Advertisement

Non-interactive Zaps of Knowledge

  • Georg Fuchsbauer
  • Michele Orrù
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10892)

Abstract

While non-interactive zero-knowledge (NIZK) proofs require trusted parameters, Groth, Ostrovsky and Sahai constructed non-interactive witness-indistinguishable (NIWI) proofs without any setup; they called their scheme a non-interactive zap. More recently, Bellare, Fuchsbauer and Scafuro investigated the security of NIZK in the face of parameter subversion and observe that NI zaps provide subversion-resistant soundness and WI.

Arguments of knowledge prove that not only the statement is true, but also that the prover knows a witness for it, which is essential for anonymous identification. We present the first NIWI argument of knowledge without parameters, i.e., a NI zap of knowledge. Consequently, our scheme is also the first subversion-resistant knowledge-sound proof system, a notion recently proposed by Fuchsbauer.

Keywords

Non-interactive proofs Argument of knowledge Subversion resistance 

Notes

Acknowledgements

The authors would like to thank the anonymous reviewers of PKC 2018 and ACNS 2018 for their helpful comments. The first author is supported by the French ANR EfTrEC project (ANR-16-CE39-0002). The second author is supported by ERC grant 639554 (project aSCEND).

References

  1. [BBS04]
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28628-8_3CrossRefGoogle Scholar
  2. [BCG+14]
    Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474. IEEE Computer Society Press, May 2014Google Scholar
  3. [BCI+10]
    Brier, E., Coron, J.-S., Icart, T., Madore, D., Randriam, H., Tibouchi, M.: Efficient indifferentiable hashing into ordinary elliptic curves. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 237–254. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_13CrossRefGoogle Scholar
  4. [BFM88]
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: 20th ACM STOC, pp. 103–112. ACM Press, May 1988Google Scholar
  5. [BFS16]
    Bellare, M., Fuchsbauer, G., Scafuro, A.: NIZKs with an untrusted CRS: security in the face of parameter subversion. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 777–804. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53890-6_26CrossRefzbMATHGoogle Scholar
  6. [BG93]
    Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993).  https://doi.org/10.1007/3-540-48071-4_28CrossRefGoogle Scholar
  7. [BHY09]
    Bellare, M., Hofheinz, D., Yilek, S.: Possibility and impossibility results for encryption and commitment secure under selective opening. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 1–35. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01001-9_1CrossRefGoogle Scholar
  8. [BOV03]
    Barak, B., Ong, S.J., Vadhan, S.: Derandomization in cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 299–315. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_18CrossRefzbMATHGoogle Scholar
  9. [BP15]
    Bitansky, N., Paneth, O.: ZAPs and non-interactive witness indistinguishability from indistinguishability obfuscation. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 401–427. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_16CrossRefzbMATHGoogle Scholar
  10. [BW06]
    Boyen, X., Waters, B.: Compact group signatures without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 427–444. Springer, Heidelberg (2006).  https://doi.org/10.1007/11761679_26CrossRefGoogle Scholar
  11. [BW07]
    Boyen, X., Waters, B.: Full-domain subgroup hiding and constant-size group signatures. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 1–15. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71677-8_1CrossRefGoogle Scholar
  12. [DN00]
    Dwork, C., Naor, M.: Zaps and their applications. In: 41st FOCS, pp. 283–293. IEEE Computer Society Press, November 2000Google Scholar
  13. [FLS90]
    Feige, U., Lapidot, D., Shamir, A.: Multiple non-interactive zero knowledge proofs based on a single random string (extended abstract). In: 31st FOCS, pp. 308–317. IEEE Computer Society Press, October 1990Google Scholar
  14. [FO18]
    Fuchsbauer, G., Orrú, M.: Non-interactive zaps of knowledge. Cryptology ePrint Archive, Report 2018/228 (2018)Google Scholar
  15. [FS90]
    Feige, U., Shamir, A.: Witness indistinguishable and witness hiding protocols. In: 22nd ACM STOC, pp. 416–426. ACM Press, May 1990Google Scholar
  16. [Fuc18]
    Fuchsbauer, G.: Subversion-zero-knowledge SNARKs. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10769, pp. 315–347. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-76578-5_11CrossRefGoogle Scholar
  17. [GMR89]
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)MathSciNetCrossRefGoogle Scholar
  18. [GO94]
    Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof systems. J. Cryptol. 7(1), 1–32 (1994)MathSciNetCrossRefGoogle Scholar
  19. [GOS06a]
    Groth, J., Ostrovsky, R., Sahai, A.: Non-interactive zaps and new techniques for NIZK. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 97–111. Springer, Heidelberg (2006).  https://doi.org/10.1007/11818175_6CrossRefGoogle Scholar
  20. [GOS06b]
    Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006).  https://doi.org/10.1007/11761679_21CrossRefGoogle Scholar
  21. [GS08]
    Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78967-3_24CrossRefGoogle Scholar
  22. [Gol93]
    Goldreich, O.: A uniform-complexity treatment of encryption and zero-knowledge. J. Cryptol. 6(1), 21–53 (1993)MathSciNetCrossRefGoogle Scholar
  23. [Gro06]
    Groth, J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444–459. Springer, Heidelberg (2006).  https://doi.org/10.1007/11935230_29CrossRefGoogle Scholar
  24. [Gro10]
    Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17373-8_19CrossRefGoogle Scholar
  25. [KN08]
    Kol, G., Naor, M.: Cryptography and game theory: designing protocols for exchanging information. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 320–339. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78524-8_18CrossRefzbMATHGoogle Scholar
  26. [PVW08]
    Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554–571. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85174-5_31CrossRefGoogle Scholar
  27. [Ràf15]
    Ràfols, C.: Stretching groth-sahai: NIZK proofs of partial satisfiability. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 247–276. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_10CrossRefzbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.InriaParisFrance
  2. 2.École normale supérieure, CNRSPSL UniversityParisFrance

Personalised recommendations