Strictly-Black-Box Zero-Knowledge and Efficient Validation of Financial Transactions

Zero Knowledge Proofs (ZKPs) are one of the most striking innovations in theoretical computer science. In practice, the prevalent ZKP methods are, at times, too complicated to be useful for real-life applications. In this paper we present a practically efficient method for ZKPs which has a wide range applications. Specifically, motivated by the need to provide an upon-demand efficient validation of various financial transactions (e.g., the high-volume Internet auctions), we have developed a novel secure and highly efficient method for validating correctness of the output of a transaction while keeping input values secret. The method applies to input values which are publicly committed to by employing generic commitment functions (even input values submitted using tamper-proof hardware solely with input/ output access can be used.) We call these: strictly black box [SBB] commitments. Hence these commitments are typically much faster than public-key ones, and are the only cryptographic/ security tool we give the poly-time players, throughout. The general problem we solve in this work is: Let SLC be a publicly known staight line computation on n input values taken from a finite field and having k output values. The inputs are publicly committed to in a SBB manner. An Evaluator performs the SLC on the inputs and announces the output values. Upon demand the Evaluator, or a Prover acting on his behalf, can present to a Verifier a proof of correctness of the announced output values. This is done in a manner that (1) The input values as well as all intermediate values of the SLC remain information theoretically secret. (2) The probability that the Verifier will accept a false claim of correctness of the output values can be made exponentially small. (3) The Prover can supply any required number of proofs of correctness to multiple Verifiers. (4) The method is highly efficient. The application to financial processes is straight forward. To this end (1) we first use a novel technique for representation of values from a finite field which we call "split representation", the two coordinates of the split representation are generically committed to; (2) next, the SLC is augmented by the Prover into a "translation" which is presented to the Verifier as a sequence of generically committed split representations of values; (3) using the translation, the Prover and Verifier conduct a secrecy preserving proof of correctness of the announced SLC output values; (4) in order to exponentially reduce the probability of cheating by the Prover and also to enable multiple proofs, a novel highly efficient method for preparation of any number of committed-to split representations of the n input values is employed. The extreme efficiency of these ZK methods is of decisive importance for large volume applications. Secrecy preserving validation of announced results of Vickrey auctions is our demonstrative example.

[1]  M. Rabin,et al.  Randomized algorithms in number theory , 1985 .

[2]  Ernest F. Brickell,et al.  Gradual and Verifiable Release of a Secret , 1987, CRYPTO.

[3]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[4]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[5]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[6]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[7]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[8]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[9]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[10]  Ivan Damgård,et al.  Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments , 1997, STOC '97.

[11]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[12]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[13]  Carl Pomerance,et al.  Advances in Cryptology — CRYPTO ’87 , 2000, Lecture Notes in Computer Science.

[14]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[15]  Masayuki Abe,et al.  M+1-st Price Auction Using Homomorphic Encryption , 2002, Public Key Cryptography.

[16]  Valtteri Niemi,et al.  Secure Vickrey Auctions without Threshold Trust , 2002, Financial Cryptography.

[17]  Jan Camenisch,et al.  Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.

[18]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[19]  Mads J. Jurik,et al.  Extensions to the Paillier Cryptosystem with Applications to Cryptological Protocols , 2003 .

[20]  Jongin Lim,et al.  Information Security and Cryptology - ICISC 2003 , 2003, Lecture Notes in Computer Science.

[21]  Byoungcheon Lee,et al.  Receipt-Free Electronic Auction Schemes Using Homomorphic Encryption , 2003, ICISC.

[22]  Emmanouil Magkos,et al.  Uncoercible e-Bidding Games , 2004, Electron. Commer. Res..

[23]  Felix Brandt,et al.  How to obtain full privacy in auctions , 2006, International Journal of Information Security.

[24]  David C. Parkes,et al.  Practical secrecy-preserving, verifiably correct and trustworthy auctions , 2006, ICEC '06.

[25]  Rocco A. Servedio,et al.  Highly Efficient Secrecy-Preserving Proofs of Correctness of Computations and Applications , 2007, 22nd Annual IEEE Symposium on Logic in Computer Science (LICS 2007).

[26]  David C. Parkes,et al.  Cryptographic Combinatorial Securities Exchanges , 2009, Financial Cryptography.

[27]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[28]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.