

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A lecture note from cs 120/ e-177: introduction to cryptography course, focusing on interactive proofs and zero-knowledge proofs. The authors, salil vadhan and alon rosen, discuss the concept of interactive proofs, which transform protocols secure against honest-but-curious adversaries into ones secure against malicious adversaries. They introduce the concept of zero-knowledge proofs, where the verifier learns nothing about the prover's input, and present an interactive proof for quadratic residuosity. The document also includes recommended readings for further study.
Typology: Study notes
1 / 3
This page cannot be seen from the preview
Don't miss anything!


CS 120/ E-177: Introduction to Cryptography
Salil Vadhan and Alon Rosen Dec. 12, 2006
Recommended Reading.
Motivation: transforming protocols secure against honest-but-curious adversaries into ones secure against malicious adversaries.
Denition 1 An NP proof system for membership in a language L is an algorithm V such that
Denition 2 An interactive proof for a language L is an interactive protocol (P, V ) such that
Complexity theory: allow P to be computationally unbounded, and study the power of interactive proofs (IP) as compared to classical proofs (NP). Cryptography: restrict to L ∈ NP, require P to be polynomial time given an NP proof, and hope for additional properties not possible with NP proofs (namely, zero knowledge)
x ∈ QR(N ) ⇔ ∃y y ∈ QR(N ) ∧ xy ∈ QR(N ) Prover cuts' by choosing random y, verierchooses' which of the two statements should be proven.
Proof system for Quadratic Residuosity, on common input (N, x):
Proposition 3 Above is an interactive proof for Quadratic Residuosity.
Proof: