Advertisement

Communication efficient Zero-knowledge Proofs of knowledge

With applications to Electronic Cash
  • Alfredo De Santis
  • Giuseppe Persiano
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 577)

Abstract

We show that, after a constant-round preprocessing stage, it is possible to give any polynomial number of Non-Interactive Zero-Knowledge Proofs of Knowledge for any NP language. Our proof-system is based on the sole assumption that one-way functions and Non-Interactive Zero-Knowledge Proof Systems of Language Membership exist.

The new tool has applications to multi-party protocols. We present the first protocol for Electronic Cash with the following properties.
  • It is provably secure under general complexity assumptions. Its security is based on the existence of one-way functions and Non-Interactive Zero-Knowledge Proof Systems.

  • It does not require the presence of a trusted center; not even the Bank is required to be trusted by the users.

  • Each transaction requires only constant rounds of interaction. Actually, most of the transactions requires just one round of interaction.

  • Each transaction can be performed by only the users that are interested; that is, it is not necessary for all the users to take part in each single transaction to guarantee privacy and security. Moreover, the transcript of each transaction can be used to prove that the transaction has actually taken place and to prove eventual frauds committed.

Keywords

Proof System Random String Reference String NIZK Proof Double Spending 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [BaBe]
    J. Bar Han and D. Beaver, Non-Cryptographic Fault-Tolerant Computation in a Constant Number of Rounds of Interaction, in Proc. of the 8th PODC (1989) pp. 201–209.Google Scholar
  2. [BeMiRo]
    D. Beaver, S. Micali, and P. Rogaway, The Round Complexity of Secure Protocols, Proceedings of the 22nd Annual Symposium on the Theory of Computing, 1990, pp. 503–513.Google Scholar
  3. [BlDeMiPe]
    M. Blum, A. De Santis, S. Micali, and G. Persiano, Non-Interactive Zero-Knowledge, SLAM Journal on Computing, December 1991. Preliminary version: MIT Research Report MIT/LCS/TM-430, May 1990.Google Scholar
  4. [BlFeMi]
    M. Blum, P. Feldman, and S. Micali, Non-Interactive Zero-Knowledge Proof Systems and Applications, Proceedings of the 20th Annual ACM Symposium on Theory of Computing, Chicago, Illinois, 1988.Google Scholar
  5. [BrCrYu]
    G. Brassard, C. Crépeau, and M. Yung, Everything in NP can be Proven in Perfect Zero-Knowledge in a Bounded Number of Rounds, Proceedings of the 16th ICALP, July 1989.Google Scholar
  6. [ChFiNa]
    D. Chaum, A. Fiat, and M. Naor, Untraceable Electronic Cash, in “Advances in Cryptology-CRYPTO 88”, Ed. S. Goldwasser, vol. 403 of “Lecture Notes in Computer Science”, Springer-Verlag, pp.319–327.Google Scholar
  7. [DeMiPe1]
    A. De Santis, S. Micali, and G. Persiano, Non-Interactive Zero-Knowledge ProofSystems, in “Advances in Cryptology-CRYPTO 87”, vol. 293 of “Lecture Notes in Computer Science”, Springer Verlag.Google Scholar
  8. [DeMiPe2]
    A. De Santis, S. Micali, and G. Persiano, Non-Interactive Zero-Knowledge Proof-Systems with Preprocessing, in “Advances in Cryptology-CRYPTO 88”, Ed. S. Goldwasser, vol. 403 of “Lecture Notes in Computer Science”, Springer-Verlag, pp. 269–282.Google Scholar
  9. [DePe]
    A. De Santis and G. Persiano, Public-Randomness in Public-key Cryptography, in “Advances in Cryptology-EUROCRYPT 90”, Ed. I.B.Damgård, vol. 473 of “Lecture Notes in Computer Science”, Springer-Verlag, pp. 46–62.Google Scholar
  10. [DeYu]
