Concurrent Knowledge-Extraction in the Public-Key Model

TL;DR

This paper explores how to formally define and analyze knowledge possession in cryptographic protocols that operate concurrently over the Internet with public-keys, focusing on the concept of concurrent knowledge-extraction in the BPK model.

Contribution

It introduces a formal framework for concurrent knowledge-extraction in the BPK model, addressing the complexities of multiple simultaneous interactions.

Findings

Formalizes the notion of concurrent knowledge-extraction in the BPK model.

Analyzes the relative power of CKE in the context of CZK protocols.

Provides insights into the security guarantees of protocols under concurrency.

Abstract

Knowledge extraction is a fundamental notion, modelling machine possession of values (witnesses) in a computational complexity sense. The notion provides an essential tool for cryptographic protocol design and analysis, enabling one to argue about the internal state of protocol players without ever looking at this supposedly secret state. However, when transactions are concurrent (e.g., over the Internet) with players possessing public-keys (as is common in cryptography), assuring that entities ``know'' what they claim to know, where adversaries may be well coordinated across different transactions, turns out to be much more subtle and in need of re-examination. Here, we investigate how to formally treat knowledge possession by parties (with registered public-keys) interacting over the Internet. Stated more technically, we look into the relative power of the notion of ``concurrent knowledge-extraction'' (CKE) in the concurrent zero-knowledge (CZK) bare public-key (BPK) model.