NIZK (Non-interactive Zero Knowledge) Proofs of Discrete-log Equality
Chaum-Pedersen proof using Golang and Kryptology
One of my highlights of 2022, will be the time that Torben Pryds Pedersen came to talk to our students. It was such a privilidge to meet the person who had created the Pederson Commitment, and who worked with David Chaum. And so, now is the time for David and Torben‘s work on privacy to furish, and build a more trusted and private digital work.
Let’s say we have two base points on an elliptic curve (G and M), and then have two random values (k and x). If we have Y=x.G and Z=x.M, can we prove that Y and Z use the same scalar value (x)?
For this, we then use G, Y, M and Z within a Chaum-Pedersen proof [1] to provide a zero-knowledge proof that log_G(Y)==log_M(Z). This is defined as DLEQ(Z/M == Y/G) — discrete log equality. With this we can prove that the same private key has been used for x.G and x.M. We make it non-interactive, so that Victor does not have to challenge Peggy, but where Peggy can create her own challenge, and the associated proof.