Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [verifiability]

Verifiable encryption is an encryption scheme where one can prove some property of a message m, while the message is given in an encrypted form. When an encryption scheme is secure, the encryption E(m) should reveal no information regarding m.

98 questions
33
votes
2 answers

Formal verification in cryptography

I have seen in some places that people use formal verification and/or computer-aided verification for cryptography (tools like ProVerif, CryptoVerif, etc.). How do these approaches work?
user4936
31
votes
2 answers

How does one verify a GPG/PGP key revocation?

After revoking a key and sending the revocation to MIT's keyserver, I noticed that the key is listed as such: pub 2048R/XXXXXXXX 2011-01-01 *** KEY REVOKED *** [not verified] Who is responsible for the 'verification of the revocation'? Does the…
earthmeLon
  • 440
  • 6
  • 12
17
votes
1 answer

What is the difference between signatures and VRF?

For example we have asymmetric signature scheme(RSA or ECC based) and VRF(also can be RSA/ECC based), both of them can be verified using public key of the signer/hasher and also are unique for each message. So what is the difference?
Kesha
  • 365
  • 3
  • 8
10
votes
3 answers

Can a device prove the identity of its own code?

Say you have a computing system that has some functionality that is not in itself cryptographically secure, but you want to make sure is executed as specified, and, e.g. an adversary hasn't re-flashed the software when you weren't looking. An…
redroid
  • 209
  • 2
  • 5
9
votes
3 answers

Universally verifiable random beacon

I am developing a network where potentially many many nodes (billions, in principle?) should be able to agree on a random number. I would really prefer to avoid $O(N^2)$ procedures where everyone contributes with some randomness and then everything…
Matteo Monti
  • 1,477
  • 2
  • 14
  • 19
9
votes
1 answer

Is there a formal language to define a cryptographic protocol?

I wanted to work on a personal project where I would attempt to identify the flaws in a cryptographic protocol. Now for that to work properly, the program should understand the syntax of protocol definition (if any). So I wanted to know if there is…
Limit
  • 417
  • 4
  • 13
9
votes
1 answer

Verifiable, Distributed Secret Santa Assignments

My family was planning a secret santa and I thought about how I might write a little web app to dole out these secret assignments. But the downsides to this approach are obvious: there's no way for the users to know that I'm a) generating the…
JKnight
  • 193
  • 1
  • 5
8
votes
1 answer

Simple application of verifiable random function?

I have been reading a little bit about verifiable random functions (e.g.). In the literature, these are described as "pseudo-random functions that provide a non-interactively verifiable proof for the correctness of their output". I'm having a little…
pg1989
  • 4,736
  • 25
  • 43
7
votes
2 answers

Verifiable delay functions vs Proof of Sequential Work

I've read recent papers about verifiable delay functions (Boneh et al 2018) and proof of sequential works (Cohen et al. 2018). I understand that the core difference between the definitions is that a VDF output is required to be unique (while in PoSW…
Bartolinio
  • 247
  • 1
  • 6
6
votes
3 answers

Verify partial message given hash of full message

I need to verify partial downloads (retrieved sequentially), given a (preferably short) hash of the complete download. Given a message $m_0 \mathbin\| m_1 \mathbin\| m_2 \mathbin\| \cdots$, hash function $H$, and hash value $h = H(m_0 \mathbin\| m_1…
partialhash
  • 61
  • 3
6
votes
1 answer

Why is cryptographic model not considered formal methods?

I have just started looking at different methods for analyzing the security of cryptographic protocols. According to my reading, there are two main approaches in this area. The first approach is so-called Dolev-Yao (or formal) model, where…
Nguyen
  • 71
  • 2
6
votes
1 answer

How can 4 users generate a provable fair random number?

The past few weeks I have been trying to solve a difficult problem. I have asked some cryptography experts but unfortunately they had no clue on how to solve the problem. The situation is as follows, an online casino wants to host an online bet,…
Mathijs
  • 61
  • 3
6
votes
1 answer

Succinct verification of computation without ZKP

What the state of the art for producing quickly verifiable proofs of correct computation when your proof is allowed to leak knowledge? For context, I am inspired by Miden VM's promises: For any program executed on Miden VM, a STARK-based proof of…
Matthias
  • 63
  • 5
6
votes
2 answers

Is there anything like "Proof of Computation"?

Is there any cryptographic method for Proof Of Computation ? If i am running my program on untrusted hardware (remote server), after some time i want to verify the remote machine hasn't tampered with my program and successfully ran it for required…
fin
  • 61
  • 3
5
votes
1 answer

Is this an error in the Pinocchio Protocol paper

I am going through the Pinocchio protocol paper and I need 2 clarifications in the section Protocol 1 (Verifiable Computation from strong QAP). The part that explains the Verify process, which contains this…
Abhijit
  • 83
  • 2
1
2 3 4 5 6 7