Skip to main content

An Equivalence Between Zero Knowledge and Commitments

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 4948)

Abstract

We show that a language in NP has a zero-knowledge protocol if and only if the language has an “instance-dependent” commitment scheme. An instance-dependent commitment schemes for a given language is a commitment scheme that can depend on an instance of the language, and where the hiding and binding properties are required to hold only on the yes and no instances of the language, respectively.

The novel direction is the only if direction. Thus, we confirm the widely held belief that commitments are not only sufficient for zero knowledge protocols, but necessary as well. Previous results of this type either held only for restricted types of protocols or languages, or used nonstandard relaxations of (instance-dependent) commitment schemes.

Keywords

  • Hash Function
  • Commitment Scheme
  • Negligible Function
  • Promise Problem
  • Zero Knowledge

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. Aiello, W., Håstad, J.: Statistical zero-knowledge languages can be recognized in two rounds. J. Comput. Syst. Sci. 42(3), 327–345 (1991)

    MATH  CrossRef  Google Scholar 

  2. Brassard, G., Chaum, D., Crépeau, C.: Minimum disclosure proofs of knowledge. J. Comput. Syst. Sci. 37(2), 156–189 (1988)

    MATH  CrossRef  Google Scholar 

  3. Ben-Or, M., Goldreich, O., Goldwasser, S., Håstad, J., Kilian, J., Micali, S., Rogaway, P.: Everything provable is provable in zero-knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 37–56. Springer, Heidelberg (1990)

    Google Scholar 

  4. Blum, M.: How to prove a theorem so no one else can claim it. In: Proc. International Congress of Mathematicians, pp. 1444–1451 (1987)

    Google Scholar 

  5. Bellare, M., Micali, S., Ostrovsky, R.: Perfect zero-knowledge in constant rounds. In: Proc. 22nd STOC, pp. 482–493 (1990)

    Google Scholar 

  6. Bellare, M., Rogaway, P.: Collision-resistant hashing: towards making UOWHFs practical. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 470–484. Springer, Heidelberg (1997)

    Google Scholar 

  7. Cover, T.M., Thomas, J.A.: Elements of information theory, 2nd edn. Wiley-Interscience, New York (2006)

    MATH  Google Scholar 

  8. Damgård, I.: On the existence of bit commitment schemes and zero-knowledge proofs. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 17–27. Springer, Heidelberg (1990)

    Google Scholar 

  9. Damgård, I.B.: Interactive hashing can simplify zero-knowledge protocol design without computational assumptions. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 100–109. Springer, Heidelberg (1994)

    Google Scholar 

  10. Even, S., Selman, A.L., Yacobi, Y.: The complexity of promise problems with applications to public-key cryptography. Inform. Control 61(2), 159–173 (1984)

    MATH  CrossRef  MathSciNet  Google Scholar 

  11. Goldreich, O., Kahan, A.: How to construct constant-round zero-knowledge proof systems for NP. J. Cryptol. 9(3), 167–190 (1996)

    MATH  CrossRef  MathSciNet  Google Scholar 

  12. Goldreich, O., Krawczyk, H.: On the composition of zero-knowledge proof systems. SIAM Journal on Computing 25(1), 169–192 (1996)

    MATH  CrossRef  MathSciNet  Google Scholar 

  13. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM Journal on Computing 18(1), 186–208 (1989)

    MATH  CrossRef  MathSciNet  Google Scholar 

  14. Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. J. ACM 38(1), 691–729 (1991)

    MATH  MathSciNet  Google Scholar 

  15. Goldreich, O.: On promise problems (a survey in memory of Shimon Even [1935-2004]). Technical Report TR05–018, Electronic Colloquium on Computational Complexity (February 2005)

    Google Scholar 

  16. Goldreich, O., Sahai, A., Vadhan, S.: Can statistical zero-knowledge be made non-interactive?, or On the relationship of SZK and NISZK. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 467–484. Springer, Heidelberg (1999)

    Google Scholar 

  17. Goldreich, O., Vadhan, S.P.: Comparing entropies in statistical zero knowledge with applications to the structure of SZK. In: Proc. 14th Computational Complexity, pp. 54–73 (1999)

    Google Scholar 

  18. Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)

