Abstract
A non-interactive zero-knowledge proof system (NIZK) for a composite language (i.e., a language that combines distinct statements by AND or OR) is widely used in cryptographic applications. The (im)possibility of black-box constructions of such NIZKs has been studied so far. We extend it to the case of proving equality of a witness behind distinct statements that often plays a central role in cryptographic constructions as illustrated by the seminal work by Naor and Yung (STOC, 1990). In this paper, we investigate the impossibility of a black-box construction of NIZKs for equality of witnesses from those proving the validity of the witnesses. Concretely, we prove that there exists no black-box construction of NIZKs for equality of plaintexts in two distinct ciphertexts of public-key encryption schemes based on NIZKs for proving validity of ciphertexts. It implies that one has to exploit specific properties of the underlying encryption schemes or NIZKs to construct NIZKs for proving equality, and hence justifies existing constructions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
While the terminology “composite statement” in [3] includes nested functions, we only focus on statements combined by AND or OR in this paper.
- 2.
Since \({O}.g\) is injective, \({O}.g^{-1}\) is uniquely defined.
References
Abdalla, M., Benhamouda, F., Pointcheval, D.: Disjunctions for hash proof systems: new constructions and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 69–100. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_3
Abe, M., Ambrona, M., Ohkubo, M.: On black-box extensions of non-interactive zero-knowledge arguments, and signatures directly from simulation soundness. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) Public-Key Cryptography - PKC 2020, pp. 558–589. Springer International Publishing, Cham (2020)
Agrawal, S., Ganesh, C., Mohassel, P.: Non-interactive zero-knowledge proofs for composite statements. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 643–673. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_22
Bellare, M., Goldwasser, S.: New paradigms for digital signatures and message authentication based on non-interactive zero knowledge proofs. In: Brassard, G. (ed.) Advances in Cryptology – CRYPTO 1989 Proceedings, pp. 194–211. Springer, New York (1990)
Blazy, O., Derler, D., Slamanig, D., Spreitzer, R.: Non-interactive plaintext (In-)equality proofs and group signatures with verifiable controllable linkability. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 127–143. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29485-8_8
Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 103–112. STOC 1988, ACM, New York, NY, USA (1988). http://doi.acm.org/10.1145/62212.62222
Brakerski, Z., Katz, J., Segev, G., Yerukhimovich, A.: Limits on the power of zero-knowledge proofs in cryptographic constructions. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 559–578. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19571-6_34
Camenisch, J., Chandran, N., Shoup, V.: A public key encryption scheme secure against Key dependent chosen plaintext and adaptive chosen ciphertext attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 351–368. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_20
Campanelli, M., Fiore, D., Querol, A.: Legosnark: modular design and composition of succinct zero-knowledge proofs. In: CCS 2019 (2019)
Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: Conference Proceedings of the Annual ACM Symposium on Theory of Computing (08 2003). https://doi.org/10.1145/509907.509980
Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) Advances in Cryptology – CRYPTO 1992, pp. 89–105. Springer, Berlin Heidelberg, Berlin, Heidelberg (1993)
Choi, S.G., Elbaz, A., Juels, A., Malkin, T., Yung, M.: Two-party computing with encrypted data. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 298–314. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-76900-2_18
Costello, C., et al.: Geppetto: versatile verifiable computation. In: 2015 IEEE Symposium on Security and Privacy, pp. 253–270 (May 2015). https://doi.org/10.1109/SP.2015.23
Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) Advances in Cryptology – CRYPTO 1994, pp. 174–187. Springer, Berlin Heidelberg (1994)
Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. In: Proceedings of the Twenty-third Annual ACM Symposium on Theory of Computing, pp. 542–552. STOC 1991, ACM, New York, NY, USA (1991). http://doi.acm.org/10.1145/103418.103474
Feige, U., Lapidot, D., Shamir, A.: Multiple noninteractive zero knowledge proofs under general assumptions. SIAM J. Comput. 29(1), 1–28 September 1999. http://dx.doi.org/10.1137/S0097539792230010
Garg, S., Gupta, D.: Efficient round optimal blind signatures. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 477–495. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_27
Gertner, Y., Malkin, T., Myers, S.: Towards a separation of semantic and CCA security for public key encryption. In: Proceedings of the 4th Conference on Theory of Cryptography, pp. 434–455. TCC 2007, Springer-Verlag, Berlin, Heidelberg (2007). http://dl.acm.org/citation.cfm?id=1760749.1760781
Groth, J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444–459. Springer, Heidelberg (2006). https://doi.org/10.1007/11935230_29
Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_21
Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78967-3_24
Hofheinz, D., Jager, T.: Tightly secure signatures and public-key encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 590–607. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_35
Jutla, C.S., Roy, A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. J. Cryptol. 30(4), 1116–1156 October 2017. https://doi.org/10.1007/s00145-016-9243-7
Khurana, D., Ostrovsky, R., Srinivasan, A.: Round optimal black-box “commit-and-prove”. IACR Cryptol. ePrint Arch. 2018, 921 (2018)
Kilian, J.: Uses of Randomness in Algorithms and Protocols. MIT Press, Cambridge, MA, USA (1990)
Lipmaa, H.: Prover-efficient commit-and-prove zero-knowledge SNARKs. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2016. LNCS, vol. 9646, pp. 185–206. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31517-1_10
Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: Proceedings of the Twenty-second Annual ACM Symposium on Theory of Computing, pp. 427–437. STOC 1990, ACM, New York, NY, USA (1990). http://doi.acm.org/10.1145/100216.100273
Ostrovsky, R., Richelson, S., Scafuro, A.: Round-optimal black-box two-party computation. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 339–358. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_17
Parkes, D.C., Rabin, M.O., Shieber, S.M., Thorpe, C.: Practical secrecy-preserving, verifiably correct and trustworthy auctions. Electron. Commer. Res. Appl. 7(3), 294–312 (2008). https://doi.org/10.1016/j.elerap.2008.04.006, http://www.sciencedirect.com/science/article/pii/S1567422308000197, special Section: New Research from the 2006 International Conference on Electronic Commerce
Peikert, C., Shiehian, S.: Noninteractive zero knowledge for NP from (Plain) learning with errors. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 89–114. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_4
Reingold, O., Trevisan, L., Vadhan, S.: Notions of reducibility between cryptographic primitives. In: Naor, M. (ed.) Theory of Cryptography, pp. 1–20. Springer, Berlin Heidelberg, Berlin, Heidelberg (2004)
Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In: Proceedings of the 40th Annual Symposium on Foundations of Computer Science, p. 543-. FOCS 1999. IEEE Computer Society, Washington, DC, USA (1999). http://dl.acm.org/citation.cfm?id=795665.796535
Acknowledgements
We thank Takahiro Matsuda for very insightful discussions in the proof of Sect. 4.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Yamashita, K., Tibouchi, M., Abe, M. (2020). On Black-Box Extension of a Non-Interactive Zero-Knowledge Proof System for Secret Equality. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds) Progress in Cryptology – INDOCRYPT 2020. INDOCRYPT 2020. Lecture Notes in Computer Science(), vol 12578. Springer, Cham. https://doi.org/10.1007/978-3-030-65277-7_39
Download citation
DOI: https://doi.org/10.1007/978-3-030-65277-7_39
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65276-0
Online ISBN: 978-3-030-65277-7
eBook Packages: Computer ScienceComputer Science (R0)