- [Video] Elliptic Curve Cryptography橢圓曲線密碼簡介(鄧安文教授)
- [Video] Elliptic Curve Cryptography Overview
- [Video] Elliptic Curves - Computerphile
- Elliptic Curve Cryptography: finite fields and discrete logarithms
在加密空間做計算,回傳後再解密可以得到相同的答案
- 同態加密 (Part 1:簡介)
- Semantic Security (加密 100 次相同的輸入,會產生 100 種不同的密文)
- Chosen-Plaintext attacks
- 同態加密 (Part 2:Paillier cryptosystem)
- Paillier Encryption:Select Random 0 < r < N with gcd(r,N)=1
- [Video] Introduction to Homomorphic Encryption (by Pascal Paillier)
- Fully Homomorphic Encryption (FHE)
- [Video] Intro to HE from Microsoft Research
- CKKS - Approximated HE
- [Video] More topics on HE from FHE.org meetup
-
ZKDocs
- Notation(慣用數學符號的定義)
- ZK Protocols
- Schnorr's Identification protocol
- Girault's Identification protocol
-
CO6GC: Introduction to Zero-Knowledge Proofs
- Completeness
- Soundness
- Special-Soundness (or Knowledge-Soundness)
- 中文說明
-
[Course] The 9th BIU Winter School on Cryptography - Zero Knowledge
-
[Video] Intro to Zero Knowledge
- Completeness, Soundness, Efficiency
- [Video] Sigma Protocols (part1) - Benny Pinkas
-
[Video] Intro to Zero Knowledge
-
(Wiki)Proof of knowledge
- Schnorr's protocol
- Sigma (
$\Sigma$ -) protocol- three-move structure(commitment, challenge, and response)
- Range Proof
-
- ZKP (interactive) : ???
- PKI + HE (uninteractive) : Feldman's VSS
-
(Video) Concept of Commitment Schemes
- Commitment Phase (c) + Reveal Phase (m, d)
- Perfect binding and perfect hiding can't be existed together.
- e.g. Pederson Commitment
- Computationally binding + perfectly hiding
-
Feldman's VSS
- based on Shamir's secret sharing scheme combined with any homomorphic encryption scheme.
- (Video)Threshold Secret Sharing part 2- Verifiable Secret Sharing - Gilad Asharov
- 可以扺抗 (n-1)/2 malicious parties
- A tour of Verifiable Secret Sharing schemes and Distributed Key Generation protocols.
- (GitHub: Rust Code) VSS from bitrocks
- [2000 Universally Composable Security: A New Paradigm for Cryptographic Protocols]
- [2019] ILC: A Calculus for Composable, Computational Cryptography
- [2019] iUC: Flexible Universal Composability Made Simple
- [Course] Universally Composable Security: A Tutorial (by Prof. Ran Canetti in 2016)
- [Video] PriSC'20 - Universal Composability is Secure Compilation
- [Video] A Framework for Universally Composable Diffie-Hellman Key Exchange
- Provide the basic concept of UC
- 什麼是多重簽名錢包?
- MultiSig vs. ThresholdSig
- Since Bitcoin uses fixed length blocks, MultiSig transactions limit the number of transactions per block, so miners charge higher fees and perhaps more importantly may deprioritize processing MultiSig transactions during peak traffic periods.
- (Video)Introduction to Threshold Signatures in 9 Minutes
- [Video] MultiParty Computation Introduction to Threshold Signatures in 9 Minutes
- [Video Threshold Signatures - Discrete Log Based Schemes (Part 1) - Rosario Gennaro]
- Threshold BLS Signature
- Shamir's classic scheme
- BLS signature
- Interpolation in the exponent
- Threshold Schnorr signature
- Schnorr's signatures
- Feldman's VSS (Verifiable Secret Sharing)
- Distributed Key Generation (DKG)
- Pedersen's DKG
- Joint-Pedersen's DKG
- Threshold BLS Signature
- Schnorr signature
- Fiat-Shamir Transform: the hash function
- 區塊鏈替代簽名方案優劣勢對比,Schnorr簽名最適合比特幣
- SSS
- Threshold ECDSA
- Threshold EdDSA
- Schnorr Signature Scheme
- BLS Signature Scheme
- 可以節省存儲空間和傳輸帶寬,因為多個簽名和密鑰可以合併成一個。
- 可以提高系統的安全性,因為聚合簽名和聚合密鑰的驗證不依賴於單個簽名者或密鑰持有者。
- 可以實現多重交易和閾值簽名,方便使用者管理自己的資產。
