[Lecture Notes in Computer Science] Advances in Cryptology — CRYPTO ’87 Volume 293 || Security-Related Comments Regarding McEliece’s Public-Key Cryptosystem

Zero-knowledge Interactive Proofsystems Are A New Technique Which Can Be Used As A Cryptographic Tool For Designing Provably Secure Protocols. Goldwasser, Micali, And Rackoff Originally Suggested This Technique For Controlling The Knowledge Released In An Interactive Proof Of Membership In A Language, And For Classification Of Languages [19]. In This Approach, Knowledge Is Defined In Terms Of Complexity To Convey Knowledge If It Gives A Computational Advantage To The Receiver, Theory, And A Message Is Said For Example By Giving Him The Result Of An Intractable Computation. The Formal Model Of Interacting Machines Is Described In [19, 15, 171. A Proof-system (for A Language L) Is An Interactive Protocol By Which One User, The Prover, Attempts To Convince Another User, The Verifier, That A Given Input X Is In L. We Assume That The Verifier Is A Probabilistic Machine Which Is Limited To Expected Polynomial-time Computation, While The Prover Is An Unlimited Probabilistic Machine. (in Cryptographic Applications The Prover Has Some Trapdoor Information, Or Knows The Cleartext Of A Publicly Known Ciphertext) A Correct Proof-system Must Have The Following Properties: If Xe L, The Prover Will Convince The Verifier To Accept The Pmf With Very High Probability. If Xp L No Prover, No Matter What Program It Follows, Is Able To Convince The Verifier To Accept The Proof, Except With Vanishingly Small Probability.