Simulation in quasi-polynomial time, and its application to protocol composition

Authors:
Rafael Pass
Affiliations:
Department of Numerical Analysis and Computer Science, Royal Institute of Technology, Stockholm, Sweden
Venue:
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Year:
2003

Citing 24
Cited 24

A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
The knowledge complexity of interactive proof systems

SIAM Journal on Computing
A hard-core predicate for all one-way functions

STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Witness indistinguishable and witness hiding protocols

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems

Journal of the ACM (JACM)
On the Composition of Zero-Knowledge Proof Systems

SIAM Journal on Computing
The random oracle methodology, revisited (preliminary version)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Concurrent zero-knowledge

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions

SIAM Journal on Computing
Resettable zero-knowledge (extended abstract)

STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Black-box concurrent zero-knowledge requires \tilde {Ω} (logn) rounds

STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
2-round zero knowledge and proof auditors

STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Strict polynomial-time in simulation and extraction

STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Foundations of Cryptography: Basic Tools

Foundations of Cryptography: Basic Tools
Efficient Identification and Signatures for Smart Cards

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Zero Knowledge Proofs of Knowledge in Two Rounds

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Pricing via Processing or Combatting Junk Mail

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Zaps and their applications

FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
How to Go Beyond the Black-Box Simulation Barrier

FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Universally Composable Security: A New Paradigm for Cryptographic Protocols

FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
On the concurrent composition of zero-knowledge proofs

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Efficient concurrent zero-knowledge in the auxiliary string model

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques

New notions of security: achieving universal composability without trusted setup

STOC '04 Proceedings of the thirty-sixth annual ACM symposium on Theory of computing
Concurrent general composition of secure protocols in the timing model

Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
How To Play Almost Any Mental Game Over The Net - Concurrent Composition via Super-Polynomial Simulation

FOCS '05 Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science
Local zero knowledge

Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
A note on the Dwork-Naor timed deniable authentication

Information Processing Letters
Hybrid commitments and their applications to zero-knowledge proof systems

Theoretical Computer Science
Efficient Concurrent npoly(logn)-Simulatable Argument of Knowledge

ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
A unified framework for concurrent security: universal composability from stand-alone non-malleability

Proceedings of the forty-first annual ACM symposium on Theory of computing
Local Sequentiality Does Not Help for Concurrent Composition

CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Lower bounds for non-interactive zero-knowledge

TCC'07 Proceedings of the 4th conference on Theory of cryptography
On constant-round concurrent zero-knowledge

TCC'08 Proceedings of the 5th conference on Theory of cryptography
Concurrent non-malleable zero knowledge proofs

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Limits of provable security from standard assumptions

Proceedings of the forty-third annual ACM symposium on Theory of computing
Dwork-Naor ZAP and its application in deniable authentication, revisited

Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Classical cryptographic protocols in a quantum world

CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Efficient zero knowledge on the internet

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Single-prover concurrent zero knowledge in almost constant rounds

ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Relaxing environmental security: monitored functionalities and client-server computation

TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Generalized environmental security from number theoretic assumptions

TCC'06 Proceedings of the Third conference on Theory of Cryptography
Concurrently secure computation in constant rounds

EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
A unified framework for UC from only OT

ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Concurrent zero knowledge in the bounded player model

TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Why “fiat-shamir for proofs” lacks a proof

TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Unprovable security of perfect NIZK and non-interactive non-malleable commitments

TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a relaxation of zero-knowledge, by allowing the simulator to run in quasi-polynomial time. We show that protocols satisfying this notion can be constructed in settings where the standard definition is too restrictive. Specifically, we construct constant-round straight-line concurrent quasi-polynomial time simulatable arguments and show that such arguments can be used in advanced composition operations without any set-up assumptions. Our protocols rely on slightly strong, but standard type assumptions (namely the existence of one-to-one one-way functions secure against subexponential circuits).