论文部分内容阅读
In this paper, we study ring identification schemesin the settingwhere each participant generates its public keyand maintains thecorrespondent secret key independently. The scheme isefficient as we separatesoundness and honest verifier zero-knowledge from thehardness of anyproblem. The security of the ring identificationscheme can be rigorouslyproved by simply assuming that each challenge stringis chosen uniformly atrandom by the honest verifier. This assumption isstandard and it has beenused to construct efficient honest verifier zeroknowledge proofs of knowledgewithout intractability assumptions by Cramer,Damgard, and MacKenzie already[3].