Concurrent Non-Malleable Zero Knowledge Proofs


Concurrent non-malleable zero-knowledge (NMZK) considers the concurrent execution of zero-knowledge protocols in a setting where the attacker can simultaneously corrupt multiple provers and verifiers. Barak, Prabhakaran and Sahai (FOCS’06) recently provided the first construction of a concurrent NMZK protocol without any set-up assumptions. Their protocol, however, is only computationally sound (a.k.a., a concurrent NMZK argument). In this work we present the first construction of a concurrent NMZK proof without any set-up assumptions. Our protocol requires poly(n) rounds assuming one-way functions, or \(\tilde{O}(\log n)\) rounds assuming collision-resistant hash functions.

As an additional contribution, we improve the round complexity of concurrent NMZK arguments based on one-way functions (from poly(n) to \(\tilde O(\log n)\) ), and achieve a near linear (instead of cubic) security reductions. Taken together, our results close the gap between concurrent ZK protocols and concurrent NMZK protocols (in terms of feasibility, round complexity, hardness assumptions, and tightness of the security reduction).