Science China Information Sciences

, Volume 53, Issue 5, pp 954–963 | Cite as

A two-round honest-verifier zero-knowledge protocol

Research Papers
First Online:
Received:
Accepted:
  • 50 Downloads

Abstract

Since the concept of zero-knowledge protocols was introduced, it has attracted a lot of attention and in turn showed significant effect on the development of cryptography, complexity theory and other areas. The round complexity of a zero-knowledge protocol is a very important efficiency consideration, and it is required to be as small as possible. Generally, it is desirable to have zero-knowledge protocols with constant numbers of rounds. Goldreich and Oren proved that only languages in BPP have one-round and two-round zero-knowledge protocols. Moreover, they also showed that only languages in BPP have one-round honest-verifier zero-knowledge protocols. The notion of honest-verifier zero-knowledge protocols is highly non-trivial and fascinating itself, and has many other uses. Thus, the problem as to whether there exist two-round honest-verifier zero-knowledge protocols becomes an important open problem. In this paper, we introduce a new simulation technique and present a two-round honest-verifier zero-knowledge protocol for any language in NP under a standard complexity assumption based on this technique.

Keywords

proof system argument system zero-knowledge witness indistinguishability black-box one-way permutation commitment scheme zap 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Goldwasser S, Micali S, Rackoff C. The knowledge complexity of interactive proof systems. J Comput, 1989, 18: 186–208MATHMathSciNetGoogle Scholar
  2. 2.
    Brassard G, Chaum D, Crepau C. Minimum disclosure proofs of knowledge. JCSS, 1988, 37: 156–189MATHGoogle Scholar
  3. 3.
    Babai L. Trading group yheory for randomness. In: Proceedings of the 17th ACM Symposium on Theory of Computing, New York, 1985. 421–429Google Scholar
  4. 4.
    Ben-Or M, Goldreich O, Goldwasser S, et al. Everything provable is provable in zero-knowledge. In: Proceedings of Crypto88. Berlin: Springer, 1990.. 37–56Google Scholar
  5. 5.
    Goldreich O. Foundations of Cryptography: Basic Tools. Cambridge: Cambridge University Press, 2001MATHCrossRefGoogle Scholar
  6. 6.
    Goldreich O, Micali S, Wigderson A. Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proofs. J ACM, 1991, 38: 691–729MATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Goldreich O, Oren Y. Definitions and properties of zero-knowledge proof systems. J Crypto, 1994, 7: 1–32MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Brassard G, Crepeau C, Yung M. Constant-round perfect zero-knowledge computationally convincing protocols. Theor Comput Sci, 1991, 84: 23–52MATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Feige U, Shamir A. Zero-knowledge proofs of knowledge in two rounds. In: Advances in Cryptology-CRYPTO’89, LNCS 435. Berlin: Springer, 1989. 526–544Google Scholar
  10. 10.
    Goldreich O, Kahan A. How to construct constant-round zero-knowledge proof systems for NP. J Crypt, 1996, 9: 167–190MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Barak B. How to go beyond the black-box simulation barrier. In: Proceedings of the 42nd Annual IEEE Symposium on Foundations of Computer Science, Las Vegas, Nevada, 2001. 106–115Google Scholar
  12. 12.
    Feige U, Lapidot A, Shamir A. Multiple non-interactive zero-knowledge proofs based on a single random string. J Comput, 1999, 29: 1–28MATHMathSciNetGoogle Scholar
  13. 13.
    Goldreich O, Krawczyk H. On the composition of zero-knowledge proof systems, SIAM. J Comput, 1996, 25: 169–192MATHMathSciNetGoogle Scholar
  14. 14.
    Barak B, Pass R. On the possibility of one-message weak zero-knowledge. In: Proceedings of the First Theory of Cryptography Conference, TCC 2004, Lecture Notes in Computer Science 2951. Berlin: Springer, 2004. 121–132Google Scholar
  15. 15.
    Dwork C, Stockmeyer L. 2-round zero-knowledge and proof auditors. In: Proceedings of the 34th ACM Symposium on the Theory of Computing, Montreal, Quebec, Canada, 2002. 332–331Google Scholar
  16. 16.
    Feige U, Shamir A. Witness indistinguishability and witness hiding protocols. In: Proceedings of the 22nd ACM Symposium on the Theory of Computing, Baltimore, Maryland, USA, 1990. 416–426Google Scholar
  17. 17.
    Dwork C, Naor M. Zaps and their applications. In: Proceedings of the 41st Annual IEEE Symposium on Foundations of Computer Science-FOCS’00. Redondo Beach, Canada, 2000. 283–293Google Scholar
  18. 18.
    Naor M. Bit commitment using pseudo-randomness. J Crypt, 1991, 4: 151–158MATHMathSciNetGoogle Scholar
  19. 19.
    Blum M. How to prove a theorem so no one else can claim it. In: Proceedings of the International Congress of Mathematicians, Berkeley, California, 1986. 1444–1451Google Scholar

Copyright information

© Science China Press and Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  1. 1.The State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingChina
  2. 2.Graduate University of the Chinese Academy of SciencesBeijingChina

Personalised recommendations