Which Languages Have 4-Round Zero-Knowledge Proofs?

We show that if a language L has a 4-round, black-box, computational zero-knowledge proof system with negligible soundness error, then $\bar{L}\in \mathsf{MA}$. Assuming the polynomial hierarchy does not collapse, this means in particular that NP-complete languages do not have 4-round zero-knowledge proofs with black-box simulation.

[1]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[2]  Stathis Zachos,et al.  Does co-NP Have Short Interactive Proofs? , 1987, Inf. Process. Lett..

[3]  Moti Yung,et al.  Direct Minimum-Knowledge Computations , 1987, CRYPTO.

[4]  László Babai,et al.  Arthur-Merlin Games: A Randomized Proof System, and a Hierarchy of Complexity Classes , 1988, J. Comput. Syst. Sci..

[5]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[6]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[7]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[8]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[9]  Lance Fortnow,et al.  The Complexity of Perfect Zero-Knowledge , 1987, Proceeding Structure in Complexity Theory.

[10]  Rafail Ostrovsky,et al.  Perfect zero-knowledge in constant rounds , 1990, STOC '90.

[11]  Rafail Ostrovsky,et al.  The (true) complexity of statistical zero knowledge , 1990, STOC '90.

[12]  Kouichi Sakurai,et al.  On the Complexity of Constant Round ZKIP of Possession of Knowledge , 1991, ASIACRYPT.

[13]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[14]  Kaoru Kurosawa,et al.  4 Move Perfect ZKIP of Knowledge with No Assumption , 1991, ASIACRYPT.

[15]  Johan Håstad,et al.  Statistical Zero-Knowledge Languages can be Recognized in Two Rounds , 1991, J. Comput. Syst. Sci..

[16]  Ivan Damgård,et al.  On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures , 1993, CRYPTO.

[17]  Giovanni Di Crescenzo,et al.  Round-Optimal Perfect Zero-Knowledge Proofs , 1994, Inf. Process. Lett..

[18]  S. Tsujii,et al.  4-Move Perfect ZKIP for Some Promise Problems , 1995 .

[19]  Silvio Micali,et al.  Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing , 1996, CRYPTO.

[20]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[21]  Markus Jakobsson,et al.  Round-Optimal Zero-Knowledge Arguments Based on any One-Way Function , 1997, EUROCRYPT.

[22]  Toshiaki Tanaka,et al.  On the Existence of 3-Round Zero-Knowledge Protocols , 1998, CRYPTO.

[23]  Ivan Damgård,et al.  Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions , 2000, Public Key Cryptography.

[24]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[25]  Matthew Lepinski,et al.  On the Existence of 3-Round Zero-Knowledge Proofs , 2002 .

[26]  Yehuda Lindell,et al.  Lower bounds for non-black-box zero knowledge , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[27]  Mihir Bellare,et al.  The Knowledge-of-Exponent Assumptions and 3-Round Zero-Knowledge Protocols , 2004, CRYPTO.

[28]  Joan Boyar,et al.  A discrete logarithm implementation of perfect zero-knowledge blobs , 1990, Journal of Cryptology.

[29]  Yehuda Lindell,et al.  Strict Polynomial-Time in Simulation and Extraction , 2004, SIAM J. Comput..

[30]  Oded Regev Quantum Computation and Lattice Problems , 2004, SIAM J. Comput..

[31]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[32]  Oded Goldreich,et al.  How to construct constant-round zero-knowledge proof systems for NP , 1996, Journal of Cryptology.

[33]  Joseph Naor,et al.  A Primal-Dual Randomized Algorithm for Weighted Paging , 2007, FOCS.

[34]  Salil P. Vadhan,et al.  Derandomization in Cryptography , 2007, SIAM J. Comput..

[35]  Ivan Damgård,et al.  On the existence of statistically hiding bit commitment schemes and fail-stop signatures , 1994, Journal of Cryptology.

[36]  Omer Reingold,et al.  Statistically-hiding commitment from any one-way function , 2007, STOC '07.

[37]  Omer Reingold,et al.  Finding Collisions in Interactive Protocols - A Tight Lower Bound on the Round Complexity of Statistically-Hiding Commitments , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[38]  Salil P. Vadhan,et al.  An Equivalence Between Zero Knowledge and Commitments , 2008, TCC.

[39]  Omer Reingold,et al.  Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function , 2009, SIAM J. Comput..

[40]  Arkady Yerukhimovich,et al.  On the Round Complexity of Zero-Knowledge Proofs Based on One-Way Permutations , 2010, LATINCRYPT.

[41]  Rafael Pass,et al.  Private Coins versus Public Coins in Zero-Knowledge Proof Systems , 2010, TCC.