Abstract
We study interactive arguments, in particular their error probability under sequential iteration. This problem is more complex than for interactive proofs, where the error trivially decreases exponentially in the number of iterations.
In particular, we study the typical efficient case where the iterated protocol is based on a single instance of a computational problem. This is not a special case of independent iterations of an entire protocol, and real exponential decrease of the error cannot be expected. Nevertheless, for practical applications, one needs concrete relations between the complexity and error probability of the underlying problem and the iterated protocol. We formalize and solve this problem using the theory of proofs of knowledge. We also seem to present the first definition of arguments in a fully uniform model of complexity.
We also prove that in non-uniform complexity, the error probability of independent iterations of an argument does decrease exponentially — to our knowledge this is the first result about a strictly exponentially small error probability in a computational cryptographic security property.
To illustrate our first result, we present a very efficient zero-knowledge argument for circuit satisfiability, and thus for any NP problem, based on any collision-intractable hash function.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
G. Brassard, D. Chaum, and C. Crépeau, “Minimum Disclosure Proofs of Knowledge”, J. Computer and System Sciences, vol. 37, pp. 156–189, 1988.
M. Bellare and O. Goldreich, “On Defining Proofs of Knowledge”, in Advances in Cryptology — Proc. CRYPTO '92, Berlin: Springer-Verlag, 1993, pp. 390–420.
L. Babai and S. Moran, “Arthur-Merlin Games: A Randomized Proof System and a Hierarchy of Complexity Classes”, J. Computer and System Sciences, vol.36, pp.254–276, 1988.
M. Bellare, “A Note on Negligible Functions”, Technical Report CS97-529, Dept. of Comp. Sc. and Eng., UC San Diego, 1997, and Theory of Cryptography Library 97-04, http://theory.lcs.mit.edu/teryptol/.
M. Bellare, R. Impagliazzo, and M. Naor, “Does Parallel Repetition Lower the Error in Computationally Sound Protocols?”, in Proc. 38th IEEE Symp. Foundations of Computer Science, 1997.
R. Cramer and I. B. Damgård, “Linear Zero-Knowledge — A Note on Efficient Zero-Knowledge Proofs and Arguments”, in Proc. 29th Annual ACM Symp. Theory of Computing, 1997, pp. 436–445.
I. B. Damgård, “Collision free hash functions and public key signature schemes”, in Advances in Cryptology — Proc. EUROCRYPT '87, Berlin: Springer-Verlag, 1988, pp. 203–216.
I. B. Damgård and B. Pfitzmann, “Sequential Iteration of Interactive Arguments and an Efficient Zero-Knowledge Argument for NP”, BRICS report RS-97-50, 1997, http://www.brics.dk.
I. B. Damgård, T. P. Pedersen, and B. Pfitzmann, “On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures”, in Advances in Cryptology — Proc. CRYPTO '93, Berlin: Springer-Verlag, 1994, pp. 250–265.
I. B. Damgård, T. P. Pedersen, and B. Pfitzmann, “Statistical Secrecy and Multi-Bit Commitments”, BRICS report RS-96-45, 1996, http://www.brics.dk. To appear in IEEE Trans. Inform. Theory, May 1998.
L. Fortnow, “The Complexity of Perfect Zero Knowledge”, in Proc. 19th Annual ACM Symp. Theory of Computing, 1987, pp. 204–209.
O. Goldreich, Foundations of Cryptography (Fragments of a Book), Dept. of Comp. Sc. and Applied Math., Weizmann Institute of Science, Rehovot, Israel, 1995,http://theory.lcs.mit.edu/oded/ (with updates).
O. Goldreich, “A Uniform-Complexity Treatment of Encryption and Zero-Knowledge”, J. Cryptology, vol. 6, no. 1, pp. 21–53, 1993.
S. Goldwasser and S. Micali, “Probabilistic encryption”, J. Computer and System Sciences, vol. 28, pp. 270–299, 1984.
S. Goldwasser, S. Micali, and C. Rackoff, “The knowledge complexity of interactive proof systems”, SIAM J. Computing, vol. 18, no. 1, pp. 186–208, 1989.
O. Goldreich, S. Micali, and A. Wigderson, “Proofs that Yield Nothing But Their Validity or All Languages in NP Have Zero-Knowledge Proof Systems”, J. ACM, vol. 38, no. 1, pp. 691–729, 1991.
J. Kilian, “A Note on Efficient Zero-Knowledge Proofs and Arguments”, in Proc. 24th Annual ACM Symp. Theory of Computing, 1992, pp. 723–732.
J. Kilian, S. Micali, and R. Ostrovsky, “Minimum resource zero-knowledge proofs”, in Proc. 30th IEEE Symp. Foundations of Computer Science, 1989, pp. 474–479.
Secure Hash Standard, Federal Information Processing Standards Publication FIPS PUB 180-1, 1995.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Damgård, I., Pfitzmann, B. (1998). Sequential iteration of interactive arguments and an efficient zero-knowledge argument for NP. In: Larsen, K.G., Skyum, S., Winskel, G. (eds) Automata, Languages and Programming. ICALP 1998. Lecture Notes in Computer Science, vol 1443. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055101
Download citation
DOI: https://doi.org/10.1007/BFb0055101
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64781-2
Online ISBN: 978-3-540-68681-1
eBook Packages: Springer Book Archive