Abstract
In this short paper, we present a Fiat-Shamir type transform that takes any Sigma protocol for a relation R and outputs a non-interactive zero-knowledge proof (not of knowledge) for the associated language L R , in the common reference string model. As in the Fiat-Shamir transform, we use a hash function H. However, zero-knowledge is achieved under standard assumptions in the common reference string model (without any random oracle), and soundness is achieved in the non-programmable random oracle model. The concrete computational complexity of the transform is only slightly higher than the original Fiat-Shamir transform.
This work was funded by the European Research Council under the European Union’s Seventh Framework Programme (FP/2007-2013) / ERC consolidators grant agreement n. 615172 (HIPS), and under the European Union’s Seventh Framework Program (FP7/2007-2013) grant agreement n. 609611 (PRACTICE).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Barak, B., Lindell, Y., Vadhan, S.: Lower Bounds for Non-Black-Box Zero Knowledge. The Journal of Computer and System Sciences 72(2), 321–391 (2003), (An extended abstract appeared in FOCS 2003)
Blum, M., Feldman, P., Micali, S.: Non-interactive Zero-Knowledge and its Applications. In: 20th STOC, pp. 103–112 (1988)
Canetti, R., Goldreich, O., Halevi, S.: The Random Oracle Methodology, Revisited. In: The 30th STOC, pp. 209–218 (1998)
Catalano, D., Visconti, I.: Hybrid Commitments and their Applications to Zero-Knowledge Proof Systems. Theoretical Computer Science 374(1-3), 229–260 (2007)
Cramer, R., Damgård, I.B., Schoenmakers, B.: Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols. In: Desmedt, Y.G. (ed.) Advances in Cryptology - CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)
Damgård, I.B.: On the Existence of Bit Commitment Schemes and Zero-Knowledge Proofs. In: Brassard, G. (ed.) Advances in Cryptology - CRYPTO 1989. LNCS, vol. 435, pp. 17–27. Springer, Heidelberg (1990)
Damgård, I.B.: Efficient Concurrent Zero-Knowledge in the Auxiliary String Model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 418–430. Springer, Heidelberg (2000)
Damgård, I.: On Σ Protocols, http://www.daimi.au.dk/~ivan/Sigma.pdf
Dodis, Y., Shoup, V., Walfish, S.: Efficient Constructions of Composable Commitments and Zero-Knowledge Proofs. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 515–535. Springer, Heidelberg (2008)
Dodis, Y., Ristenpart, T., Vadhan, S.: Randomness Condensers for Efficiently Samplable, Seed-Dependent Sources. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 618–635. Springer, Heidelberg (2012)
Feige, U., Lapidot, D., Shamir, A.: Multiple Non-Interactive Zero-Knowledge Proofs Under General Assumptions. SIAM Journal on Computing 29(1), 1–28 (1999)
Feige, U., Shamir, A.: Witness Indistinguishable and Witness Hiding Protocols. In: The 22nd STOC, pp. 416–426 (1990)
Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) Advances in Cryptology - CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Goldreich, O.: Foundation of Cryptography, Volume II. Cambridge University Press (2004)
Goldreich, O.: Basing Non-Interactive Zero-Knowledge on (Enhanced) Trapdoor Permutation: The State of the Art. Technical Report (2009), http://www.wisdom.weizmann.ac.il/~oded/PSBookFrag/nizk-tdp.ps
Goldreich, O., Micali, S., Wigderson, A.: How to Prove all NP-Statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design. In: Odlyzko, A.M. (ed.) Advances in Cryptology - CRYPTO 1986. LNCS, vol. 263, pp. 171–185. Springer, Heidelberg (1987)
Goldreich, O., Micali, S., Wigderson, A.: How to Play any Mental Game – A Completeness Theorem for Protocols with Honest Majority. In: 19th STOC, pp. 218–229 (1987)
Goldreich, O., Oren, Y.: Definitions and Properties of Zero-Knowledge Proof Systems. Journal of Cryptology 7(1), 1–32 (1994)
Goldwasser, S., Kalai, Y.: On the (In)security of the Fiat-Shamir Paradigm. In: The 44th FOCS, pp. 102–113 (2003)
Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof Systems. SIAM Journal on Computing 18(1), 186–208 (1989)
Hazay, C., Lindell, Y.: Efficient Secure Two-Party Protocols – Techniques and Constructions. Springer (October 2010)
Jarecki, S.: Efficient Two-Party Secure Computation on Committed Inputs. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 97–114. Springer, Heidelberg (2007)
Lindell, Y., Pinkas, B.: Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer. Journal of Cryptology 25(4), 680–722 (2011), (Extended abstract appeared in Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 329–346. Springer, Heidelberg (2011))
Lindell, Y.: Fast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 1–17. Springer, Heidelberg (2013)
Nielsen, J.B.: Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 111–126. Springer, Heidelberg (2002)
Nielsen, J.B., Orlandi, C.: LEGO for Two-Party Secure Computation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 368–386. Springer, Heidelberg (2009)
Pass, R.: On Deniability in the Common Reference String and Random Oracle Model. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 316–337. Springer, Heidelberg (2003)
Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)
Pointcheval, D., Stern, J.: Security Proofs for Signature Schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Schoenmakers, B., Tuyls, P.: Practical Two-Party Computation Based on the Conditional Gate. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 119–136. Springer, Heidelberg (2004)
shelat, A., Shen, C.-h.: Two-Output Secure Computation with Malicious Adversaries. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 386–405. Springer, Heidelberg (2011)
Wee, H.: Zero Knowledge in the Random Oracle Model, Revisited. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 417–434. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 International Association for Cryptologic Research
About this paper
Cite this paper
Lindell, Y. (2015). An Efficient Transform from Sigma Protocols to NIZK with a CRS and Non-programmable Random Oracle. In: Dodis, Y., Nielsen, J.B. (eds) Theory of Cryptography. TCC 2015. Lecture Notes in Computer Science, vol 9014. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-46494-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-662-46494-6_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-46493-9
Online ISBN: 978-3-662-46494-6
eBook Packages: Computer ScienceComputer Science (R0)