Resettable Cryptography in Constant Rounds – The Case of Zero Knowledge
- Yi DengAffiliated withLancaster UniversityNTUSKLOIS, Institute of Software, CAS
- , Dengguo FengAffiliated withCarnegie Mellon UniversityMSR
- , Vipul GoyalAffiliated withLancaster UniversitySKLOIS, Institute of Software, CAS
- , Dongdai LinAffiliated withCarnegie Mellon UniversityMSR
- , Amit SahaiAffiliated withCarnegie Mellon UniversityUCLA
- , Moti YungAffiliated withCarnegie Mellon UniversityGoogle Inc.
A fundamental question in cryptography deals with understanding the role that randomness plays in cryptographic protocols and to what extent it is necessary. One particular line of works was initiated by Canetti, Goldreich, Goldwasser, and Micali (STOC 2000) who introduced the notion of resettable zero-knowledge, where the protocol must be zero-knowledge even if a cheating verifier can reset the prover and have several interactions in which the prover uses the same random tape. Soon afterwards, Barak, Goldreich, Goldwasser, and Lindell (FOCS 2001) studied the setting where the verifier uses a fixed random tape in multiple interactions. Subsequent to these works, a number of papers studied the notion of resettable protocols in the setting where only one of the participating parties uses a fixed random tape multiple times. The notion of resettable security has been studied in two main models: the plain model and the bare public key model (also introduced in the above paper by Canetti et. al.).
In a recent work, Deng, Goyal and Sahai (FOCS 2009) gave the first construction of a simultaneous resettable zero-knowledge protocol where both participants of the protocol can reuse a fixed random tape in any (polynomial) number of executions. Their construction however required O(n ε ) rounds of interaction between the prover and the verifier. Both in the plain as well as the BPK model, this construction remain the only known simultaneous resettable zero-knowledge protocols.
In this work, we study the question of round complexity of simultaneous resettable zero-knowledge in the BPK model. We present a constant round protocol in such a setting based on standard cryptographic assumptions. Our techniques are significantly different from the ones used by Deng, Goyal and Sahai.
- Resettable Cryptography in Constant Rounds – The Case of Zero Knowledge
- Book Title
- Advances in Cryptology – ASIACRYPT 2011
- Book Subtitle
- 17th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4-8, 2011. Proceedings
- pp 390-406
- Print ISBN
- Online ISBN
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- Series ISSN
- Springer Berlin Heidelberg
- Copyright Holder
- International Association for Cryptologic Research
- Additional Links
- Industry Sectors
- eBook Packages
- Editor Affiliations
- 16. Center for Information Security Technologies, Korea University
- 17. Shandong University
- Author Affiliations
- 18. NTU, Singapore
- 19. SKLOIS, Institute of Software, CAS, China
- 20. MSR, India
- 21. UCLA, USA
- 22. Google Inc., USA
To view the rest of this content please follow the download PDF link above.