Paper 2022/853

Hashing to Prime in Zero-Knowledge

Thomas Groß, Newcastle University
Abstract

We establish a set of zero-knowledge arguments that allow for the hashing of a committed secret $a$-bit input $x$ to a committed secret $(k+1)$-bit prime number $p_x$. The zero-knowledge arguments can convince a verifier that a commitment indeed is the correctly generated prime number derived from $x$ with a soundness error probability of at most $2^{-k}+ 2^{-t}$ dependent on the number of zero-knowledge argument rounds $k$ and the number of primality bases $t$ to establish primality. Our constructions offer a range of contributions including enabling dynamic encodings for prime-based accumulator, signature and attribute-based credential schemes allowing to reduce these schemes' public key size and setup requirements considerably and rendering them extensible. While our new primality zero-knowledge arguments are of independent interest, we also show improvements on proving that a secret number is the product of two secret safe primes significantly more efficient than previously known results, with applications to setting up secure special RSA moduli.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
Keywords
Zero-knowledge proof of knowledge hash to prime special RSA modulus
Contact author(s)
thomas gross @ newcastle ac uk
History
2022-06-29: approved
2022-06-28: received
See all versions
Short URL
https://ia.cr/2022/853
License
Creative Commons Attribution-NonCommercial-NoDerivs
CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2022/853,
      author = {Thomas Groß},
      title = {Hashing to Prime in Zero-Knowledge},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/853},
      year = {2022},
      url = {https://eprint.iacr.org/2022/853}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.