Bauer, Balthazar ; Farshim, Pooya ; Harasser, Patrick ; Kohlweiss, Markulf (2024)
The Uber-Knowledge Assumption: A Bridge to the AGM.
In: Communications in Cryptology, 1 (3)
doi: 10.62056/anr-zoja5
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
The generic-group model (GGM) and the algebraic-group model (AGM) have been exceptionally successful in proving the security of many classical and modern cryptosystems. These models, however, come with standard-model uninstantiability results, raising the question whether the schemes analyzed under them can be based on firmer standard-model footing. We formulate the uber-knowledge (UK) assumption, a standard-model assumption that naturally extends the uber-assumption family to knowledge-type problems. We justify the soundness of the UK assumption in both the bilinear GGM and the bilinear AGM. Along the way we extend these models to account for hashing into groups, an adversarial capability that is available in many concrete groups---In contrast to standard assumptions, hashing may affect the validity of knowledge assumptions. These results, in turn, enable a modular approach to security in the GGM and the AGM.
As example applications, we use the UK assumption to prove knowledge soundness of Groth16 and of KZG polynomial commitments in the standard model, where for the former we reuse the existing proof in the AGM without hashing.
Note: Corrected claims that the uber-knowledge assumption implies several other knowledge assumptions, and provided formal proofs.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2024 |
| Autor(en): | Bauer, Balthazar ; Farshim, Pooya ; Harasser, Patrick ; Kohlweiss, Markulf |
| Art des Eintrags: | Bibliographie |
| Titel: | The Uber-Knowledge Assumption: A Bridge to the AGM |
| Sprache: | Englisch |
| Publikationsjahr: | 7 Oktober 2024 |
| Verlag: | IACR |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | Communications in Cryptology |
| Jahrgang/Volume einer Zeitschrift: | 1 |
| (Heft-)Nummer: | 3 |
| Kollation: | 66 Seiten |
| DOI: | 10.62056/anr-zoja5 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | The generic-group model (GGM) and the algebraic-group model (AGM) have been exceptionally successful in proving the security of many classical and modern cryptosystems. These models, however, come with standard-model uninstantiability results, raising the question whether the schemes analyzed under them can be based on firmer standard-model footing. We formulate the uber-knowledge (UK) assumption, a standard-model assumption that naturally extends the uber-assumption family to knowledge-type problems. We justify the soundness of the UK assumption in both the bilinear GGM and the bilinear AGM. Along the way we extend these models to account for hashing into groups, an adversarial capability that is available in many concrete groups---In contrast to standard assumptions, hashing may affect the validity of knowledge assumptions. These results, in turn, enable a modular approach to security in the GGM and the AGM. As example applications, we use the UK assumption to prove knowledge soundness of Groth16 and of KZG polynomial commitments in the standard model, where for the former we reuse the existing proof in the AGM without hashing. Note: Corrected claims that the uber-knowledge assumption implies several other knowledge assumptions, and provided formal proofs. |
| Freie Schlagworte: | P2 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Kryptographie und Komplexitätstheorie DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche DFG-Graduiertenkollegs DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 29 Okt 2024 13:38 |
| Letzte Änderung: | 29 Okt 2024 13:38 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum