{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,30]],"date-time":"2025-08-30T16:29:32Z","timestamp":1756571372329},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540629757"},{"type":"electronic","value":"9783540690535"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1997]]},"DOI":"10.1007\/3-540-69053-0_22","type":"book-chapter","created":{"date-parts":[[2007,8,6]],"date-time":"2007-08-06T01:24:05Z","timestamp":1186363445000},"page":"318-333","source":"Crossref","is-referenced-by-count":46,"title":["Rapid Demonstration of Linear Relations Connected by Boolean Operators"],"prefix":"10.1007","author":[{"given":"Stefan","family":"Brands","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2001,7,13]]},"reference":[{"key":"22_CR1","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"390","DOI":"10.1007\/3-540-48071-4_28","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 92","author":"M. Bellare","year":"1992","unstructured":"M. Bellare and O. Goldreich. On defining proofs of knowledge. In E. F. Brickell, editor, Advances in Cryptology\u2014CRYPTO\u2019 92, volume 740 of Lecture Notes in Computer Science, pages 390\u2013420. Springer-Verlag, 1992."},{"key":"22_CR2","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"216","DOI":"10.1007\/3-540-48658-5_22","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 94","author":"M. Bellare","year":"1994","unstructured":"M. Bellare, O. Goldreich, and S. Goldwasser. Incremental cryptography: The case of hashing and signing. In Y. G. Desmedt, editor, Advances in Cryptology\u2014CRYPTO\u2019 94, volume 839 of Lecture Notes in Computer Science, pages 216\u2013233. Springer-Verlag, 1994."},{"key":"22_CR3","doi-asserted-by":"crossref","unstructured":"M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62\u201373, Fairfax, 1993. ACM Press.","DOI":"10.1145\/168588.168596"},{"key":"22_CR4","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/0-387-34799-2_3","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 88","author":"J. Benaloh","year":"1988","unstructured":"J. Benaloh and J. Leichter. Generalized secret sharing and monotone functions. In S. Goldwasser, editor, Advances in Cryptology\u2014CRYPTO\u2019 88, volume 403 of Lecture Notes in Computer Science, pages 27\u201335. Springer-Verlag, 1988."},{"issue":"6","key":"22_CR5","doi-asserted-by":"publisher","first-page":"1084","DOI":"10.1137\/0220068","volume":"20","author":"M. Blum","year":"1991","unstructured":"M. Blum, A. De Santis, S. Micali, and G. Persiano. Noninteractive zero-knowledge. SIAM J. Computing, 20(6):1084\u20131118, December 1991.","journal-title":"SIAM J. Computing"},{"key":"22_CR6","unstructured":"S. Brands. An efficient off-line electronic cash system based on the representation problem. Technical Report CS-R9323, Centrum voor Wiskunde en Informatica, April 1993."},{"key":"22_CR7","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"302","DOI":"10.1007\/3-540-48329-2_26","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 93","author":"S. Brands","year":"1994","unstructured":"S. Brands. Untraceable off-line cash in wallets with observers. In D. R. Stinson, editor, Advances in Cryptology\u2014CRYPTO\u2019 93, volume 773 of Lecture Notes in Computer Science, pages 302\u2013318. Springer-Verlag, 1994."},{"key":"22_CR8","unstructured":"S. Brands. More on restrictive blind issuing of secret-key certificates in parallel mode. Technical Report CS-R9534, Centrum voor Wiskunde en Informatica, March 1995."},{"key":"22_CR9","unstructured":"S. Brands. Restrictive blind issuing of secret-key certificates in parallel mode. Technical Report CS-R9523, Centrum voor Wiskunde en Informatica, March 1995."},{"key":"22_CR10","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1007\/3-540-49264-X_19","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 95","author":"S. Brands","year":"1995","unstructured":"S. Brands. Restrictive blinding of secret-key certificates. In L. C. Guillou and J.-J. Quisquater, editors, Advances in Cryptology\u2014EUROCRYPT\u2019 95, volume 921 of Lecture Notes in Computer Science, pages 231\u2013247. Springer-Verlag, 1995."},{"key":"22_CR11","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"156","DOI":"10.1007\/3-540-48184-2_11","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 87","author":"E. F. Brickell","year":"1988","unstructured":"E. F. Brickell, D. Chaum, I. B. Damg\u00e5rd, and J. van de Graaf. Gradual and verifiable release of a secret. In C. Pomerance, editor, Advances in Cryptology\u2014CRYPTO\u2019 87, volume 293 of Lecture Notes in Computer Science, pages 156\u2013166. Springer-Verlag, 1988."