FUN 2007: Fun with Algorithms pp 166-182

# Cryptographic and Physical Zero-Knowledge Proof Systems for Solutions of Sudoku Puzzles

• Moni Naor
• Benny Pinkas
• Guy N. Rothblum
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4475)

## Abstract

We consider cryptographic and physical zero-knowledge proof schemes for Sudoku, a popular combinatorial puzzle. We discuss methods that allow one party, the prover, to convince another party, the verifier, that the prover has solved a Sudoku puzzle, without revealing the solution to the verifier. The question of interest is how a prover can show: (i) that there is a solution to the given puzzle, and (ii) that he knows the solution, while not giving away any information about the solution to the verifier.

In this paper we consider several protocols that achieve these goals. Broadly speaking, the protocols are either cryptographic or physical. By a cryptographic protocol we mean one in the usual model found in the foundations of cryptography literature. In this model, two machines exchange messages, and the security of the protocol relies on computational hardness. By a physical protocol we mean one that is implementable by humans using common objects, and preferably without the aid of computers. In particular, our physical protocols utilize scratch-off cards, similar to those used in lotteries, or even just simple playing cards.

The cryptographic protocols are direct and efficient, and do not involve a reduction to other problems. The physical protocols are meant to be understood by ”lay-people” and implementable without the use of computers.

## Keywords

Cryptographic Protocol Playing Card Random Coin Computational Hardness Commitment Protocol
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

## References

1. 1.
Balogh, J., Csirik, J.A., Ishai, Y., Kushilevitz, E.: Private computation using a PEZ dispenser. Theoretical Computer Science 306(1-3), 69–84 (2003)
2. 2.
Blum, M.: How to Prove a Theorem So No One Else Can Claim It. In: Proc. of the International Congress of Mathematicians, Berkeley, California, USA, pp.1444–1451 (1986)Google Scholar
3. 3.
Crépeau, C., Kilian, J.: Discreet Solitary Games, Advances in Cryptology - CRYPTO’93. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 319–330. Springer, Heidelberg (1994)
4. 4.
Fagin, R., Naor, M., Winkler, P.: Comparing Information Without Leaking It. Comm. of the ACM 39, 77–85 (1996)
5. 5.
Oded Goldreich, Modern Cryptography, Probabilistic Proofs and Pseudorandomness, Springer, Algorithms and Combinatorics, vol. 17 (1998)Google Scholar
6. 6.
Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, Cambridge (2001)
7. 7.
Goldreich, O., Micali, S., Wigderson, A.: Proofs that Yield Nothing But their Validity, and a Methodology of Cryptographic Protocol Design. J. of the ACM 38, 691–729 (1991)
8. 8.
Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Computing 18(1), 186–208 (1989)
9. 9.
Gradwohl, R., Naor, M., Pinkas, B., Rothblum, G.N.: Cryptographic and Physical Zero-Knowledge Proof Systems for Solutions of Sudoku Puzzles. http://www.wisdom.weizmann.ac.il/~naor/PAPERS/sudoku_abs.html
10. 10.
Gradwohl, R., Naor, E., Naor, M., Pinkas, B., Rothblum, G.N.: Proving Sudoku in Zero-Knowledge with a Deck of Cards (January 2007), http://www.wisdom.weizmann.ac.il/~naor/PAPERS/SUDOKU_DEMO/
11. 11.
Hayes, B.: Unwed Numbers. American Scientist Vol. 94(1), http://www.americanscientist.org/template/AssetDetail/assetid/48550 (January- February 2006)
12. 12.
Moran, T., Naor, M.: Basing Cryptographic Protocols on Tamper-Evident Seals. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 285–297. Springer, Heidelberg (2005)
13. 13.
Moran, T., Naor, M.: Polling With Physical Envelopes: A Rigorous Analysis of a Human Centric Protocol. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 88–108. Springer, Heidelberg (2006)
14. 14.
Naor, M.: Bit Commitment Using Pseudo-Randomness. Journal of Cryptology 4, 151–158 (1991)
15. 15.
Naor, M., Naor, Y., Reingold, O.: Applied kid cryptography or how to convince your children you are not cheating (March 1999), http://www.wisdom.weizmann.ac.il/~naor/PAPERS/waldo.ps
16. 16.
Jean-Jacques, Q., Myriam, Q., Muriel, Q., Michaël, Q., Louis, G., Marie Annick, G., Gaïd, G., Anna, G., Gwenolé, G., Soazig, G., Berson, T.: How to explain zero-knowledge protocols to your children. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 628–631. Springer, Heidelberg (1990)Google Scholar
17. 17.
Schneier, B.: The solitaire encryption algorithm (1999), http://www.schneier.com/solitaire.html
18. 18.
Vadhan, S.P.: Interactive Proofs & Zero-Knowledge Proofs, lectures for the IAS/Park City Math Institute Graduate Summer School on Computational Complexity, http://www.eecs.harvard.edu/~salil/papers/pcmi-abs.html
19. 19.
Sudoku, Wikipedia, the free encyclopedia (based on Oct 19th 2005 version), http://en.wikipedia.org/wiki/Sudoku
20. 20.
Yato, T.: Complexity and Completeness of Finding Another Solution and its Application to Puzzles, Masters thesis, Univ. of Tokyo, Dept. of Information Science. (January 2003) Available: http://www-imai.is.s.u-tokyo.ac.jp/~yato/data2/MasterThesis.ps

## Authors and Affiliations

• 1
• Moni Naor
• 2
• Benny Pinkas
• 3
• Guy N. Rothblum
• 4
1. 1.Department of Computer Science and Applied Math, The Weizmann Institute of Science, Rehovot 76100Israel
2. 2.Incumbent of the Judith Kleeman Professorial Chair, Department of Computer Science and Applied Math, The Weizmann Institute of Science, Rehovot 76100Israel
3. 3.Department of Computer Science, University of Haifa, HaifaIsrael
4. 4.CSAIL, MIT, Cambridge, MA 02139USA