    A. De Santis and M. Yung, Cryptographic Applications of the non-interactive Metaproof and Many-prover Systems, CRYPTO 1990.Google Scholar
  11. [FeFiSh]
    U. Feige, A. Fiat, and A. Shamir, Zero-knowledge Proofs of Identity, Journal of Cryptology, vol. 1, 1988, pp. 77–94. (Preliminary version in Proceedings of the 19th Annual ACM Symposium on Theory of Computing, New York, 1987, pp. 210–217.)Google Scholar
  12. [FeLaSh]
    U. Feige, D. Lapidot, and A. Shamir, Multiple Non-interactive Zero-knowledge Proofs Based on a Single Random String, Proceedings of the 22nd Annual Symposium on the Theory of Computing, 1990, pp. 308–317.Google Scholar
  13. [FeSh]
    U. Feige and A. Shamir, Zero knowledge proof of knowledge in two rounds, in “Advances in Cryptology-CRYPTO 89”, vol. 435 of “Lecture Notes in Computer Science”, Springer-Verlag, pp. 526–544.Google Scholar
  14. [GoGoMi]
    O. Goldreich, S. Goldwasser, and S. Micali, How to Construct Random Functions, Journal of the Association for Computing Machinery, vol. 33, no. 4, 1986, pp. 792–807.Google Scholar
  15. [GoMiRa]
    S. Goldwasser, S. Micali, and C. Rackoff, The Knowledge Complexity of Interactive Proof-Systems, SIAM Journal on Computing, vol. 18, n. 1, February 1989.Google Scholar
  16. [GoMiRi]
    S. Goldwasser, S. Micali, and R. Rivest, A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attack, SIAM Journal of Computing, vol. 17, n. 2, April 1988, pp. 281–308.Google Scholar
  17. [KiMiOs]
    J. Kilian, S. Micali, and R. Ostrowsky, Minimum-Resource Zero-Knowledge Proofs, Proceedings of the 30th IEEE Symposium on Foundation of Computer Science, 1989, pp. 474–479.Google Scholar
  18. [GoMiWi]
    O. Goldreich, S. Micali, and A. Wigderson, Proofs that Yield Nothing but their Validity and a Methodology of Cryptographic Design, Proceedings of 27th Annual Symposium on Foundations of Computer Science, 1986, pp. 174–187.Google Scholar
  19. [Ha]
    J. Håstad, Pseudorandom Generators under Uniform Assumptions, Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, 1990, pp. 395–404.Google Scholar
  20. [ImLeLu]
    R. Impagliazzo, L. Levin, and M. Luby, Pseudo-Random Generation from One-way Functions, Proceedings of the 21st Annual ACM Symposium on Theory of Computing, May 1989.Google Scholar
  21. [Na]
    M. Naor, Bit Commitment using Pseudo-randomness, in “Advances in Cryptology-CRYPTO 89”, vol. 435 of “Lecture Notes in Computer Science”, Springer-Verlag.Google Scholar
  22. [NaYu]
    M. Naor and M. Yung, Universal One-way Hash Functions and their Cryptographic Applications, Proceedings of 21st Annual Symposium on the Theory of Computing, May 1989.Google Scholar
  23. [OkOh]
    T. Okamoto and K. Ohta, Disposable Zero-knowledge authentications and their Applications to Untraceable Electronic Cash, in “Advances in Cryptology-CRYPTO 89”, vol. 435 of “Lecture Notes in Computer Science”, Springer-Verlag, pp. 481–496.Google Scholar
  24. [Ro]
    J. Rompel, One-way Functions are Necessary and Sufficient for Secure Signatures, Proceedings of the 22nd Annual Symposium on the Theory of Computing, 1990, pp. 387–394.Google Scholar
  25. [ToWo]
    M. Tompa and H. Woll, Random Self-Reducibility and Zero-knowledge Interactive Proofs of Possession of Information, Proceedings of 28th Symposium on Foundations of Computer Science, 1987, pp. 472–482.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1992

Authors and Affiliations

  • Alfredo De Santis
    • 1
  • Giuseppe Persiano
    • 2
  1. 1.Dipartimento di Informatica ed ApplicazioniUniversità di SalernoBaronissiItaly
  2. 2.Aiken Computation LaboratoryHarvard UniversityCambridgeUSA

Personalised recommendations