Toggle Main Menu Toggle Search

Open Access padlockePrints

Efficient Certification and Zero-Knowledge Proofs of Knowledge on Infrastructure Topology Graphs

Lookup NU author(s): Professor Thomas Gross


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


Digital signature schemes are a foundational cryptographic building block in certification and the projection of trust. Based on a signature scheme on committed graphs, we propose a framework of certification and proof methods to sign topology graphs and to prove properties of their certificates in zero-knowledge. This framework allows an issuer, such as an auditing system, to sign the topology representation of an infrastructure. The prover, such as an infrastructure provider, can then convince a verifier of topology properties including connectivity and isolation without disclosing the blueprint of the topology itself. By that, we can certify the structure of critical systems while still maintaining confidentiality. We offer zero-knowledge proofs of knowledge for a general specification language of security goals for virtualized infrastructures such that high-level security goals can be proven over topology certificates. We offer an efficient and practical construction, built upon the Camenisch-Lysyanskaya (CL)signature scheme, honest-verifier proofs and the strong RSA assumption.

Publication metadata

Author(s): Gross T

Publication type: Conference Proceedings (inc. Abstract)

Publication status: Published

Conference Name: 6th ACM Workshop at 21st ACM Conference on Computer and Communications Security (CCSW'14)

Year of Conference: 2014

Pages: 69-80

Acceptance date: 20/09/2014

Publisher: ACM


DOI: 10.1145/2664168.2664175

Library holdings: Search Newcastle University Library for this item

ISBN: 9781450332392