Theory of Cryptography

Volume 7785 of the series Lecture Notes in Computer Science pp 60-79

Concurrent Zero Knowledge in the Bounded Player Model

  • Vipul GoyalAffiliated withMicrosoft Research
  • , Abhishek JainAffiliated withMIT and Boston University
  • , Rafail OstrovskyAffiliated withUCLA
  • , Silas RichelsonAffiliated withUCLA
  • , Ivan ViscontiAffiliated withUniversity of Salerno

* Final gross prices may vary according to local VAT.

Get Access


In this paper we put forward the Bounded Player Model for secure computation. In this new model, the number of players that will ever be involved in secure computations is bounded, but the number of computations is not a priori bounded. Indeed, while the number of devices and people on this planet can be realistically estimated and bounded, the number of computations these devices will run can not be realistically bounded. Further, we note that in the bounded player model, in addition to no a priori bound on the number of sessions, there is no synchronization barrier, no trusted party, and simulation must be performed in polynomial time.

In this setting, we achieve concurrent Zero Knowledge (cZK) with sub-logarithmic round complexity. Our security proof is (necessarily) non-black-box, our simulator is “straight-line” and works as long as the number of rounds is ω(1).

We further show that unlike previously studied relaxations of the standard model (e.g., bounded number of sessions, timing assumptions, super-polynomial simulation), concurrent-secure computation is still impossible to achieve in the Bounded Player model. This gives evidence that our model is “closer” to the standard model than previously studied models, and study of this model might shed light on constructing round efficient concurrent zero-knowledge in the standard model as well.