New Results for the Practical Use of Range Proofs

Canard, Sébastien; Coisel, Iwen; Jambert, Amandine; Traoré, Jacques

doi:10.1007/978-3-642-53997-8_4

Cited by 13 publications

(16 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Yet, our set membership proof does not ask the prover (a SIM card and/or a smartphone in our setting) nor the verifier (in a specific scenario) to perform pairing computations. Our set membership proof is also more efficient and conceptually simpler than the recent one proposed by Canard et al at EuroPKI 2013 [12]. Their scheme which involves several verifiers, who share a decryption key, seems to be tailored to specific applications such as e-voting where the verifiers (tallying authorities) own such a key to open ballots.…”

Section: A New Set Membership Proofmentioning

confidence: 94%

“…The proof of knowledge of a secret x ∈ Φ consists in proving the knowledge of a (public) signature on the secret x (which will be only possible if x belongs to the set Φ) without revealing x or the used signature. Solutions in [12,13] require the prover to perform pairing computations. However, these cryptographic tools are not often convenient for many constrained platforms.…”

Section: Set Membership Proofsmentioning

confidence: 99%

See 1 more Smart Citation

A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing

Arfaoui

Lalande

Traoré

et al. 2015

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

International audienceTo ensure the privacy of users in transport systems, researchers are working on new protocols providing the best security guarantees while respecting functional requirements of transport operators. In this paper1, we design a secure NFC m-ticketing protocol for public transport that preserves users’ anonymity and prevents transport operators from tracing their customers’ trips. To this end, we introduce a new practical set-membership proof that does not require provers nor verifiers (but in a specific scenario for verifiers) to perform pairing computations. It is therefore particularly suitable for our (ticketing) setting where provers hold SIM/UICC cards that do not support such costly computations. We also propose several optimizations of Boneh-Boyen type signature schemes, which are of independent interest, increasing their performance and efficiency during NFC transactions. Our m-ticketing protocol offers greater flexibility compared to previous solutions as it enables the post-payment and the off-line validation of m-tickets. By implementing a prototype using a standard NFC SIM card, we show that it fulfils the stringent functional requirement imposed by transport operators whilst using strong security parameters. In particular, a validation can be completed in 184.25ms when the mobile is switched on, and in 266.52ms when the mobile is switched off or its battery is flat

show abstract

Section: A New Set Membership Proofmentioning

confidence: 94%

Section: Set Membership Proofsmentioning

confidence: 99%

A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing

Arfaoui

Lalande

Traoré

et al. 2015

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

show abstract

“…• Include Bulletproofs in the comparison presented in the work by Canard et al [16] and present our open source implementation [41].…”

Section: Contributionsmentioning

confidence: 99%

“…The authors also provided an efficient implementation that shows their proposal is adequate for many practical scenarios. However, this proposal was not included in the comparison by Canard et al [16], then one of the contributions of this work is to analyze how Bulletproofs compares to the other proposals. Actually, Bulletproofs is based on the decomposition of the secret into its bit representation, thus it fits the category described previously, but since it proposed a different framework for generating ZKPs, namely using PoK for inner product relations, then we considered important to separate Bulletproofs in order to give it more focus.…”

Section: Zero Knowledge Range Proofsmentioning

confidence: 99%

A survey on zero knowledge range proofs and applications

et al. 2019

View full text Add to dashboard Cite

show abstract

“…In supply chains, proving is as important as verifying, given their highly dynamic nature where large volumes of products are processed, and their updates has to be committed swiftly because they may go from one owner to another in under an hour. Proving times of [14,18,37] range between half an hour to over 3 hours for a reasonable 2 22 gate circuit.…”

Section: Related Workmentioning

confidence: 99%

Mesh: A Supply Chain Solution with Locally Private Blockchain Transactions

AlTawy

Gong²

2019

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

A major line of research on blockchains is geared towards enhancing the privacy of transactions through anonymity using generic non-interactive proofs. However, there is a good cluster of application scenarios where complete anonymity is not desirable and accountability is in fact required. In this work, we utilize non-interactive proofs of knowledge of elliptic curve discrete logarithms to present membership and verifiable encryption proof, which offers plausible anonymity when combined with the regular signing process of the blockchain transactions. The proof system requires no trusted setup, both its communication and computation complexities are linear in the number of set members, and its security relies on the discrete logarithm assumption. As a use-case for this scenario, we present Mesh which is a blockchain-based framework for supply chain management using RFIDs. Finally, the confidentiality of the transacted information is realized using a lightweight key chaining mechanism implemented on RFIDs. We formally define and prove the main security features of the protocol, and report on experiments for evaluating the performance of the modified transactions for this system.

show abstract

New Results for the Practical Use of Range Proofs

Cited by 13 publications

References 34 publications

A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing

A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing

A survey on zero knowledge range proofs and applications

Mesh: A Supply Chain Solution with Locally Private Blockchain Transactions

Contact Info

Product

Resources

About