Advertisement

Outsourcing Signatures of Confidential Documents

  • Hervé ChabanneEmail author
  • Julien Keuffer
  • Emmanuel Prouff
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11391)

Abstract

We describe an industrial case study of the application of zero-knowledge Succinct Non-interactive Argument of Knowledge techniques to enable a client to securely outsource the signature of a confidential document he owns to a digital signature provider. On the one hand, the client gets a valid standard signature of his confidential document while the signature provider learns nothing more from the document than its digest. On the other hand, the signature provider has the guarantee that the client was in possession of his message. We report implementation results to show the practicability of our ideas.

References

  1. 1.
    Ben-Sasson, E., et al.: Zerocash: decentralized anonymous payments from Bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474 (2014)Google Scholar
  2. 2.
    Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 90–108. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40084-1_6CrossRefzbMATHGoogle Scholar
  3. 3.
    Betts, M., et al.: Towards secure and legal e-tendering. J. Inf. Technol. Constr. 11, 89–102 (2006)Google Scholar
  4. 4.
    Campanelli, M., Gennaro, R., Goldfeder, S., Nizzardo, L.: Zero-knowledge contingent payments revisited: attacks and payments for services. In: Proceedings of the 2017 ACM SIGSAC, Conference on Computer and Communications Security, pp. 229–243Google Scholar
  5. 5.
    Chaum, D.: Blind signatures for untraceable payments. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology, pp. 199–203. Springer, Boston (1982).  https://doi.org/10.1007/978-1-4757-0602-4_18CrossRefGoogle Scholar
  6. 6.
    Costello, C., et al.: Geppetto: versatile verifiable computation. In: IEEE Symposium on Security and Privacy, SP 2015, pp. 253–270 (2015)Google Scholar
  7. 7.
    Du, R., Foo, E., Boyd, C., Fitzgerald, B.: Defining security services for electronic tendering. In: ACSW Frontiers 2004, Workshops, pp. 43–52 (2004)Google Scholar
  8. 8.
    Du, R., Foo, E., Nieto, J.G., Boyd, C.: Designing secure e-tendering systems. In: Katsikas, S., López, J., Pernul, G. (eds.) TrustBus 2005. LNCS, vol. 3592, pp. 70–79. Springer, Heidelberg (2005).  https://doi.org/10.1007/11537878_8CrossRefGoogle Scholar
  9. 9.
    Fournet, C., Keller, C., Laporte, V.: A certified compiler for verifiable computing. In: IEEE 29th Computer Security Foundations Symposium, CSF 2016, pp. 268–280 (2016)Google Scholar
  10. 10.
    Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626–645. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_37CrossRefGoogle Scholar
  11. 11.
    Giacomelli, I., Madsen, J., Orlandi, C.: Zkboo: Faster zero-knowledge for boolean circuits. In: 25th USENIX Security Symposium, pp. 1069–1083 (2016)Google Scholar
  12. 12.
    Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: Delegating computation: interactive proofs for muggles. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, pp. 113–122 (2008)Google Scholar
  13. 13.
    Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17373-8_19CrossRefGoogle Scholar
  14. 14.
    Ishai, Y., Kushilevitz, E., Ostrovsky, R.: Efficient arguments without short PCPs. In: 22nd Annual IEEE Conference on Computational Complexity, CCC 2007, pp. 278–291Google Scholar
  15. 15.
    Jawurek, M., Kerschbaum, F., Orlandi, C.: Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013 (2013)Google Scholar
  16. 16.
    Kosba, A., Papamanthou, C., Shi, E.: xJsnark: a framework for efficient verifiable computation. In: 2018 IEEE Symposium on Security and Privacy (SP) (2018)Google Scholar
  17. 17.
    Kosba, A.E., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: IEEE Symposium on Security and Privacy, pp. 839–858 (2016)Google Scholar
  18. 18.
    Digital signature standard (DSS): Federal Information Processing Standard 186-4, National Institute of Standards and Technology (2013)Google Scholar
  19. 19.
    Regulation No 910/2014 L257. Official Journal of the European Union (2014)Google Scholar
  20. 20.
    Parno, B., Howell, J., Gentry, C., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: 2013 IEEE Symposium on Security and Privacy, pp. 238–252 (2013)Google Scholar
  21. 21.
    Setty, S.T.V., McPherson, R., Blumberg, A.J., Walfish, M.: Making argument systems for outsourced computation practical (sometimes). In: 19th Annual Network and Distributed System Security Symposium, NDSS 2012 (2012)Google Scholar
  22. 22.
    Wahby, R.S., Setty, S.T.V., Ren, Z., Blumberg, A.J., Walfish, M.: Efficient RAM and control flow in verifiable outsourced computation. In: 22nd Annual Network and Distributed System Security Symposium, NDSS 2015 (2015)Google Scholar
  23. 23.
    Walfish, M., Blumberg, A.J.: Verifying computations without reexecuting them. Commun. ACM 58(2), 74–84 (2015)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Hervé Chabanne
    • 1
    • 2
    Email author
  • Julien Keuffer
    • 1
    • 3
  • Emmanuel Prouff
    • 4
  1. 1.IdemiaParisFrance
  2. 2.Télécom ParistechParisFrance
  3. 3.EurecomBiotFrance
  4. 4.ANSSIParisFrance

Personalised recommendations