Abstract
Protocols are presented allowing someone with a secret discrete logarithm to release it, bit by bit, such that anyone can verify each bit’s correctness as they receive it. This new notion of release of secrets generalizes and extends that of the already known exchange of secrets protocols. Consequently, the protocols presented allow exchange of secret discrete logs between any number of parties.
The basic protocol solves an even more general problem than that of releasing a discrete log. Given any instance of a discrete log problem in a group with public group operation, the party who knows the solution can make public some interval I and convince anyone that the solution belongs to I, while releasing no additional information, such as any hint as to where in I the solution is.
This can be used directly to release a discrete log, or to transfer it securely between different groups, i.e. prove that two instances are related such that knowledge of the solution to one implies knowledge of the solution to the other.
We show how this last application can be used to implement a more efficient release protocol by transferring the given discrete log instance to a group with special properties. In this scenario, each bit of the secret can be verified by a single modular squaring, and unlike the direct use of the basic protocol, no interactive proofs are needed after the basic setup has been done.
Finally, it is shown how the basic protocol can be used to release the factorization of a public composite number.
Chapter PDF
References
Blum: “Three applications of the oblivious transfer”, Dept. of EECS, Univ. of California, Berkely, 1981.
Blum: “How to exchange (secret) keys”, ACM Transactions on Computer Systems, vol. 1, 1983, pp. 175–193.
Brassard, Chaum and Crépeau: “Minimum disclosure proofs of knowledge”, to appear.
G. Brassard, and C. Crépeau, “Zero-Knowledge Simulation of Boolean Circuits,” Presented at Crypto 86, (August 1986).
D. Chaum, “Demonstrating that a Public Predicate can be Satisfied Without Revealing Any Information About How,” Presented at Crypto 86, (August 1986).
Chaum, Damgård and van de Graaf: “Multiparty computations ensuring privacy of each party’s input and correctness of the result”, Proc. of Crypto 87.
D. Chaum, J.-H. Evertse, J. van de Graaf, and R. Peralta, “Demonstrating possession of a discrete logarithm without revealing it,” To appear in the Proceedings of Crypto 86, (August 1986).
Chaum, van de Graaf: “An improved protocol for demonstrating possession of a discrete log and some generalisations”, Proc. of Eurocrypt 87.
Fiege, Fiat and Shamir: “Zero knowledge proof of identity”, Proc. of STOC 87.
Galil, Haber and Yung: “Cryptographic Computation: Secure Fault-tolerant Protocols in the Public Key Model”, Proc. of Crypto 87.
S. Goldwasser, S. Micali, and C. Rackoff, “The Knowledge Complexity of Interactive Roof Systems,” 17th STOC (1985).
O. Goldreich, S. Micali, and A. Wigderson, “How to Prove all NP-statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design,” Presented at Crypto 86, (August 1986).
J. Gordon, “Strong primes are easy to find”, Proceedings of Eurocrypt 84.
“The cryptographic security of truncated linearly related variables,” Proc. of 17th STOC, 1985, pp. 356–362.
Luby, Micali and Rackoff: “How to simultaneously exchange a secret bit by flipping a symmetrically biased coin”, Proc. 24th FOCS, 1983, pp.11–21.
Rabin: “How to exchange secrets using oblivious transfer”, Technical memo, TR-81, Aiken Computation Lab., Harward Univ., 1981.
Vazirani and Vazirani: “Trapdoor pseudo random number generators with applications to protocol design”, Proc. 24th. FOCS, 1983, pp.23–30.
Tedrick: “How to exchange half a bit”, Proc. of Crypto 83, pp.147–151.
Tedrick: “Fair exchange of secrets”, Proc. of Crypto 84, pp.434–438.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1988 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Brickell, E.F., Chaum, D., Damgård, I.B., van de Graaf, J. (1988). Gradual and Verifiable Release of a Secret (Extended Abstract). In: Pomerance, C. (eds) Advances in Cryptology — CRYPTO ’87. CRYPTO 1987. Lecture Notes in Computer Science, vol 293. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48184-2_11
Download citation
DOI: https://doi.org/10.1007/3-540-48184-2_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-18796-7
Online ISBN: 978-3-540-48184-3
eBook Packages: Springer Book Archive