    MATH  CrossRef  MathSciNet  Google Scholar 

  19. Haitner, I., Nguyen, M.-H., Ong, S.J., Reingold, O., Vadhan, S.: Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. Preliminary versions appeared as [NOV] and [HR], (in submission, 2007), http://eecs.harvard.edu/~salil/papers/SHcommit-abs.html

  20. Haitner, I., Reingold, O.: Statistically-hiding commitment from any one-way function. In: Proc. 39th STOC, pp. 1–10 (2007)

    Google Scholar 

  21. Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proc. 30th FOCS, pp. 230–235 (1989)

    Google Scholar 

  22. Itoh, T., Ohta, Y., Shizuya, H.: A language-dependent cryptographic primitive. J. Cryptol. 10(1), 37–49 (1997)

    MATH  CrossRef  MathSciNet  Google Scholar 

  23. Impagliazzo, R., Yung, M.: Direct minimum-knowledge computations (extended abstract). In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 40–51. Springer, Heidelberg (1988)

    Google Scholar 

  24. Katz, J., Koo, C.-Y.: On constructing universal one-way hash functions from arbitrary one-way functions. Technical Report 2005/328, Cryptology ePrint Archive (2005)

    Google Scholar 

  25. Kapron, B., Malka, L., Srinivasan, V.: A characterization of non-interactive instance-dependent commitment-schemes (NIC). In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 328–339. Springer, Heidelberg (2007)

    CrossRef  Google Scholar 

  26. Micciancio, D., Ong, S.J., Sahai, A., Vadhan, S.: Concurrent zero knowledge without complexity assumptions. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)

    Google Scholar 

  27. Micciancio, D., Vadhan, S.: Statistical zero-knowledge proofs with efficient provers: lattice problems and more. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 282–298. Springer, Heidelberg (2003)

    Google Scholar 

  28. Naor, M.: Bit commitment using pseudorandomness. J. Cryptol. 4(2), 151–158 (1991)

    MATH  CrossRef  Google Scholar 

  29. Nguyen, M.-H., Ong, S.J., Vadhan, S.: Statistical zero-knowledge arguments for NP from any one-way function. In: Proc. 47th FOCS, pp. 3–14 (2006)

    Google Scholar 

  30. Nguyen, M.-H., Vadhan, S.: Zero knowledge with efficient provers. In: Proc. 38th STOC, pp. 287–295 (2006)

    Google Scholar 

  31. Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proc. 21st STOC, pp. 33–43 (1989)

    Google Scholar 

  32. Okamoto, T.: On relationships between statistical zero-knowledge proofs. J. Comput. Syst. Sci. 60(1), 47–108 (2000)

    MATH  CrossRef  MathSciNet  Google Scholar 

  33. Ong, S.J.: Unconditional Relationships within Zero Knowledge. PhD thesis, Harvard University, Cambridge (May 2007)

    Google Scholar 

  34. Ong, S.J., Vadhan, S.: Zero knowledge and soundness are symmetric. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 187–209. Springer, Heidelberg (2007) Earlier version appeared as TR06-139 in the Electronic Colloquium on Computational Complexity

    CrossRef  Google Scholar 

  35. Ostrovsky, R., Wigderson, A.: One-way functions are essential for non-trivial zero-knowledge. In: Proceedings of the 2nd Israel Symposium on Theory of Computing Systems, pp. 3–17. IEEE Computer Society, Los Alamitos (1993)

    CrossRef  Google Scholar 

  36. Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proc. 22nd STOC, pp. 387–394 (1990)

    Google Scholar 

  37. Rosen, A.: A note on constant-round zero-knowledge proofs for NP. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 191–202. Springer, Heidelberg (2004)

    Google Scholar 

  38. Sahai, A., Vadhan, S.: A complete problem for statistical zero knowledge. J. ACM 50(2), 196–249 (2003)

    CrossRef  MathSciNet  Google Scholar 

  39. Vadhan, S.P.: An unconditional study of computational zero knowledge. SIAM J. Comput. 36(4), 1160–1214 (2006)

    MATH  CrossRef  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ong, S.J., Vadhan, S. (2008). An Equivalence Between Zero Knowledge and Commitments. In: Canetti, R. (eds) Theory of Cryptography. TCC 2008. Lecture Notes in Computer Science, vol 4948. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78524-8_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-78524-8_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-78523-1

  • Online ISBN: 978-3-540-78524-8

  • eBook Packages: Computer ScienceComputer Science (R0)