Fully Homomorphic NIZK and NIWI Proofs

  • Prabhanjan AnanthEmail author
  • Apoorvaa Deshpande
  • Yael Tauman Kalai
  • Anna Lysyanskaya
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11892)


In this work, we define and construct fully homomorphic non-interactive zero knowledge (FH-NIZK) and non-interactive witness-indistinguishable (FH-NIWI) proof systems.

     We focus on the NP complete language L, where, for a boolean circuit C and a bit b, the pair \((C,b)\in L\) if there exists an input \(\mathbf {w}\) such that \(C(\mathbf {w})=b\). For this language, we call a non-interactive proof system fully homomorphic if, given instances \((C_i,b_i)\in L\) along with their proofs \(\varPi _i\), for \(i\in \{1,\ldots ,k\}\), and given any circuit \(D:\{0,1\}^k\rightarrow \{0,1\}\), one can efficiently compute a proof \(\varPi \) for \((C^*,b)\in L\), where \(C^*(\mathbf {w}^{(1)},\ldots ,\mathbf {w}^{(k)})=D(C_1(\mathbf {w}^{(1)}),\ldots ,C_k(\mathbf {w}^{(k)}))\) and \(D(b_1,\ldots ,b_k)=b\). The key security property is unlinkability: the resulting proof \(\varPi \) is indistinguishable from a fresh proof of the same statement.

     Our first result, under the Decision Linear Assumption (DLIN), is an FH-NIZK proof system for L in the common random string model. Our more surprising second result (under a new decisional assumption on groups with bilinear maps) is an FH-NIWI proof system that requires no setup.


Homomorphism Non-interactive zero-knowledge Non-interactive Witness Indistinguishability 


  1. 1.
    Acar, T., Nguyen, L.: Homomorphic proofs and applications (2011).
  2. 2.
    Agrawal, S., Ganesh, C., Mohassel, P.: Non-interactive zero-knowledge proofs for composite statements. In: IACR Cryptology ePrint Archive (2018)Google Scholar
  3. 3.
    Ananth, P., Cohen, A., Jain, A.: Cryptography with updates. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 445–472. Springer, Cham (2017). Scholar
  4. 4.
    Ananth, P., Deshpande, A., Kalai, Y.T., Lysyanskaya, A.: Fully homomorphic NIZK and NIWI proofs. IACR Cryptology ePrint Archive 2019/732 (2019).
  5. 5.
    Ananth, P., Goyal, V., Pandey, O.: Interactive proofs under continual memory leakage. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 164–182. Springer, Heidelberg (2014). Scholar
  6. 6.
    Barak, B., Ong, S.J., Vadhan, S.P.: Derandomization in cryptography. IACR Cryptology ePrint Archive 2005/365 (2005).
  7. 7.
    Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009). CrossRefGoogle Scholar
  8. 8.
    Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: Recursive composition and bootstrapping for snarks and proof-carrying data. In: Proceedings of the Forty-Fifth Annual ACM Symposium on Theory of Computing, pp. 111–120. ACM (2013)Google Scholar
  9. 9.
    Blum, M., De Santis, A., Micali, S., Persiano, G.: Non-interactive zero-knowledge. SIAM J. Comput. 20(6), 1084–1118 (1991)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Boneh, D., Freeman, D.M.: Homomorphic signatures for polynomial functions. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 149–168. Springer, Heidelberg (2011). Scholar
  11. 11.
    Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., Orrù, M.: Homomorphic secret sharing: optimizations and applications. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2105–2122. ACM (2017)Google Scholar
  12. 12.
    Boyle, E., Gilboa, N., Ishai, Y., Lin, H., Tessaro, S.: Foundations of homomorphic secret sharing. In: LIPIcs-Leibniz International Proceedings in Informatics, vol. 94. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2018)Google Scholar
  13. 13.
    Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. SIAM J. Comput. 43(2), 831–871 (2014)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable proof systems and applications. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 281–300. Springer, Heidelberg (2012). Scholar
  15. 15.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable signatures: complex unary transformations and delegatable anonymous credentials (2013).
  16. 16.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Succinct malleable NIZKs and an application to compact shuffles. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 100–119. Springer, Heidelberg (2013). Scholar
  17. 17.
    Dwork, C., Naor, M.: Zaps and their applications. In: 2000 41st Annual Symposium on Foundations of Computer Science, Proceedings, pp. 283–293. IEEE (2000)Google Scholar
  18. 18.
    Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis. International Journal of Distributed Sensor Networks, Stanford University (2009)Google Scholar
  19. 19.
    Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, New York (2000)zbMATHGoogle Scholar
  20. 20.
    Gorbunov, S., Vaikuntanathan, V., Wichs, D.: Leveled fully homomorphic signatures from standard lattices. In: Proceedings of the Forty-seventh Annual ACM Symposium on Theory of Computing, pp. 469–477. ACM (2015)Google Scholar
  21. 21.
    Groth, J., Ostrovsky, R., Sahai, A.: Non-interactive Zaps and New Techniques for NIZK. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 97–111. Springer, Heidelberg (2006). Scholar
  22. 22.
    Kim, S., Wu, D.J.: Multi-theorem preprocessing NIZKs from lattices. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 733–765. Springer, Cham (2018). Scholar
  23. 23.
    Micali, S.: Computationally sound proofs. SIAM J. Comput. 30(4), 1253–1298 (2000)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Naveh, A., Tromer, E.: PhotoProof: cryptographic image authentication for any set of permissible transformations. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 255–271. IEEE (2016)Google Scholar
  25. 25.
    Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secure Comput. 4(11), 169–180 (1978)MathSciNetGoogle Scholar
  26. 26.
    Valiant, P.: Incrementally verifiable computation or proofs of knowledge imply time/space efficiency. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 1–18. Springer, Heidelberg (2008). Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  • Prabhanjan Ananth
    • 1
    Email author
  • Apoorvaa Deshpande
    • 2
  • Yael Tauman Kalai
    • 3
  • Anna Lysyanskaya
    • 2
  1. 1.UCSBSanta BarbaraUSA
  2. 2.Brown UniversityProvidenceUSA
  3. 3.MIT and Microsoft ResearchCambridgeUSA

Personalised recommendations