},{"issue":"1","key":"22_CR12","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/BF00191319","volume":"5","author":"E. F. Brickell","year":"1992","unstructured":"E. F. Brickell and K. S. McCurley. An interactive identification scheme based on discrete logarithms and factoring. Journal of Cryptology, 5(1):29\u201339, 1992.","journal-title":"Journal of Cryptology"},{"key":"22_CR13","doi-asserted-by":"crossref","unstructured":"D. Chaum, E. van Heijst, and B. Pfitzmann. Cryptographically strong undeniable signatures, unconditionally secure for the signer. Technical report, University of Karlsruhe, February 1991. Interner Bericht 1\/91.","DOI":"10.1007\/3-540-46766-1_38"},{"key":"22_CR14","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"470","DOI":"10.1007\/3-540-46766-1_38","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 91","author":"D. Chaum","year":"1992","unstructured":"D. Chaum, E. van Heijst, and B. Pfitzmann. Cryptographically strong undeniable signatures, unconditionally secure for the signer. In J. Feigenbaum, editor, Advances in Cryptology\u2014CRYPTO\u2019 91, volume 576 of Lecture Notes in Computer Science, pages 470\u2013484. Springer-Verlag, 1992."},{"key":"22_CR15","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"174","DOI":"10.1007\/3-540-48658-5_19","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 94","author":"R. Cramer","year":"1994","unstructured":"R. Cramer, I. Damg\u00e5rd, and B. Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Y. G. Desmedt, editor, Advances in Cryptology\u2014CRYPTO\u2019 94, Lecture Notes in Computer Science, pages 174\u2013187. Springer-Verlag, 1994."},{"key":"22_CR16","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"200","DOI":"10.1007\/3-540-48285-7_17","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 93","author":"I. B. Damg\u00e5rd","year":"1994","unstructured":"I. B. Damg\u00e5rd. Practical and provably secure release of a secret. In T. Helleseth, editor, Advances in Cryptology\u2014EUROCRYPT\u2019 93, volume 765 of Lecture Notes in Computer Science, pages 200\u2013217. Springer-Verlag, 1994."},{"key":"22_CR17","doi-asserted-by":"crossref","unstructured":"A. De Santis, G. D. Crescenzo, G. Persiano, and M. Yung. On monotone formula closure of SZK. In Proc. 35th IEEE Symp. on Foundations of Comp. Science, pages 454\u2013465, Santa Fe, 1994. IEEE Transactions on Information Theory.","DOI":"10.1109\/SFCS.1994.365745"},{"key":"22_CR18","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"526","DOI":"10.1007\/0-387-34805-0_46","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 89","author":"U. Feige","year":"1990","unstructured":"U. Feige and A. Shamir. Zero-knowledge proofs of knowledge in two rounds. In G. Brassard, editor, Advances in Cryptology\u2014CRYPTO\u2019 89, volume 435 of Lecture Notes in Computer Science, pages 526\u2013544. Springer-Verlag, 1990."},{"key":"22_CR19","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 86","author":"A. Fiat","year":"1987","unstructured":"A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. Odlyzko, editor, Advances in Cryptology\u2014CRYPTO\u2019 86, volume 263 of Lecture Notes in Computer Science, pages 186\u2013194. Springer-Verlag, 1987."},{"key":"22_CR20","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"123","DOI":"10.1007\/3-540-45961-8_11","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 88","author":"L. C. Guillou","year":"1988","unstructured":"L. C. Guillou and J.-J. Quisquater. A practical zero-knowledge protocol fitted to security microprocessors minimizing both transmission and memory. In C. G\u00fcnther, editor, Advances in Cryptology\u2014EUROCRYPT\u2019 88, Lecture Notes in Computer Science, pages 123\u2013128. Springer-Verlag, 1988."},{"issue":"3","key":"22_CR21","first-page":"376","volume":"47","author":"J. H\u00e5stad","year":"1993","unstructured":"J. H\u00e5stad, A. Schrift, and A. Shamir. The discrete logarithm modulo a composite hides o(n) bits. JCSS, 47(3):376\u2013404, 1993.","journal-title":"JCSS"},{"key":"22_CR22","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1007\/3-540-68339-9_13","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 96","author":"M. Jakobsson","year":"1996","unstructured":"M. Jakobsson, K. Sako, and R. Impagliazzo. Designated verifier proofs and their applications. In U. Maurer, editor, Advances in Cryptology\u2014EUROCRYPT\u2019 96, volume 1070 of Lecture Notes in Computer Science, pages 143\u2013154. Springer-Verlag, 1996."},{"key":"22_CR23","unstructured":"D. E. Knuth. Seminumerical Algorithms, volume 2 of The Art of Computer Programming, pages 441\u2013462. Addison-Wesley Publishing Company, 2 edition, 1981. ISBN 0-201-03822-6."