In this paper,we propose an asymmetric controlled bidirectional transmission protocol.In the protocol,by using the thirteen-qubit entangled state as the quantum channel,Alice can realize the transmission of a two-qubi...In this paper,we propose an asymmetric controlled bidirectional transmission protocol.In the protocol,by using the thirteen-qubit entangled state as the quantum channel,Alice can realize the transmission of a two-qubit equatorial state for Bob and Bob can transmit a four-qubit equatorial state for Alice under the control of Charlie.Firstly,we give the construction of the quantum channel,which can be done by performing several H and CNOT operations.Secondly,through implementing the appropriate measurements and the corresponding recovery operations,the desired states can be transmitted simultaneously,securely and deterministically.Finally,we analyze the performance of the protocol,including the efficiency,the necessary operations and the classical communication costs.And then,we describe some comparisons with other protocols.Since our protocol does not require auxiliary particles and additional operations,the classic communication costs less while achieving the multi-particle bidirectional transmission,so the overall performance of the protocol is better.展开更多
The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it...The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.展开更多
Message-dependent opening is one of the solutions to solve the problem of the tracing manager owns excessive power.In this paper,we present a new lattice-based fully dynamic group signature scheme with message-depende...Message-dependent opening is one of the solutions to solve the problem of the tracing manager owns excessive power.In this paper,we present a new lattice-based fully dynamic group signature scheme with message-dependent opening by combining an improved version of the fully dynamic group signature scheme proposed by Ling et al and the double encryption paradigm.In addition,we propose an improved underlying zero knowledge protocol,it has a soundness error 1 max(n,p)+1 that is better than the Stern-like protocol,which helps to bring down the communication complexity of the protocol and hence the signature scheme.Our scheme constrains the power of group managers by adding an admitter,and the signature size has a logarithmic relationship with the group size.展开更多
The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it...The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.展开更多
Concurrent non-malleable zero-knowledge(CNMZK)considers the concurrent execution of zero-knowledge protocols in a setting even when adversaries can simultaneously corrupt multiple provers and verifiers.As far as we kn...Concurrent non-malleable zero-knowledge(CNMZK)considers the concurrent execution of zero-knowledge protocols in a setting even when adversaries can simultaneously corrupt multiple provers and verifiers.As far as we know,the round complexity of all the constructions of CNMZK arguments for NP is at least ω(log n).In this paper,we provide the first construction of a constant-round concurrent non-malleable zero-knowledge argument for every language in NP.Our protocol relies on the existence of families of collision-resistant hash functions,one-way permutations and indistinguishability obfuscators.As an additional contribution,we study the composition of two central notions in zero knowledge,the simultaneously resettable zero-knowledge and non-malleable zero-knowledge,which seemingly have stronger proved security guarantees.We give the first construction of a constant-round simultaneously-resettable non-malleable zero-knowledge.To the best of our knowledge,this is the first study to combine the two security concepts described above together in the zero-knowledge protocols.展开更多
基金Project supported by NSFC(Grant Nos.U1836205,61702040)the Major Scientific and Technological Special Project of Guizhou Province(Grant No.20183001)+2 种基金the Foundation of Guizhou Provincial Key Laboratory of Public Big Data(Grant No.2018BDKFJJ016)the Foundation of State Key Laboratory of Public Big Data(Grant No.2018BDKFJJ018)Beijing Natural Science Foundation(Grant No.4174089).
文摘In this paper,we propose an asymmetric controlled bidirectional transmission protocol.In the protocol,by using the thirteen-qubit entangled state as the quantum channel,Alice can realize the transmission of a two-qubit equatorial state for Bob and Bob can transmit a four-qubit equatorial state for Alice under the control of Charlie.Firstly,we give the construction of the quantum channel,which can be done by performing several H and CNOT operations.Secondly,through implementing the appropriate measurements and the corresponding recovery operations,the desired states can be transmitted simultaneously,securely and deterministically.Finally,we analyze the performance of the protocol,including the efficiency,the necessary operations and the classical communication costs.And then,we describe some comparisons with other protocols.Since our protocol does not require auxiliary particles and additional operations,the classic communication costs less while achieving the multi-particle bidirectional transmission,so the overall performance of the protocol is better.
基金This work was supported by National Natural Science Foundation of China(Grant No.61379141 and No.61772521)Key Research Program of Frontier Sciences,CAS(Grant No.QYZDB-SSW-SYS035),and the Open Project Program of the State Key Laboratory of Cryptology.
文摘The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.
基金the National Natural Science Foundation of China(Grant No.61932019,No.61772521,No.61772522)the Key Research Program of Frontier Sciences,CAS(Grant No.QYZDB-SSW-SYS035).
文摘Message-dependent opening is one of the solutions to solve the problem of the tracing manager owns excessive power.In this paper,we present a new lattice-based fully dynamic group signature scheme with message-dependent opening by combining an improved version of the fully dynamic group signature scheme proposed by Ling et al and the double encryption paradigm.In addition,we propose an improved underlying zero knowledge protocol,it has a soundness error 1 max(n,p)+1 that is better than the Stern-like protocol,which helps to bring down the communication complexity of the protocol and hence the signature scheme.Our scheme constrains the power of group managers by adding an admitter,and the signature size has a logarithmic relationship with the group size.
基金supported by National Natural Science Foundation of China(Grant No.61379141 and No.61772521)Key Research Program of Frontier Sciences,CAS(Grant No.QYZDB-SSW-SYS035)the Open Project Program of the State Key Laboratory of Cryptology.
文摘The group signature scheme is an important primitive in cryptography,it allows members in a group to generate signatures anonymously on behalf of the whole group.In view of the practical application of such schemes,it is necessary to allow users’registration and revocation when necessary,which makes the construction of dynamic group signature schemes become a significant direction.On the basis of(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017),we present the first full dynamic group signature scheme over ring,and under the premise of ensuring security,the efficiency of the scheme is improved mainly from the following three aspects:the size of keys,the dynamic construction of a Merkle hash tree that used to record the information of registered users,and the reuse of the leaves in this tree.In addition,the public and secret keys of both group manager and trace manager are generated by a trusted third party,which prevents the situation that the two managers generate their respective public key and secret key maliciously.Compared with the counterpart of the scheme in(Ling et al.,Lattice-based group signatures:achieving full dynamicity with ease,2017)over ring,the expected space complexity of the Merkle tree used in our work down almost by half,and the computational complexity of its update has been reduced by a notch because of the dynamic construction of the hash tree.
基金supported in part by the National Natural Science Foun-dation of China(Grant No.61772521)Key Research Program of Frontier Sciences,CAS(QYZDB-SSW-SYS035)the Open Project Program of the State Key Laboratory of Cryptology。
文摘Concurrent non-malleable zero-knowledge(CNMZK)considers the concurrent execution of zero-knowledge protocols in a setting even when adversaries can simultaneously corrupt multiple provers and verifiers.As far as we know,the round complexity of all the constructions of CNMZK arguments for NP is at least ω(log n).In this paper,we provide the first construction of a constant-round concurrent non-malleable zero-knowledge argument for every language in NP.Our protocol relies on the existence of families of collision-resistant hash functions,one-way permutations and indistinguishability obfuscators.As an additional contribution,we study the composition of two central notions in zero knowledge,the simultaneously resettable zero-knowledge and non-malleable zero-knowledge,which seemingly have stronger proved security guarantees.We give the first construction of a constant-round simultaneously-resettable non-malleable zero-knowledge.To the best of our knowledge,this is the first study to combine the two security concepts described above together in the zero-knowledge protocols.
