Abstract

We show that probabilistically checkable proofs can be used to shorten non-interactive zero-knowledge proofs. We obtain publicly verifiable non-interactive zero-knowledge proofs for circuit satisfiability with adaptive and unconditional soundness where the size grows quasi-linearly in the number of gates. The zero-knowledge property relies on the existence of trapdoor permutations, or it can be based on a specific number theoretic assumption related to factoring to get better efficiency. As an example of the latter, we suggest a non-interactive zero-knowledge proof for circuit satisfiability based on the Naccache-Stern cryptosystem consisting of a quasi-linear number of bits. This yields the shortest known non-interactive zero-knowledge proof for circuit satisfiability.

Keywords

Non-interactive zero-knowledge proofs adaptive soundness probabilistically checkable proofs Naccache-Stern encryption 

References

  1. [ALM+98]
    Arora, S., Lund, C., Motwani, R., Sudan, M., Szegedy, M.: Proof verification and the hardness of approximation problems. Journal of the ACM 45(3), 501–555 (1998)MATHCrossRefMathSciNetGoogle Scholar
  2. [AS98]
    Arora, S., Safra, S.: Probabilistic checking of proofs: a new characterization of NP. Journal of the ACM 45(1), 70–122 (1998)MATHCrossRefMathSciNetGoogle Scholar
  3. [BFM88]
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications. In: STOC, pp. 103–112 (1988)Google Scholar
  4. [BSS08]
    Ben-Sasson, E., Sudan, M.: Short pcps with polylog query complexity. SIAM Journal of Computing 38(2), 551–607 (2008)CrossRefMathSciNetGoogle Scholar
  5. [BW06]
    Boyen, X., Waters, B.: Compact group signatures without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 427–444. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. [BY92]
    Bellare, M., Yung, M.: Certifying cryptographic tools: The case of trapdoor permutations. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 442–460. Springer, Heidelberg (1993)Google Scholar
  7. [CGS07]
    Chandran, N., Groth, J., Sahai, A.: Ring signatures of sub-linear size without random oracles. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 423–434. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. [Dam92]
    Damgård, I.: Non-interactive circuit based proofs and non-interactive perfect zero-knowledge with preprocessing. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 341–355. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  9. [DDN00]
    Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM Journal of Computing 30(2), 391–437 (2000)MATHCrossRefMathSciNetGoogle Scholar
  10. [DDP02]
    De Santis, A., Di Crescenzo, G., Persiano, G.: Randomness-optimal characterization of two NP proof systems. In: Rolim, J.D.P., Vadhan, S.P. (eds.) RANDOM 2002. LNCS, vol. 2483, pp. 179–193. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. [Din07]
    Dinur, I.: The PCP theorem by gap amplification. Journal of the ACM 54(3) (2007)Google Scholar
  12. [DR04]
    Dinur, I., Reingold, O.: Assignment testers: Towards a combinatorial proof of the pcp-theorem. In: FOCS, pp. 155–164 (2004)Google Scholar
  13. [FLS99]
    Feige, U., Lapidot, D., Shamir, A.: Multiple non-interactive zero knowledge proofs under general assumptions. SIAM Journal of Computing 29(1), 1–28 (1999)MATHCrossRefMathSciNetGoogle Scholar
  14. [Gen09]
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178 (2009)Google Scholar
  15. [GK96]
    Goldreich, O., Krawczyk, H.: On the composition of zero-knowledge proof systems. SIAM Journal of Computing 25(1), 169–192 (1996)MATHCrossRefMathSciNetGoogle Scholar
  16. [GL89]
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: STOC, pp. 25–32 (1989)Google Scholar
  17. [GMR89]
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proofs. SIAM Journal of Computing 18(1), 186–208 (1989)MATHCrossRefMathSciNetGoogle Scholar
  18. [GO94]
    Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof systems. Journal of Cryptology 7(1), 1–32 (1994)MATHCrossRefMathSciNetGoogle Scholar
  19. [GO07]
    Groth, J., Ostrovsky, R.: Cryptography in the multi-string model. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 323–341. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. [GOS06a]
    Groth, J., Ostrovsky, R., Sahai, A.: Non-interactive zaps and new techniques for NIZK. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 97–111. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. [GOS06b]
    Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero-knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. [GPS08]
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156(16), 3113–3121 (2008)MATHCrossRefMathSciNetGoogle Scholar
  23. [Gro06]
    Groth, J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444–459. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  24. [GS08]
    Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  25. [Kil92]
    Kilian, J.: A note on efficient zero-knowledge proofs and arguments. In: STOC, pp. 723–732 (1992)Google Scholar
  26. [KP98]
    Kilian, J., Petrank, E.: An efficient noninteractive zero-knowledge proof system for NP with general assumptions. Journal of Cryptology 11(1), 1–27 (1998)MATHCrossRefMathSciNetGoogle Scholar
  27. [NS98]
    Naccache, D., Stern, J.: A new public key cryptosystem based on higher residues. In: ACM CCS, pp. 59–66 (1998)Google Scholar
  28. [Ore87]
    Oren, Y.: On the cunning power of cheating verifiers: Some observations about zero knowledge proofs. In: FOCS, pp. 462–471 (1987)Google Scholar
  29. [Sah01]
    Sahai, A.: Non-malleable non-interactive zero-knowledge and adaptive chosen-ciphertext security. In: FOCS, pp. 543–553 (2001)Google Scholar

Copyright information

© International Association for Cryptologic Research 2010

Authors and Affiliations

  • Jens Groth
    • 1
  1. 1.University College LondonUK

Personalised recommendations