Zero-knowledge simulation of Boolean circuits
Proceedings on Advances in cryptology---CRYPTO '86
Minimum disclosure proofs of knowledge
Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Journal of the ACM (JACM)
On the Composition of Zero-Knowledge Proof Systems
SIAM Journal on Computing
Adaptive zero knowledge and computational equivocation (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Non-interactive and non-malleable commitment
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Black-Box Concurrent Zero-Knowledge Requires (Almost) Logarithmically Many Rounds
SIAM Journal on Computing
Concurrent Zero Knowledge with Logarithmic Round-Complexity
FOCS '02 Proceedings of the 43rd Symposium on Foundations of Computer Science
On Concurrent Zero-Knowledge with Pre-processing
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Bit Commitment Using Pseudo-Randomness
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
How to Go Beyond the Black-Box Simulation Barrier
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Magic Functions: In Memoriam: Bernard M. Dwork 1923--1998
Journal of the ACM (JACM)
Concurrent Zero-Knowledge: With Additional Background by Oded Goldreich (Information Security and Cryptography)
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Black-Box Constructions of Two-Party Protocols from One-Way Functions
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Proceedings of the forty-first annual ACM symposium on Theory of computing
On the Composition of Public-Coin Zero-Knowledge Protocols
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Which languages have 4-round zero-knowledge proofs?
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Standard security does not imply security against selective-opening
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Round-optimal black-box statistically binding selective-opening secure commitments
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
A Parallel Repetition Theorem for Constant-Round Arthur-Merlin Proofs
ACM Transactions on Computation Theory (TOCT)
Revisiting lower and upper bounds for selective decommitments
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Hi-index | 0.00 |
Selective opening attacks against commitment schemes occur when the commitment scheme is repeated in parallel (or concurrently) and an adversary can choose depending on the commit-phase transcript to see the values and openings to some subset of the committed bits. Commitments are secure under such attacks if one can prove that the remaining, unopened commitments stay secret. We prove the following black-box constructions and black-box lower bounds for commitments secure against selective opening attacks: 1. For parallel composition, 4 (resp. 5) rounds are necessary and sufficient to build computationally (resp. statistically) binding and computationally hiding commitments. Also, there are no perfectly binding commitments. 2. For parallel composition, O(1)-round statistically-hiding commitments are equivalent to O(1)-round statistically-binding commitments. 3. For concurrent composition, ω(log n) rounds are sufficient to build statistically binding commitments and are necessary even to build computationally binding and computationally hiding commitments, up to log log n factors. Our lower bounds improve upon the parameters obtained by the impossibility results of Bellare et al. (EUROCRYPT '09), and are proved in a fundamentally different way, by observing that essentially all known impossibility results for black-box zero-knowledge can also be applied to the case of commitments secure against selective opening attacks.