Skip to main content
SpringerLink
Log in

A two-round honest-verifier zero-knowledge protocol

  • Research Papers
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Since the concept of zero-knowledge protocols was introduced, it has attracted a lot of attention and in turn showed significant effect on the development of cryptography, complexity theory and other areas. The round complexity of a zero-knowledge protocol is a very important efficiency consideration, and it is required to be as small as possible. Generally, it is desirable to have zero-knowledge protocols with constant numbers of rounds. Goldreich and Oren proved that only languages in BPP have one-round and two-round zero-knowledge protocols. Moreover, they also showed that only languages in BPP have one-round honest-verifier zero-knowledge protocols. The notion of honest-verifier zero-knowledge protocols is highly non-trivial and fascinating itself, and has many other uses. Thus, the problem as to whether there exist two-round honest-verifier zero-knowledge protocols becomes an important open problem. In this paper, we introduce a new simulation technique and present a two-round honest-verifier zero-knowledge protocol for any language in NP under a standard complexity assumption based on this technique.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Goldwasser S, Micali S, Rackoff C. The knowledge complexity of interactive proof systems. J Comput, 1989, 18: 186–208

    MATH  MathSciNet  Google Scholar 

  2. Brassard G, Chaum D, Crepau C. Minimum disclosure proofs of knowledge. JCSS, 1988, 37: 156–189

    MATH  Google Scholar 

  3. Babai L. Trading group yheory for randomness. In: Proceedings of the 17th ACM Symposium on Theory of Computing, New York, 1985. 421–429

  4. Ben-Or M, Goldreich O, Goldwasser S, et al. Everything provable is provable in zero-knowledge. In: Proceedings of Crypto88. Berlin: Springer, 1990.. 37–56

    Google Scholar 

  5. Goldreich O. Foundations of Cryptography: Basic Tools. Cambridge: Cambridge University Press, 2001

    Book  MATH  Google Scholar 

  6. Goldreich O, Micali S, Wigderson A. Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proofs. J ACM, 1991, 38: 691–729

    Article  MATH  MathSciNet  Google Scholar 

  7. Goldreich O, Oren Y. Definitions and properties of zero-knowledge proof systems. J Crypto, 1994, 7: 1–32

    Article  MATH  MathSciNet  Google Scholar 

  8. Brassard G, Crepeau C, Yung M. Constant-round perfect zero-knowledge computationally convincing protocols. Theor Comput Sci, 1991, 84: 23–52

    Article  MATH  MathSciNet  Google Scholar 

  9. Feige U, Shamir A. Zero-knowledge proofs of knowledge in two rounds. In: Advances in Cryptology-CRYPTO’89, LNCS 435. Berlin: Springer, 1989. 526–544

    Google Scholar 

  10. Goldreich O, Kahan A. How to construct constant-round zero-knowledge proof systems for NP. J Crypt, 1996, 9: 167–190

    Article  MATH  MathSciNet  Google Scholar 

  11. Barak B. How to go beyond the black-box simulation barrier. In: Proceedings of the 42nd Annual IEEE Symposium on Foundations of Computer Science, Las Vegas, Nevada, 2001. 106–115

  12. Feige U, Lapidot A, Shamir A. Multiple non-interactive zero-knowledge proofs based on a single random string. J Comput, 1999, 29: 1–28

    MATH  MathSciNet  Google Scholar 

  13. Goldreich O, Krawczyk H. On the composition of zero-knowledge proof systems, SIAM. J Comput, 1996, 25: 169–192

    MATH  MathSciNet  Google Scholar 

  14. Barak B, Pass R. On the possibility of one-message weak zero-knowledge. In: Proceedings of the First Theory of Cryptography Conference, TCC 2004, Lecture Notes in Computer Science 2951. Berlin: Springer, 2004. 121–132

    Google Scholar 

  15. Dwork C, Stockmeyer L. 2-round zero-knowledge and proof auditors. In: Proceedings of the 34th ACM Symposium on the Theory of Computing, Montreal, Quebec, Canada, 2002. 332–331

  16. Feige U, Shamir A. Witness indistinguishability and witness hiding protocols. In: Proceedings of the 22nd ACM Symposium on the Theory of Computing, Baltimore, Maryland, USA, 1990. 416–426

  17. Dwork C, Naor M. Zaps and their applications. In: Proceedings of the 41st Annual IEEE Symposium on Foundations of Computer Science-FOCS’00. Redondo Beach, Canada, 2000. 283–293

  18. Naor M. Bit commitment using pseudo-randomness. J Crypt, 1991, 4: 151–158

    MATH  MathSciNet  Google Scholar 

  19. Blum M. How to prove a theorem so no one else can claim it. In: Proceedings of the International Congress of Mathematicians, Berkeley, California, 1986. 1444–1451

Download references

Author information

Authors and Affiliations

  1. The State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    HanWu Liu & DongDai Lin

  2. Graduate University of the Chinese Academy of Sciences, Beijing, 100049, China

    HanWu Liu

Authors
  1. HanWu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. DongDai Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to HanWu Liu.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Liu, H., Lin, D. A two-round honest-verifier zero-knowledge protocol. Sci. China Inf. Sci. 53, 954–963 (2010). https://doi.org/10.1007/s11432-010-0082-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-010-0082-0

Keywords

Search

Navigation