Precise Zero Knowledge

We put forward the notion of Precise Zero Knowledge and provide its rst implementations in a variety of settings under standard complexity assumptions. Whereas the classical notion of Zero Knowledge bounds the knowledge of a player in terms of his potential computational power (technically dened as polynomial-time computation), Precise Zero Knowledge bounds the knowledge gained by a player in terms of its actual computation (which can be considerably less than any arbitrary polynomial-time computation).

[1]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[2]  Rafail Ostrovsky,et al.  Password-Authenticated Session-Key Generation on the Internet in the Plain Model , 2010, CRYPTO.

[3]  Joe Kilian,et al.  Concurrent and resettable zero-knowledge in poly-loalgorithm rounds , 2001, STOC '01.

[4]  Silvio Micali,et al.  Local zero knowledge , 2006, STOC '06.

[5]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[6]  Daniele Micciancio,et al.  Statistical Zero-Knowledge Proofs with Efficient Provers: Lattice Problems and More , 2003, CRYPTO.

[7]  László Babai,et al.  Arthur-Merlin Games: A Randomized Proof System, and a Hierarchy of Complexity Classes , 1988, J. Comput. Syst. Sci..

[8]  A. Paz Probabilistic algorithms , 2003 .

[9]  Ivan Damgård,et al.  On the existence of statistically hiding bit commitment schemes and fail-stop signatures , 1994, Journal of Cryptology.

[10]  Gerrit Bleumer,et al.  Undeniable Signatures , 2011, Encyclopedia of Cryptography and Security.

[11]  Omer Reingold,et al.  Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function , 2009, SIAM J. Comput..

[12]  Ronald Fagin,et al.  Reasoning about knowledge , 1995 .

[13]  Josh Benaloh,et al.  Cryptographic Capsules: A Disjunctive Primative for Interactive Protocols , 1986, CRYPTO.

[14]  R. Cramer,et al.  Linear Zero-Knowledgde. A Note on Efficient Zero-Knowledge Proofs and Arguments , 1996 .

[15]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[16]  Oded Goldreich,et al.  Universal arguments and their applications , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[17]  Adi Shamir,et al.  Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions , 1999, SIAM J. Comput..

[18]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[19]  Amit Sahai,et al.  Concurrent Zero Knowledge without Complexity Assumptions , 2006, Electron. Colloquium Comput. Complex..

[20]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[21]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[22]  Yehuda Lindell Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, CRYPTO.

[23]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[24]  Yair Oren,et al.  On the cunning power of cheating verifiers: Some observations about zero knowledge proofs , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[25]  Joseph Y. Halpern,et al.  Game theory with costly computation: formulation and application to protocol security , 2010, ICS.

[26]  Alon Rosen,et al.  A Note on Constant-Round Zero-Knowledge Proofs for NP , 2004, TCC.

[27]  Johan Håstad,et al.  Statistical Zero-Knowledge Languages can be Recognized in Two Rounds , 1991, J. Comput. Syst. Sci..

[28]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[29]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[30]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[31]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[32]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[33]  Adi Shamir,et al.  IP = PSPACE , 1992, JACM.

[34]  Shafi Goldwasser,et al.  Private coins versus public coins in interactive proof systems , 1986, STOC '86.

[35]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[36]  Oded Goldreich,et al.  How to construct constant-round zero-knowledge proof systems for NP , 1996, Journal of Cryptology.

[37]  Moni Naor,et al.  Concurrent zero-knowledge , 2004, JACM.

[38]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[39]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[40]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[41]  Martin Tompa,et al.  Random self-reducibility and zero knowledge interactive proofs of possession of information , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[42]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[43]  Rafael Pass,et al.  Simulation in Quasi-Polynomial Time, and Its Application to Protocol Composition , 2003, EUROCRYPT.

[44]  Yehuda Lindell,et al.  Strict Polynomial-Time in Simulation and Extraction , 2004, SIAM J. Comput..

[45]  Yehuda Lindell,et al.  Bounded-concurrent secure two-party computation without setup assumptions , 2003, STOC '03.

[46]  Silvio Micali,et al.  CS proofs , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[47]  Moni Naor,et al.  Does parallel repetition lower the error in computationally sound protocols? , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[48]  Silvio Micali,et al.  Parallel Reducibility for Information-Theoretically Secure Computation , 2000, CRYPTO.

[49]  Amit Sahai,et al.  Concurrent zero knowledge with logarithmic round-complexity , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[50]  SahaiAmit,et al.  A complete problem for statistical zero knowledge , 2003 .

[51]  J. Kilian,et al.  Concurrent and Resettable Zero-Knowledge in Poly-logarithmic Rounds [ Extended Abstract ] , 2001 .

[52]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[53]  Joseph Y. Halpern I Don't Want to Think About it Now: Decision Theory with Costly Computation , 2010, KR.

[54]  Joe Kilian,et al.  On the Concurrent Composition of Zero-Knowledge Proofs , 1999, EUROCRYPT.

[55]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[56]  Ivan Damgård,et al.  Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments , 1997, STOC '97.

[57]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[58]  Manuel Blum,et al.  How to Prove a Theorem So No One Else Can Claim It , 2010 .

[59]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[60]  Amit Sahai,et al.  Precise Concurrent Zero Knowledge , 2008, EUROCRYPT.

[61]  Silvio Micali,et al.  Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing , 1996, CRYPTO.

[62]  Rafael Pass,et al.  Bounded-concurrent secure multi-party computation with a dishonest majority , 2004, STOC '04.

[63]  Silvio Micali,et al.  A secure protocol for the oblivious transfer (extended abstract) , 2004, Journal of Cryptology.

[64]  Amit Sahai,et al.  Leakage-Resilient Zero Knowledge , 2011, CRYPTO.

[65]  Rafail Ostrovsky,et al.  Perfect Zero-Knowledge Arguments for NP Using Any One-Way Permutation , 1998, Journal of Cryptology.

[66]  Ivan Damgård,et al.  Efficient Concurrent Zero-Knowledge in the Auxiliary String Model , 2000, EUROCRYPT.

[67]  Yehuda Lindell,et al.  Handling Expected Polynomial-Time Strategies in Simulation-Based Security Proofs , 2005, Journal of Cryptology.

[68]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[69]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[70]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[71]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.