On the existence of 3-round zero-knowledge protocols

  • Satoshi Hada
  • Toshiaki Tanaka
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1462)


In this paper, we construct a 3-round zero-knowledge protocol for any NP language. Goldreich and Krawczyk proved that a 3-round black-box simulation zero-knowledge protocol exists only for BPP languages. However, there is no contradiction here. That is, our proposed protocol achieves a weaker notion of zero-knowledge: auxiliary-input non-uniform zero-knowledge. Since this notion has not been investigated in the literature, we classify several zero-knowledge notions including it and discuss the relationships among them. Our main contribution is to provide a non-black-box simulation technique. It is based on a novel computational assumption related to the Diffie-Hellman problem. Although this assumption is strong and non-standard, its non-standard nature seems essential for our simulation technique.


Zero-knowledge interactive proof Diffie-Hellman problem 


  1. [BeGo92]
    M. Bellare and O. Goldreich, “On Defining Proofs of Knowledge,” Proceedings of Crypto'92, 1992.Google Scholar
  2. [BJY97]
    M. Bellare, M. Jakobsson and M. Yung, “Round-Optimal Zero-Knowledge Arguments Based on any One-Way Function,” Proceedings of Eurocrypt' 97, 1997.Google Scholar
  3. [BMO90]
    M. Bellare, S. Micali and R. Ostrovsky, “Perfect Zero-Knowledge in Constant Rounds,” Proceedings of 22nd STOC, 1990.Google Scholar
  4. [Bl86]
    M. Blum, “How to Prove a Theorem So No One Else Can Claim It,” Proceedings of the International Congress of Mathematicians, pp.1444–1451, 1986.Google Scholar
  5. [BM84]
    M. Blum and S. Micali, “How to Generate Cryptographically Strong Sequences of Pseudo-Random Bits,” SIAM Journal on Computing, Vol.13, No.4, pp.850–863, 1984.zbMATHMathSciNetCrossRefGoogle Scholar
  6. [BCC88]
    G. Brassard, D. Chaum and C. Crépeau, “Minimum Disclosure Proofs of Knowledge,” Journal of Computer and System Sciences, Vol. 37, No. 2, pp. 156–189, 1988.zbMATHMathSciNetCrossRefGoogle Scholar
  7. [BCY89]
    G. Brassard, C. Crépeau and M. Yung, “Everything in NP Can Be Argued in Perfect Zero-Knowledge in a Bounded Number of Rounds,” Proceedings of 16th ICALP, pp.123–136, 1989.Google Scholar
  8. [BrCr86]
    G. Brassard and C. Crépeau, “Non-Transitive Transfer of Confidence: A Perfect Zero-Knowledge Interactive Protocol for SAT and Beyond,” Proceedings of 27th FOCS, 1986.Google Scholar
  9. [DH76]
    W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Trans. Inform. Theory, Vol.22, No.6, pp.644–654, 1976.zbMATHMathSciNetCrossRefGoogle Scholar
  10. [FFS88]
    U. Feige, A. Fiat, and A. Shamir, “Zero Knowledge Proofs of Identity,” Journal of Cryptology, Vol.1, pp.77–94, 1988.zbMATHMathSciNetCrossRefGoogle Scholar
  11. [FeSh89]
    U. Feige and A. Shamir, “Zero Knowledge Proofs of Knowledge in Two Rounds,” Proceedings of Crypto'89, pp.526–544, 1989.Google Scholar
  12. [Go93]
    O. Goldreich, “A Uniform-Complexity Treatment of Encryption and Zero-Knowledge,” Journal of Cryptology, Vol.6, No. 1, pp.21–53, 1993.zbMATHMathSciNetGoogle Scholar
  13. [Go98-1]
    O. Goldreich, “Foundations of Cryptography (Fragments of a Book — Version 2.03),” February 27, 1998.Google Scholar
  14. [Go98-2]
    O. Goldreich, private communication, May 1998.Google Scholar
  15. [GoKa96]
    O. Goldreich and A. Kahan, “How to Construct Constant-Round Zero-Knowlege Proof Systems for NP,” Journal of Cryptology, Vol.9, No. 3, pp.167–190, 1996.zbMATHMathSciNetCrossRefGoogle Scholar
  16. [GoKr96]
    O. Goldreich and H. Krawczyk, “On the Composition of Zero-Knowledge Proof Systems,” SIAM Journal on Computing, Vol.25, No.1, pp.169–192, 1996.zbMATHMathSciNetCrossRefGoogle Scholar
  17. [GMW91]
    O. Goldreich, S. Micali, and A. Wigderson, “Proofs that Yield Nothing But Their Validity or All Languages in NP Have Zero-Knowledge Proof Systems,” Journal of the ACM, Vol.38, No.1, pp.691–729, 1991.zbMATHMathSciNetGoogle Scholar
  18. [GoOr94]
    O. Goldreich and Y. Oren, “Definitions and Properties of Zero-Knowlege Proof Systems,” Journal of Cryptology, Vol.7, No. 1, pp.1–32, 1994.zbMATHMathSciNetCrossRefGoogle Scholar
  19. [GMR85]
    S. Goldwasser, S. Micali, and C. Rackoff, “The Knowledge Complexity of Interactive Proofs,” Proceedings of 17th STOC, pp.291–304, 1985.Google Scholar
  20. [Ra80]
    M. O. Rabin, “Probabilistic Algorithm for Testing Primality,” Jounal of Number Theory, Vol 12, pp.128–138, 1980.zbMATHMathSciNetCrossRefGoogle Scholar
  21. [SS77]
    R. Solovay and V. Strassen, “A Fast Monte-Carlo Test for Primality,” SIAM Journal on Computing, Vol.6, No.1, pp.84–86, 1977.zbMATHMathSciNetCrossRefGoogle Scholar
  22. [TW87]
    M. Tompa and H. Woll, “Random Self-Reducibility and Zero Knowledge Interactive Proofs of Possession of Information,” Proceedings of 28th FOCS, pp.472–482, 1987.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Satoshi Hada
    • 1
  • Toshiaki Tanaka
    • 1
  1. 1.KDD R&D LaboratoriesSaitamaJapan

Personalised recommendations