Constant-Round Concurrent Non-malleable Zero Knowledge in the Bare Public-Key Model
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Cryptographic Complexity of Multi-Party Computation Problems: Classifications and Separations
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
A note on universal composable zero-knowledge in the common reference string model
Theoretical Computer Science
Simulation-Based Concurrent Non-malleable Commitments and Decommitments
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Proceedings of the forty-first annual ACM symposium on Theory of computing
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Concurrently Non-malleable Black-Box Zero Knowledge in the Bare Public-Key Model
CSR '09 Proceedings of the Fourth International Computer Science Symposium in Russia on Computer Science - Theory and Applications
A note on universal composable zero knowledge in common reference string model
TAMC'07 Proceedings of the 4th international conference on Theory and applications of models of computation
New constructions for UC secure computation using tamper-proof hardware
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Completely non-malleable encryption revisited
PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Password-authenticated session-key generation on the internet in the plain model
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Concurrent non-malleable zero knowledge proofs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Concurrent non-malleable zero knowledge with adaptive inputs
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Bringing people of different beliefs together to do UC
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Constant round non-malleable protocols using one way functions
Proceedings of the forty-third annual ACM symposium on Theory of computing
On constant-round concurrent non-malleable proof systems
Information Processing Letters
Efficiency preserving transformations for concurrent non-malleable zero knowledge
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Constant-Round concurrent non-malleable statistically binding commitments and decommitments
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Concurrent non-malleable statistically hiding commitment
Information Processing Letters
Concurrently secure computation in constant rounds
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Concurrent zero knowledge in the bounded player model
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Non-black-box simulation in the fully concurrent setting
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
| Hi-index | 0.00 |
We provide the first construction of a concurrent and non-malleable zero knowledge argument for every language in NP. We stress that our construction is in the plain model with no common random string, trusted parties, or superpolynomial simulation. That is, we construct a zero knowledge protocol \prod such that for every polynomial-time adversary that can adaptively and concurrently schedule polynomially many executions of \prod, and corrupt some of the verifiers and some of the provers in these sessions, there is a polynomial-time simulator that can simulate a transcript of the entire execution, along with the witnesses for all statements proven by a corrupt prover to an honest verifier.Our security model is the traditional model for concurrent zero knowledge, where the statements to be proven by the honest provers are fixed in advance and do not depend on the previous history (but can be correlated with each other); corrupted provers, of course, can chose the statements adaptively. We also prove that there exists some functionality F (a combination of zero knowledge and oblivious transfer) such that it is impossible to obtain a concurrent non-malleable protocol for F in this model. Previous impossibility results for composable protocols ruled out existence of protocols for a wider class of functionalities (including zero knowledge!) but only if these protocols were required to remain secure when executed concurrently with arbitrarily chosen different protocols (Lindell, FOCS 2003) or if these protocols were required to remain secure when the honest parties' inputs in each execution are chosen adaptively based on the results of previous executions (Lindell, TCC 2004). We obtain an \tilde O(n)-round protocol under the assumption that one-to-one one-way functions exist. This can be improved to \tilde O(k log n) rounds under the assumption that there exist k-round statistically hiding commitment schemes. Our protocol is a black-box zero knowledge protocol.