Dual-Mode NIZKs from Obfuscation

Two standard security properties of a non-interactive zero-knowledge (NIZK) scheme are soundness and zero-knowledge. But while standard NIZK systems can only provide one of those properties against unbounded adversaries, dual-mode NIZK systems allow to choose dynamically and adaptively which of these properties holds unconditionally. The only known dual-mode NIZK schemes are Groth-Sahai proofs (which have proved extremely useful in a variety of applications), and the FHE-based NIZK constructions of Canetti et al. and Peikert et al, which are concurrent and independent to this work. However, all these constructions rely on specific algebraic settings.

[1]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[2]  Ran Canetti,et al.  On the Correlation Intractability of Obfuscated Pseudorandom Functions , 2016, TCC.

[3]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[4]  Yehuda Lindell,et al.  An Efficient Transform from Sigma Protocols to NIZK with a CRS and Non-programmable Random Oracle , 2015, TCC.

[5]  Nir Bitansky,et al.  ZAPs and Non-Interactive Witness Indistinguishability from Indistinguishability Obfuscation , 2015, TCC.

[6]  Manuel Blum,et al.  Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract) , 1988, STOC 1988.

[7]  Ran Canetti,et al.  Obfuscation of Probabilistic Circuits and Applications , 2015, TCC.

[8]  Silvio Micali,et al.  How to Construct Random Functions (Extended Abstract) , 1984, FOCS.

[9]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[10]  Oded Goldreich,et al.  More Constructions of Lossy and Correlation-Secure Trapdoor Functions , 2010, Journal of Cryptology.

[11]  Georg Fuchsbauer,et al.  Batch Groth-Sahai , 2010, ACNS.

[12]  Rafail Ostrovsky,et al.  Invariant Signatures and Non-Interactive Zero-Knowledge Proofs are Equivalent (Extended Abstract) , 1992, CRYPTO.

[13]  Ran Canetti,et al.  Certifying Trapdoor Permutations, Revisited , 2018, IACR Cryptol. ePrint Arch..

[14]  Adi Shamir,et al.  Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions , 1999, SIAM J. Comput..

[15]  Dennis Hofheinz,et al.  Interactively Secure Groups from Obfuscation , 2018, IACR Cryptol. ePrint Arch..

[16]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[17]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[18]  Brent Waters,et al.  Lossy trapdoor functions and their applications , 2008, SIAM J. Comput..

[19]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[20]  Brent Waters,et al.  Constrained Pseudorandom Functions and Their Applications , 2013, ASIACRYPT.

[21]  Shafi Goldwasser,et al.  Functional Signatures and Pseudorandom Functions , 2014, Public Key Cryptography.

[22]  Adam O'Neill,et al.  Definitional Issues in Functional Encryption , 2010, IACR Cryptol. ePrint Arch..

[23]  Nir Bitansky,et al.  Indistinguishability Obfuscation from Functional Encryption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[24]  Mihir Bellare,et al.  Possibility and Impossibility Results for Encryption and Commitment Secure under Selective Opening , 2009, EUROCRYPT.

[25]  Dennis Hofheinz,et al.  Polynomial Spaces: A New Framework for Composite-to-Prime-Order Transformations , 2014, IACR Cryptol. ePrint Arch..

[26]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[27]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[28]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[29]  Brent Waters,et al.  Functional Encryption: Definitions and Challenges , 2011, TCC.

[30]  Serge Fehr,et al.  On Notions of Security for Deterministic Encryption, and Efficient Constructions without Random Oracles , 2008, CRYPTO.

[31]  Chris Peikert,et al.  Noninteractive Zero Knowledge for NP from (Plain) Learning With Errors , 2019, IACR Cryptol. ePrint Arch..

[32]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[33]  Nir Bitansky,et al.  Perfect Structure on the Edge of Chaos - Trapdoor Permutations from Indistinguishability Obfuscation , 2016, TCC.

[34]  Max Hoffmann,et al.  BBA+: Improving the Security and Applicability of Privacy-Preserving Point Collection , 2017, CCS.

[35]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[36]  Rafail Ostrovsky,et al.  Non-interactive Zaps and New Techniques for NIZK , 2006, CRYPTO.

[37]  Hovav Shacham,et al.  Randomizable Proofs and Delegatable Anonymous Credentials , 2009, CRYPTO.

[38]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[39]  Ron Rothblum,et al.  Fiat-Shamir From Simpler Assumptions , 2018, IACR Cryptol. ePrint Arch..

[40]  Jens Groth,et al.  Fine-Tuning Groth-Sahai Proofs , 2014, IACR Cryptol. ePrint Arch..

[41]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[42]  Kenneth G. Paterson,et al.  Multilinear Maps from Obfuscation , 2016, Journal of Cryptology.

[43]  Aggelos Kiayias,et al.  Delegatable pseudorandom functions and applications , 2013, IACR Cryptol. ePrint Arch..

[44]  Ran Canetti,et al.  Non-Interactive Zero Knowledge and Correlation Intractability from Circular-Secure FHE , 2018, IACR Cryptol. ePrint Arch..

[45]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[46]  Dennis Hofheinz,et al.  Graded Encoding Schemes from Obfuscation , 2018, Public Key Cryptography.