The knowledge complexity of interactive proof-systems
STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
Efficient identification and signatures for smart cards
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Resettable zero-knowledge (extended abstract)
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
SIAM Journal on Computing
Concurrent Zero Knowledge with Logarithmic Round-Complexity
FOCS '02 Proceedings of the 43rd Symposium on Foundations of Computer Science
Robust Non-interactive Zero Knowledge
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
General Composition and Universal Composability in Secure Multi-Party Computation
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
New and improved constructions of non-malleable cryptographic protocols
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Concurrent Non-Malleable Zero Knowledge
FOCS '06 Proceedings of the 47th Annual IEEE Symposium on Foundations of Computer Science
An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Revisiting the Efficiency of Malicious Two-Party Computation
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Constant-Round Concurrent Non-malleable Zero Knowledge in the Bare Public-Key Model
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
On the concurrent composition of zero-knowledge proofs
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Simulatable commitments and efficient concurrent zero-knowledge
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Strengthening zero-knowledge protocols using signatures
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Simulatable VRFs with applications to multi-theorem NIZK
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Efficient two party and multi party computation against covert adversaries
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Concurrent non-malleable commitments from any one-way function
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Efficient zero knowledge on the internet
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Concurrent zero knowledge in the public-key model
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Efficiency tradeoffs for malicious two-party computation
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Concurrent non-malleable zero knowledge proofs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Expedient non-malleability notions for hash functions
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Concurrent non-malleable zero knowledge with adaptive inputs
TCC'11 Proceedings of the 8th conference on Theory of cryptography
On constant-round concurrent non-malleable proof systems
Information Processing Letters
Constant-Round concurrent non-malleable statistically binding commitments and decommitments
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Nearly simultaneously resettable black-box zero knowledge
ICALP'12 Proceedings of the 39th international colloquium conference on Automata, Languages, and Programming - Volume Part I
| Hi-index | 0.00 |
Ever since the invention of Zero-Knowledge by Goldwasser, Micali, and Rackoff [1], Zero-Knowledge has become a central building block in cryptography - with numerous applications, ranging from electronic cash to digital signatures. The properties of Zero-Knowledge range from the most simple (and not particularly useful in practice) requirements, such as honest-verifier zero-knowledge to the most demanding (and most useful in applications) such as non-malleable and concurrent zero-knowledge. In this paper, we study the complexity of efficient zero-knowledge reductions, from the first type to the second type. More precisely, under a standard complexity assumption (ddh), on input a public-coin honest-verifier statistical zero knowledge argument of knowledge π′ for a language L we show a compiler that produces an argument system π for L that is concurrent non-malleable zero-knowledge (under non-adaptive inputs – which is the best one can hope to achieve [2,3]). If κ is the security parameter, the overhead of our compiler is as follows: The round complexity of π is $r+\tilde{O}(\log\kappa)$ rounds, where r is the round complexity of π′. The new prover $\mathcal{P}$ (resp., the new verifier $\mathcal{V}$) incurs an additional overhead of (at most) $r+{\kappa\cdot\tilde{O}(\log^2\kappa)}$ modular exponentiations. If tags of length $\tilde{O}(\log\kappa)$ are provided, the overhead is only $r+{\tilde{O}(\log^2\kappa)}$ modular exponentiations. The only previous concurrent non-malleable zero-knowledge (under non-adaptive inputs) was achieved by Barak, Prabhakaran and Sahai [4]. Their construction, however, mainly focuses on a feasibility result rather than efficiency, and requires expensive ${\mathcal{NP}}$-reductions.