On the Existence of Bit Commitment Schemes and Zero-Knowledge Proofs

  • Ivan Bjerre Damgård
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 435)


It has been proved earlier that the existence of bit commitment schemes (blobs) implies the existence of zero-knowledge proofs of information possession, which are MA-protocols (i.e. the verifier sends only independent random bits) [BrChCr], [GoMiWi].

In this paper we prove the converse result in a slightly modified form: We define a concept called weakly zero-knowledge, which is like ordinary zero-knowledge, except that we only require that an honest verifier learns nothing from the protocol. We then show that if, using an MA-protocol, P can prove to V in weakly zero-knowledge that he possesses a solution to some hard problem, then this implies the existence of a bit commitment scheme. If the original protocol is (almost) perfect zero-knowledge, then the resulting commitments are secure against an infinitely powerful receiver.

Finally, we also show a similar result for a restricted class of non-MA protocols.


Hard Problem Proof System Powerful Receiver Commitment Scheme Information Possession 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [AABFH]
    Abadi, Allender, Broder, Feigenbaum and Hemachandra: “On Generating Solved Instances of Computational Problems”, Proc. of CRYPTO 88, Springer.Google Scholar
  2. [ACGS]
    Alexi, Chor, Goldreich, Schnorr: “RSA and Rabin Functions: Certain Parts are as Hard as the Whole”, Siam J. Compt., vol.17, no.2, 1988, pp.194–209.zbMATHCrossRefMathSciNetGoogle Scholar
  3. [BoKrKu]
    Boyar, Krentel and Kurtz: “A Discrete Logarithm Implementation of Zero-knowledge Blobs”, Tech. Report, Dept. of Computer Science, University of Chicago, 1987.Google Scholar
  4. [Br]
    Brassard: Modern Cryptology, Lecture Notes in Computer Science, vol.325, Springer-Verlag, 1988.zbMATHGoogle Scholar
  5. [BrChCr]
    Brassard, Chaum, Crépeau: “Minimum Disclosure Proofs of Knowledge”, JCSS, vol.37, no.2, Oct. 1988, pp.156–189.zbMATHGoogle Scholar
  6. [ChDaGr]
    Chaum, Damgåd, van de Grad “Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result”, Proc. of Crypto 87.Google Scholar
  7. [ChGr]
    Chaum, van de Graaf: “An Improved Protocol for Demonstrating possession of a Discrete Log”, Proc. of EuroCrypt 87.Google Scholar
  8. [Da]
    Damgård: “The Application of Claw Free Functions in Cryptography”, PhD-Thesis, Aarhus University, Denmark, May 1988.Google Scholar
  9. [FiSh]
    Fiege and Shamir: “Zero-Knowledge Proofs of Knowledge in Two Rounds”, these proceedings.Google Scholar
  10. [FiFiSh]
    Fiat, Fiege, Shamir: “Zero-Knowledge Proof of Identity”, Proc. of STOC 87.Google Scholar
  11. [FLM]
    Feigenbaum, Lipton and Mahaney: “A Completeness Theorem for Almost-Everywhere Invulnerable Generators”, manuscript, AT& T Bell Labs. Tech. Memo, Febr. 89.Google Scholar
  12. [GoLe]
    Goldreich and Levin: “A Hard-Core Predicate for all One-Way Functions”, Proc. of STOC 89, pp.25–32.Google Scholar
  13. [GoMiRa]
    Goldwasser, Micali: “Probabilistic Encryption”, JCSS, vol 28, no 2, 1984, pp 270–299.zbMATHMathSciNetGoogle Scholar
  14. [GoMiRa]
    Goldwasser, Micali, Rackoff: “The Knowledge Complexity of Interactive Proof Systems”, Proc. of STOC 85, pp.291–304.Google Scholar
  15. [GoMiWi]
    Goldreich, Micali, Wigderson: “Proof that Yield Nothing but the Validity of the Assertion, and the Methodology of Cryptographic Protocol Design”, Proc. of FOCS 86.Google Scholar
  16. [GoMiWi2]
    Goldreich, Micali and Wigderson: “How to Play any Mental Game”, Proc. of FOCS 87.Google Scholar
  17. [Kr]
    Kranakis: Primality and Cryptography, Wiley-Teubner Series in Computer Science, 1986.Google Scholar
  18. [Na]
    Naor: “Bit Commitment using Pseudo-Randomness”, these proceedings.Google Scholar
  19. [ToWo]
    Tompa, Woll: “Random Self-Reducibility and Zero-Knowledge Proofs of Information Possession”, Proc. of FOCS 87.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • Ivan Bjerre Damgård
    • 1
  1. 1.Mathematical InstituteAarhus UniversityAarhus CDenmark

Personalised recommendations