $\mc{R} \subset \mc{X} \times \mc{Y}$ where
|
||||
>
|
||||
@@ -165,7 +165,7 @@ $$
|
||||
|
||||
goes as follows.
|
||||
|
||||
|
||||
|
||||
|
||||
> 1. $P$ computes random $\alpha_t, \beta_t \la \bb{Z}_q$ and sends commitment $u_t \la g^{\alpha_t}h^{\beta_t}$ to $V$.
|
||||
> 2. $V$ computes challenge $c \la \mc{C}$ and sends it to $P$.
|
||||
@@ -192,7 +192,7 @@ $$
|
||||
|
||||
goes as follows.
|
||||
|
||||
|
||||
|
||||
|
||||
> 1. $P$ computes random $\beta_t \la \bb{Z}_q$ and sends commitment $v_t \la g^{\beta_t}$, $w_t \la u^{\beta_t}$ to $V$.
|
||||
> 2. $V$ computes challenge $c \la \mc{C}$ and sends it to $P$.
|
||||
@@ -223,7 +223,7 @@ $$
|
||||
|
||||
goes as follows.
|
||||
|
||||
|
||||
|
||||
|
||||
> 1. $P$ computes random $x_t \la \bb{Z}_n^{\ast}$ and sends commitment $y_t \la x_t^e$ to $V$.
|
||||
> 2. $V$ computes challenge $c \la \mc{C}$ and sends it to $P$.
|
||||
|
||||
Reference in New Issue
Block a user