On Concurrent Zero-Knowledge with Pre-processing

Concurrent Zero-Knowledge protocols remain zero-knowledge even when many sessions of them are executed together. These protocols have applications in a distributed setting, where many executions of the same protocol must take place at the same time by many parties, such as the Internet. In this paper, we are concerned with the number of rounds of interaction needed for such protocols and their efficiency. Here, we show an efficient constant-round concurrent zero-knowledge protocol with preprocessing for all languages in NP, where both the preprocessing phase and the proof phase each require 3 rounds of interaction. We make no timing assumptions or assumptions on the knowledge of the number of parties in the system. Moreover, we allow arbitrary interleavings in both the preprocessing and in the proof phase. Our techniques apply to both zero-knowledge proof systems and zero-knowledge arguments and we show how to extend our technique so that polynomial number of zero-knowledge proofs/arguments can be executed after the preprocessing phase is done.

[1]  Yvo Desmedt,et al.  Identification Tokens - or: Solving the Chess Grandmaster Problem , 1990, CRYPTO.

[2]  Rafail Ostrovsky,et al.  Non-interactive and non-malleable commitment , 1998, STOC '98.

[3]  Martin Tompa,et al.  Random self-reducibility and zero knowledge interactive proofs of possession of information , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[4]  Silvio Micali,et al.  Non-Interactive Zero-Knowledge with Preprocessing , 1988, CRYPTO.

[5]  Silvio Micali,et al.  Non-Interactive Zero-Knowledge Proof Systems , 1987, CRYPTO.

[6]  Joe Kilian,et al.  Lower bounds for zero knowledge on the Internet , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[7]  Giovanni Di Crescenzo,et al.  On monotone formula closure of SZK , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[8]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[9]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[10]  Donald Beaver,et al.  Adaptive zero knowledge and computational equivocation (extended abstract) , 1996, STOC '96.

[11]  Oded Goldreich,et al.  Foundations of Cryptography (Fragments of a Book) , 1995 .

[12]  Adi Shamir,et al.  Multiple non-interactive zero knowledge proofs based on a single random string , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[13]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[14]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[15]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[16]  Amit Sahai,et al.  Concurrent Zero-Knowledge: Reducing the Need for Timing Constraints , 1998, CRYPTO.

[17]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[18]  Joe Kilian,et al.  On the Concurrent Composition of Zero-Knowledge Proofs , 1999, EUROCRYPT.

[19]  Rafail Ostrovsky,et al.  Perfect Zero-Knowledge Arguments for NP Can Be Based on General Complexity Assumptions (Extended Abstract) , 1992, CRYPTO.

[20]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.