Skip to main content
Cryptography

Questions tagged [zero-knowledge-proofs]

Ask Question

Zero-knowledge proofs are an interactive method for one party to prove to another that a statement is true, without revealing anything other than the veracity of the statement.

1,194 questions
Newest Active Bountied Unanswered
4 votes
0 answers
93 views

For a standard hash function $H$ like SHA-256, one can choose a secret message $M$, compute and publish $h=H(M)$, then prove knowledge of the preimage $M$ in zero knowledge [that is without disclosing ...
fgrieu's user avatar
  • 151k
3 votes
1 answer
430 views

"In the third step of the Schnorr protocol, the prover's response takes the form $z=r+cx$. Why can't this form $z=cr+x$ work? I found these answers 1 and 2 are related to my questions However, ...
JACK GAO's user avatar
  • 55
1 vote
0 answers
80 views

I have a zero knowledge proof scheme for a blockchain and I don't know if it's truly in zero knowledge. It goes like this; I have two arrays of homomorphically encrypted values. I use homomorphic ...
Steve Mucci's user avatar
  • 385
2 votes
0 answers
79 views

In the paper Twist and Shout, page 22, there is a reduction: from what I understand, because the following equation holds: $\mathsf{Val(k,j)} = \sum\limits_{j'<j}\mathsf{Inc}(k,j')\cdot \mathsf{LT}...
Shuang's user avatar
  • 21
1 vote
0 answers
49 views

Updatable SNARKs allow anyone to update the structured reference string (SRS), providing security as long as at least one party in the update chain is honest. However, all current known constructions ...
Violet Bark's user avatar
  • 11
0 votes
1 answer
143 views

As far as I know, the difference between proof system and argument system is whether the adversary is computationally unbounded. My question is, in the definition of special soundness in Sigma ...
user109993's user avatar
  • 135
0 votes
0 answers
44 views

The prover has a secret scalar $s$, that needs to be encrypted for a receiver. But we also want to publicly verify that the secret is within a range (< 256). One scheme could be (quite possible ...
rusty's user avatar
  • 131
1 vote
2 answers
888 views

I'm new to learning about cryptography. I'd like to build a system for two people to reveal they know the same secret data, without revealing the secret to each other, or to anyone else. The idea is ...
AlexH's user avatar
  • 11

15 30 50 per page
1
2 3 4 5
80