Cryptology ePrint Archive: Report 2014/255

Certification and Efficient Proofs of Committed Topology Graphs

Thomas Gross

Abstract: Digital signature schemes are a foundational cryptographic building block in certification and the projection of trust. Based on a signature scheme on committed graphs, we propose a toolkit of certification and proof methods to sign committed topology graphs and to prove properties of their certificates in zero-knowledge. This toolkit allows an issuer, such as an auditor, to sign the topology representation of an infrastructure. The prover, such as an infrastructure provider, can then convince a verifier of topology properties, such as partitions, connectivity or isolation, without disclosing the structure of the topology itself. By that, we can achieve the certification of the structure of critical systems, such as infrastructure clouds or outsourced systems, while still maintaining confidentiality. We offer zero-knowledge proofs of knowledge for a general specification language of security goals for virtualized infrastructures, such that high-level security goalscan be proven over the topology certificate. Our method builds upon the Camenisch-Lysyanskaya signature scheme, is based on honest-verifier proofs and the strong RSA assumption.

Category / Keywords: public-key cryptography / Graph signatures and proofs

Date: received 10 Apr 2014, last revised 10 Apr 2014

Contact author: thomas gross at ncl ac uk

Available format(s): PDF | BibTeX Citation

Version: 20140420:152603 (All versions of this report)

Short URL: ia.cr/2014/255