Abstract
This paper investigates the exact round complexity of zero-knowledge arguments of knowledge (ZKAOK) with strict-polynomial-time simulation and extraction. Previously, Barak and Lindell [STOC 02] presented a constant-round such ZKAOK. With the parallel technique by Ostrovsky and Visconti [ECCC 12] for implementing Barak’s zero-knowledge [FOCS 01] in 6 rounds, the Barak-Lindell ZKAOK can be implemented in, we believe, 7 rounds, which achieves the best exact round complexity for such ZKAOK from reasonable assumptions.
Recently, Pandey et al. [ePrint 13] proposed a 4-round (concurrent) ZK with strict-polynomial-time simulation based on differing-input obfuscation for machines. Based on their construction, Ding [ISC 14] presented a 4-round ZKAOK with strict-polynomial-time simulation and extraction. However, the known construction of differing-input obfuscation for machines uses knowledge assumptions which are too strong. So an interesting question is whether we can reduce the round complexity of such ZKAOK without using differing-input obfuscation for machines.
In this paper we show that based on differing-input obfuscation for some circuit samplers and other reasonable assumptions, there exists a 6-round ZKAOK for NP with strict-polynomial-time simulation and extraction. Importantly, the assumption of differing-input obfuscation for circuits does not use any knowledge assumption and thus is mild. Moreover, we note that the auxiliary inputs output by the circuit samplers in our construction are public coins and perfectly-hiding commitments, which is quite natural. So this assumption, in our view, could be considered reasonable.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ananth, P., Boneh, D., Garg, S., Sahai, A., Zhandry, M.: Differing-inputs obfuscation and applications. IACR Cryptology ePrint Archive 2013, 689 (2013)
Barak, B.: How to go beyond the black-box simulation barrier. In: FOCS, pp. 106–115 (2001)
Barak, B., Goldreich, O.: Universal arguments and their applications. In: IEEE Conference on Computational Complexity, pp. 194–203 (2002)
Barak, B., Lindell, Y.: Strict polynomial-time in simulation and extraction. In: Reif, J.H. (ed.) STOC, pp. 484–493. ACM (2002)
Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) Advances in Cryptology - CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993)
Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: Recursive composition and bootstrapping for snarks and proof-carrying data. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) STOC, pp. 111–120. ACM (2013)
Blum, M.: Coin flipping by telephone. In: Gersho, A., (ed.) CRYPTO, pp. 11–15. U. C. Santa Barbara, Dept. of Elec. and Computer Eng., ECE Report No 82-04 (1981)
Blum, M.: How to prove a theorem so no one else can claim it. In: Proceedings of the International Congress of Mathematicians, pp. 1444–1451 (1987)
Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge. J. Comput. Syst. Sci. 37(2), 156–189 (1988)
Crescenzo, G.D., Persiano, G., Visconti, I.: Constant-round resettable zero knowledge with concurrent soundness in the bare public-key model. In: Franklin DBLP:conf/crypto/2004, pp. 237–253, http://dx.doi.org/10.1007/978-3-540-28628-8_15
Ding, N.: Obfuscation-based non-black-box extraction and constant-round zero-knowledge arguments of knowledge. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds.) ISC 2014. LNCS, vol. 8783, pp. 120–139. Springer, Heidelberg (2014)
Feige, U., Fiat, A., Shamir, A.: Zero knowledge proofs of identity. In: Aho, A.V. (ed.) STOC, pp. 210–217. ACM (1987)
Feige, U., Shamir, A.: Witness indistinguishable and witness hiding protocols. In: Ortiz, H. (ed.) STOC, pp. 416–426. ACM (1990)
Fischlin, M.: Trapdoor Commitment Schemes and Their Applications. Ph.D. thesis, Fachbereich Mathematik Johann Wolfgang Goethe-Universit at Frankfurt am Main (2001)
Franklin, M. (ed.): CRYPTO 2004. LNCS, vol. 3152. Springer, Heidelberg (2004)
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS, pp. 40–49. IEEE Computer Society (2013)
Garg, S., Gentry, C., Halevi, S., Wichs, D.: On the implausibility of differing-inputs obfuscation and extractable witness encryption with auxiliary input. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 518–535. Springer, Heidelberg (2014), http://dx.doi.org/10.1007/978-3-662-44371-2_29
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) STOC, pp. 169–178. ACM (2009)
Goldreich, O., Kahan, A.: How to construct constant-round zero-knowledge proof systems for NP. J. Cryptology 9(3), 167–190 (1996)
Goldreich, O., Krawczyk, H.: On the composition of zero-knowledge proof systems. SIAM J. Comput. 25(1), 169–192 (1996)
Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity and a methodology of cryptographic protocol design (extended abstract). In: FOCS, pp. 174–187. IEEE Computer Society (1986)
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. J. ACM 43(3), 431–473 (1996)
Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)
Hada, S., Tanaka, T.: On the existence of 3-round zero-knowledge protocols. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 408–423. Springer, Heidelberg (1998)
Ishai, Y., Pandey, O., Sahai, A.: Public-coin differing-inputs obfuscation and its applications. Cryptology ePrint Archive, Report 2014/942 (2014), http://eprint.iacr.org/
Katz, J.: Which languages have 4-round zero-knowledge proofs? In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 73–88. Springer, Heidelberg (2008)
Katz, J., Ostrovsky, R.: Round-optimal secure two-party computation. In: Franklin DBLP:conf/crypto/2004, pp. 335–354, http://dx.doi.org/10.1007/978-3-540-28628-8_21
Lapidot, D., Shamir, A.: Publicly verifiable non-interactive zero-knowledge proofs. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 353–365. Springer, Heidelberg (1991)
Lindell, Y.: A note on constant-round zero-knowledge proofs of knowledge. J. Cryptology 26(4), 638–654 (2013)
Ostrovsky, R., Visconti, I.: Simultaneous resettability from collision resistance. Electronic Colloquium on Computational Complexity (ECCC) 19, 164 (2012)
Pandey, O., Prabhakaran, M., Sahai, A.: Obfuscation-based non-black-box simulation and four message concurrent zero knowledge for np. Cryptology ePrint Archive, Report 2013/754 (2013), http://eprint.iacr.org/
Tompa, M., Woll, H.: Random self-reducibility and zero knowledge interactive proofs of possession of information. In: FOCS, pp. 472–482. IEEE Computer Society (1987)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Ding, N. (2015). On Zero-Knowledge with Strict Polynomial-Time Simulation and Extraction from Differing-Input Obfuscation for Circuits. In: Lehmann, A., Wolf, S. (eds) Information Theoretic Security. ICITS 2015. Lecture Notes in Computer Science(), vol 9063. Springer, Cham. https://doi.org/10.1007/978-3-319-17470-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-17470-9_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17469-3
Online ISBN: 978-3-319-17470-9
eBook Packages: Computer ScienceComputer Science (R0)