},{"key":"22_CR24","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/BFb0053426","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 94","author":"D. Naccache","year":"1995","unstructured":"D. Naccache, D. M\u2019Ra\u00efhi, S. Vaudenay, and D. Raphaeli. Can D.S.A. be improved? \u2014 complexity trade-offs with the digital signature standard. In A. D. Santis, editor, Advances in Cryptology\u2014EUROCRYPT\u2019 94, volume 950 of Lecture Notes in Computer Science, pages 77\u201385. Springer-Verlag, 1995."},{"key":"22_CR25","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/0-387-34799-2_17","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 88","author":"K. Ohta","year":"1988","unstructured":"K. Ohta and T. Okamoto. A modification of the Fiat-Shamir scheme. In S. Goldwasser, editor, Advances in Cryptology\u2014CRYPTO\u2019 88, volume 403 of Lecture Notes in Computer Science, pages 232\u2013243. Springer-Verlag, 1988."},{"key":"22_CR26","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-48071-4_3","volume-title":"Advances in Cryptology\u2014CRYPTO\u2019 92","author":"T. Okamoto","year":"1992","unstructured":"T. Okamoto. Provably secure and practical identification schemes and corresponding signature schemes. In E. F. Brickell, editor, Advances in Cryptology\u2014CRYPTO\u2019 92, volume 740 of Lecture Notes in Computer Science, pages 31\u201353. Springer-Verlag, 1992."},{"key":"22_CR27","series-title":"Lect Notes Comput Sci","first-page":"134","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 89","author":"T. Okamoto","year":"1989","unstructured":"T. Okamoto and K. Ohta. Divertible zero knowledge interactive proofs and communtative random self-reducibility. In J.-J. Quisquater and J. Vandewalle, editors, Advances in Cryptology\u2014EUROCRYPT\u2019 89, volume 434 of Lecture Notes in Computer Science, pages 134\u2013149. Springer-Verlag, 1989."},{"key":"22_CR28","unstructured":"B. Pfitzmann. ZKP in \u2124\u03c1 or % MathType!MTEF!2!1!+- % feaafiart1ev1aaatCvAUfKttLearuqr1ngBPrgarmWu51MyVXgatC % vAUfeBSjuyZL2yd9gzLbvyNv2CaeHbd9wDYLwzYbItLDharyavP1wz % ZbItLDhis9wBH5garqqtubsr4rNCHbGeaGqiVu0Je9sqqrpepC0xbb % L8F4rqqrFfpeea0xe9Lq-Jc9vqaqpepm0xbba9pwe9Q8fs0-yqaqpe % pae9pg0FirpepeKkFr0xfr-xfr-xb9adbaqaaeGaciGaaiaabeqaam % aaeaqbaaGcbaWefv3ySLgznfgDOjdarCqr1ngBPrginfgDObcv39ga % iyqacqWFKeIwdaWgaaWcbaWefv3ySLgznfgDOfdarGqr1ngBPrginf % gDObYtUvgaiCaacqGFYaGmdaahaaadbeqaaiabeo8aZbaaaSqabaaa % aa!5233! $$ \\mathbb{Z}_{2^\\sigma } $$ . Unpublished manuscript, April 1991."},{"key":"22_CR29","doi-asserted-by":"crossref","unstructured":"D. Pointcheval and J. Stern. Provably secure blind signature schemes. In K. Kim and T. Matsumoto, editors, Advances in Cryptology\u2014ASIACRYPT\u2019 96, 1163, pages 252\u2013265. Springer-Verlag, 1996.","DOI":"10.1007\/BFb0034852"},{"key":"22_CR30","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"387","DOI":"10.1007\/3-540-68339-9_33","volume-title":"Advances in Cryptology\u2014EUROCRYPT\u2019 96","author":"D. Pointcheval","year":"1996","unstructured":"D. Pointcheval and J. Stern. Security proofs for signature schemes. In U. Maurer, editor, Advances in Cryptology\u2014EUROCRYPT\u2019 96, volume 1070 of Lecture Notes in Computer Science, pages 387\u2013398. Springer-Verlag, 1996."},{"key":"22_CR31","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C. P. Schnorr","year":"1991","unstructured":"C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4:161\u2013174, 1991.","journal-title":"Journal of Cryptology"},{"key":"22_CR32","unstructured":"D. R. Stinson. Cryptography; theory and practice. CRC Press, 1 edition, 1995. ISBN 0-8493-8521-0."},{"key":"22_CR33","doi-asserted-by":"crossref","unstructured":"M. Tompa and H. Woll. Random self-reducibility and zero knowledge interactive proofs of possession of information. Technical Report RC 13207 (#59069), IBM, October 1987.","DOI":"10.1109\/SFCS.1987.49"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2014 EUROCRYPT \u201997"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-69053-0_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,1]],"date-time":"2019-05-01T19:32:17Z","timestamp":1556739137000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-69053-0_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1997]]},"ISBN":["9783540629757","9783540690535"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/3-540-69053-0_22","relation":{},"ISSN":["0302-9743"],"issn-type":[{"type":"print","value":"0302-9743"}],"subject":[],"published":{"date-parts":[[1997]]}}}