New Constructions of Statistical NIZKs: Dual-Mode DV-NIZKs and More

Non-interactive zero-knowledge proofs (NIZKs) are important primitives in cryptography. A major challenge since the early works on NIZKs has been to construct NIZKs with a statistical zero-knowledge guarantee against unbounded verifiers. In the common reference string (CRS) model, such “statistical NIZK arguments” are currently known from \(k\text {-}\mathsf {Lin} \) in a pairing-group and from \(\mathsf {LWE}\). In the (reusable) designated-verifier model (DV-NIZK), where a trusted setup algorithm generates a reusable verification key for checking proofs, we also have a construction from \(\mathsf {DCR}\). If we relax our requirements to computational zero-knowledge, we additionally have NIZKs from factoring and \(\mathsf {CDH}\) in a pairing group in the CRS model, and from nearly all assumptions that imply public-key encryption (e.g., \(\mathsf {CDH}\), \(\mathsf {LPN}\), \(\mathsf {LWE}\)) in the designated-verifier model. Thus, there still remains a gap in our understanding of statistical NIZKs in both the CRS and the designated-verifier models.

[1]  Zvika Brakerski,et al.  Circular and Leakage Resilient Public-Key Encryption Under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) , 2010, IACR Cryptol. ePrint Arch..

[2]  Adi Shamir,et al.  Multiple non-interactive zero knowledge proofs based on a single random string , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[3]  David Cash,et al.  The Twin Diffie–Hellman Problem and Applications , 2009, Journal of Cryptology.

[4]  Paz Morillo,et al.  Matrix Computational Assumptions in Multilinear Groups , 2015, IACR Cryptol. ePrint Arch..

[5]  Adi Shamir,et al.  Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions , 1999, SIAM J. Comput..

[6]  Goichiro Hanaoka,et al.  Adversary-Dependent Lossy Trapdoor Function from Hardness of Factoring Semi-smooth RSA Subgroup Moduli , 2016, CRYPTO.

[7]  Dennis Hofheinz,et al.  Designated-verifier pseudorandom generators, and their applications , 2019, IACR Cryptol. ePrint Arch..

[8]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[9]  Dennis Hofheinz,et al.  Dual-Mode NIZKs from Obfuscation , 2019, IACR Cryptol. ePrint Arch..

[10]  Ralph Duncan James,et al.  Proceedings of the International Congress of Mathematicians , 1975 .

[11]  Panki Kim,et al.  and Their Applications , 2010 .

[12]  Hovav Shacham,et al.  A Cramer-Shoup Encryption Scheme from the Linear Assumption and from Progressively Weaker Linear Variants , 2007, IACR Cryptol. ePrint Arch..

[13]  Serge Fehr,et al.  Perfect NIZK with Adaptive Soundness , 2007, TCC.

[14]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[15]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[16]  Ron Rothblum,et al.  Reusable Designated-Verifier NIZKs for all NP from CDH , 2019, IACR Cryptol. ePrint Arch..

[17]  David J. Wu,et al.  Multi-Theorem Preprocessing NIZKs from Lattices , 2018, IACR Cryptol. ePrint Arch..

[18]  Manuel Blum,et al.  Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract) , 1988, STOC 1988.

[19]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[20]  Ivan Damgård,et al.  Non-interactive Zero-Knowledge from Homomorphic Encryption , 2006, TCC.

[21]  Christel Baier,et al.  Probabilistic ω-automata , 2012, JACM.

[22]  Ryo Nishimaki,et al.  Designated Verifier/Prover and Preprocessing NIZKs from Diffie-Hellman Assumptions , 2019, IACR Cryptol. ePrint Arch..

[23]  Rafail Ostrovsky,et al.  Trapdoor Hash Functions and Their Applications , 2019, IACR Cryptol. ePrint Arch..

[24]  Oded Goldreich Basing Non-Interactive Zero-Knowledge on (Enhanced) Trapdoor Permutations: The State of the Art , 2011, Studies in Complexity and Cryptography.

[25]  Ryo Nishimaki,et al.  Exploring Constructions of Compact NIZKs from Various Assumptions , 2019, IACR Cryptol. ePrint Arch..

[26]  Chris Peikert,et al.  Noninteractive Zero Knowledge for NP from (Plain) Learning With Errors , 2019, IACR Cryptol. ePrint Arch..

[27]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[28]  Silvio Micali,et al.  Non-Interactive Zero-Knowledge Proof Systems , 1987, CRYPTO.

[29]  Jorge Luis Villar,et al.  An Algebraic Framework for Diffie–Hellman Assumptions , 2015, Journal of Cryptology.

[30]  Ran Canetti,et al.  Certifying Trapdoor Permutations, Revisited , 2018, IACR Cryptol. ePrint Arch..

[31]  Ron Rothblum,et al.  Fiat-Shamir: from practice to theory , 2019, STOC.

[32]  Yuval Ishai,et al.  Compressing Vector OLE , 2018, CCS.

[33]  Eike Kiltz,et al.  Quasi-Adaptive NIZK for Linear Subspaces Revisited , 2015, IACR Cryptol. ePrint Arch..

[34]  A. D. Santis,et al.  Zero-Knowledge Proofs of Knowledge Without Interaction (Extended Abstract) , 1992, FOCS 1992.

[35]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[36]  Rafail Ostrovsky,et al.  Perfect Non-Interactive Zero Knowledge for NP , 2006, IACR Cryptol. ePrint Arch..

[37]  Moti Yung,et al.  Certifying Cryptographic Tools: The Case of Trapdoor Permutations , 1992, CRYPTO.

[38]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[39]  Jens Groth,et al.  Short Non-interactive Zero-Knowledge Proofs , 2010, ASIACRYPT.

[40]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[41]  Rafail Ostrovsky,et al.  New Techniques for Noninteractive Zero-Knowledge , 2012, JACM.

[42]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[43]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[44]  Yuval Ishai,et al.  Efficient Pseudorandom Correlation Generators: Silent OT Extension and More , 2019, IACR Cryptol. ePrint Arch..

[45]  Rafail Ostrovsky,et al.  Adaptively Secure Garbled Circuits from One-Way Functions , 2016, CRYPTO.

[46]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[47]  Ron Rothblum,et al.  Enhancements of Trapdoor Permutations , 2012, Journal of Cryptology.

[48]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[49]  Rafail Ostrovsky,et al.  Reusable Non-Interactive Secure Computation , 2019, IACR Cryptol. ePrint Arch..

[50]  Ron Rothblum,et al.  New Constructions of Reusable Designated-Verifier NIZKs , 2019, IACR Cryptol. ePrint Arch..

[51]  Tibor Jager,et al.  Public-Key Encryption with Simulation-Based Selective-Opening Security and Compact Ciphertexts , 2016, TCC.

[52]  Rafail Ostrovsky,et al.  Robust Non-interactive Zero Knowledge , 2001, CRYPTO.

[53]  Manuel Blum,et al.  How to Prove a Theorem So No One Else Can Claim It , 2010 .

[54]  R. Walker β ℕ Revisited , 1974 .

[55]  Abhi Shelat,et al.  Construction of a Non-malleable Encryption Scheme from Any Semantically Secure One , 2006, CRYPTO.

[56]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..