Cryptology ePrint Archive: Report 2020/294

Public-Key Generation with Verifiable Randomness

Olivier Blazy and Patrick Towa and Damien Vergnaud

Abstract: We revisit the problem of proving that a user algorithm selected and correctly used a truly random seed in the generation of her cryptographic key. A first approach was proposed in 2002 by Juels and Guajardo for the validation of RSA secret keys. We present a new security model and general tools to efficiently prove that a private key was generated at random according to a prescribed process, without revealing any further information about the private key. In addition to formalizing randomness verifiability in key generation, which turns out to be highly non-trivial, we give a generic protocol for all key-generation algorithms based on probabilistic circuits and prove its security. We also propose a new protocol for factoring-based cryptography that we prove secure in the aforementioned model, as well as a practical instantiation. This latter relies on a new efficient zero-knowledge argument for the double discrete logarithm problem that achieves an exponential improvement in communication complexity compared to the state of the art, and is of independent interest.

Category / Keywords: public-key cryptography / Public-Key Cryptography, Randomness, Verifiability, Zero-Knowledge

Date: received 6 Mar 2020, last revised 8 Jun 2020

Contact author: olivier blazy at unilim fr,tow@zurich ibm com,patrick towa@gmail com,damien vergnaud@lip6 fr

Available format(s): PDF | BibTeX Citation

Version: 20200608:143701 (All versions of this report)

Short URL: ia.cr/2020/294


[ Cryptology ePrint archive ]