Each grain must hold a charge When their volume becomes too little, they will no longer be stable & will be influenced by ambient thermal energy With current technology, this will happen around 130 Gb/in2
Peggy the prover would like to show Vic the verifier that an element is a member of the subgroup of Z n * generated by , where has order . (i.e., does k = for some k such that 0 ≤ k ≤ ?)
Peggy chooses a random j, 0 ≤ j ≤ – 1, and sends Vic j .
Vic chooses a random i = 0 or 1, and sends it to Peggy.
Peggy computes j + ik mod , and sends it to Vic.
Vic checks that j + ik = j ik = j i .
They then repeat the above steps log 2 n times.
If Vic’s final computation checks out in each round, he accepts the proof.
A value of 0 or 1 is committed to by the prover by encrypting it with a one-way function, creating a “blob”. The verifier can then “unwrap” this blob when it becomes necessary by revealing the key.
Let n = pq, where p and q are prime. Let m be a quadratic nonresidue modulo n. The values m and n are public, and the values p and q are known only to Peggy.
Peggy commits to the bit b by choosing a random x and sending Vic the blob m b x 2 .
When the time comes for Vic to check the value of the bit, Peggy simply reveals the values b and x.
Since no known polynomial-time algorithm exists for solving the quadratic residues problem modulo a composite n whose factors are unknown, hence this scheme is computationally concealing.
On the other hand, it is perfectly binding, since if it wasn’t, m would have to be a quadratic residue, a contradiction.
I am currently working with Dr. Curtis Barefoot in the NMT Mathematics Dept. on methods of applying zero-knowledge proofs to mathematical induction: Can a prover prove a theorem via induction without revealing any of the steps beyond the base case?
Possible application of methods developed by Camenisch and Michels (or maybe not?)
Blum, M., “How to Prove a Theorem So No One Else Can Claim It”, Proceedings of the International Congress of Mathematicians, Berkeley, California, 1986, pp. 1444-1451
Camenisch, J., M. Michels, “Proving in Zero-Knowledge that a Number is the Product of Two Safe Primes”, Eurocrypt ’99, J. Stern, ed., Lecture Notes in Computer Science 1592, pp. 107-122, Springer-Verlag 1999
Cramer, R., I. Dåmgard, B. Schoenmakers, “Proofs of Partial Hiding and Simplified Design of Witness Hiding Protocols”, Advances in Cryptology – CRYPTO ’94, Lecture Notes in Computer Science 839, pp. 174-187, Springer-Verlag, 1994
De Santis, A., G. di Crescenzo, G. Persiano, M. Yung, “On Monotone Formula Closure of SZK”, Proceedings of the 35 th Symposium on the Foundations of Computer Science, pp. 454-465, IEEE, 1994
Feigenbaum, J., “Overview of Interactive Proof Systems and Zero-Knowledge”, Contemporary Cryptology, G.J. Simmons, ed., pp. 423-440, IEEE Press 1992
Quisquater, J.J., L. Guillou, T. Berson, “How to Explain Zero-Knowledge Protocols to Your Children”, Advances in Cryptology - CRYPTO ’99, Lecture Notes in Computer Science 435, pp. 628-631, 1990
Be the first to comment