Randomness-eecient Non-interactive Zero Knowledge

The model of Non-Interactive Zero-Knowledge allows to obtain minimal interaction between prover and veriier in a zero-knowledge proof if a public random string is available to both parties. In this paper we investigate upper bounds for the length of the random string for proving one and many statements, obtaining the following results: { We show how to prove in non-interactive perfect zero-knowledge any polynomial number of statements using a random string of xed length, that is, not depending on the number of statements. Previously , such a result was known only in the case of computational zero-knowledge. { Under the quadratic residuosity assumption, we show how to prove any NP statement in non-interactive zero-knowledge on a random string of length (nk), where n is the size of the statement and k is the security parameter, which improves the previous best construction by a factor of (k).

[1]  I. Niven,et al.  An introduction to the theory of numbers , 1961 .

[2]  Noam Nisan,et al.  Pseudorandomness for network algorithms , 1994, STOC '94.

[3]  Giovanni Di Crescenzo,et al.  The Knowledge Complexity of Quadratic Residuosity Languages , 1994, Theor. Comput. Sci..

[4]  Moti Yung,et al.  Certifying Cryptographic Tools: The Case of Trapdoor Permutations , 1992, CRYPTO.

[5]  Alfredo De Santis,et al.  On the Number of Random Bits in Totally Private Computation , 1995, ICALP.

[6]  Silvio Micali,et al.  Non-Interactive Zero-Knowledge Proof Systems , 1987, CRYPTO.

[7]  Russell Impagliazzo,et al.  How to recycle random bits , 1989, 30th Annual Symposium on Foundations of Computer Science.

[8]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[9]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[10]  Ivan Damgård,et al.  Non-Interactive Circuit Based Proofs and Non-Interactive Perfect Zero-knowledge with Proprocessing , 1992, EUROCRYPT.

[11]  Giovanni Di Crescenzo,et al.  Recycling Random Bits in Composed Perfect Zero-Knowledge , 1995, EUROCRYPT.

[12]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[13]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[14]  Joe Kilian,et al.  On the complexity of bounded-interaction and noninteractive zero-knowledge proofs , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[15]  B. Soh,et al.  Non-interactive zero-knowledge and applications two round authenticated key agreement , 2005, 2005 13th IEEE International Conference on Networks Jointly held with the 2005 IEEE 7th Malaysia International Conf on Communic.

[16]  S. Micali,et al.  Noninteractive Zero-Knowledge , 1990, SIAM J. Comput..

[17]  Adi Shamir,et al.  Multiple non-interactive zero knowledge proofs based on a single random string , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[18]  Avi Wigderson,et al.  Deterministic simulation of probabilistic constant depth circuits , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Noam Nisan,et al.  Pseudorandom bits for constant depth circuits , 1991, Comb..

[20]  GoldreichOded,et al.  Definitions and properties of zero-knowledge proof systems , 1994 .

[21]  Lance Fortnow,et al.  The Complexity of Perfect Zero-Knowledge , 1987, Proceeding Structure in Complexity Theory.

[22]  Giovanni Di Crescenzo,et al.  Secret Sharing and Perfect Zero Knowledge , 1994, CRYPTO.

[23]  Noam Nisan,et al.  More deterministic simulation in logspace , 1993, STOC.