Hashing to Prime in Zero-Knowledge

Thomas Groß

Paper 2022/853

Hashing to Prime in Zero-Knowledge

Thomas Groß, Newcastle University

Abstract

We establish a set of zero-knowledge arguments that allow for the hashing of a committed secret $a$ -bit input $x$ to a committed secret $(k + 1)$ -bit prime number $p_{x}$ . The zero-knowledge arguments can convince a verifier that a commitment indeed is the correctly generated prime number derived from $x$ with a soundness error probability of at most $2^{- k} + 2^{- t}$ dependent on the number of zero-knowledge argument rounds $k$ and the number of primality bases $t$ to establish primality. Our constructions offer a range of contributions including enabling dynamic encodings for prime-based accumulator, signature and attribute-based credential schemes allowing to reduce these schemes' public key size and setup requirements considerably and rendering them extensible. While our new primality zero-knowledge arguments are of independent interest, we also show improvements on proving that a secret number is the product of two secret safe primes significantly more efficient than previously known results, with applications to setting up secure special RSA moduli.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
Keywords: Zero-knowledge proof of knowledge hash to prime special RSA modulus
Contact author(s): thomas gross @ newcastle ac uk
History: 2022-06-29: approved; 2022-06-28: received; See all versions
Short URL: https://ia.cr/2022/853
License: CC BY-NC-ND

BibTeX

@misc{cryptoeprint:2022/853,
      author = {Thomas Groß},
      title = {Hashing to Prime in Zero-Knowledge},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/853},
      year = {2022},
      url = {https://eprint.iacr.org/2022/853}
}