Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems

In this paper the generality and wide applicability of Zero-knowledge proofs, a notion introduced by Goldwasser, Micali, and Rackoff is demonstrated. These are probabilistic and interactive proofs that, for the members of a language, efficiently demonstrate membership in the language without conveying any additional knowledge. All previously known zero-knowledge proofs were only for number-theoretic languages in NP fl CONP. Under the assumption that secure encryption functions exist or by using "physical means for hiding information, '' it is shown that all languages in NP have zero-knowledge proofs. Loosely speaking, it is possible to demonstrate that a CNF formula is satisfiable without revealing any other property of the formula, in particular, without yielding neither a satis@ing assignment nor properties such as whether there is a satisfying assignment in which xl = X3 etc. It is also demonstrated that zero-knowledge proofs exist "outside the domain of cryptography and number theory. " Using no assumptions. it is shown that both graph isomorphism and graph nonisomor- phism have zero-knowledge interactive proofs. The mere existence of an interactive proof for graph nonisomorphism is interesting, since graph nonisomorphism is not known to be in NP and hence no efficient proofs were known before for demonstrating that two graphs are not isomorphic.

[1]  Stephen A. Cook,et al.  The complexity of theorem-proving procedures , 1971, STOC.

[2]  Yair Oren,et al.  On the cunning power of cheating verifiers: Some observations about zero knowledge proofs , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[3]  László Babai,et al.  Arthur-Merlin Games: A Randomized Proof System, and a Hierarchy of Complexity Classes , 1988, J. Comput. Syst. Sci..

[4]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[5]  Moti Yung,et al.  A Private Interactive Test of a Boolean Predicate and Minimum-Knowledge Public-Key Cryptosystems Extended Abstract , 1985, FOCS 1985.

[6]  Eyal Kushilevitz,et al.  A zero-one law for Boolean privacy , 1989, STOC '89.

[7]  Josh Benaloh,et al.  Cryptographic Capsules: A Disjunctive Primative for Interactive Protocols , 1986, CRYPTO.

[8]  Martin Tompa,et al.  Random self-reducibility and zero knowledge interactive proofs of possession of information , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[9]  Rafail Ostrovsky,et al.  Minimum resource zero knowledge proofs , 1989, 30th Annual Symposium on Foundations of Computer Science.

[10]  Gilles Brassard,et al.  Non-transitive transfer of confidence: A perfect zero-knowledge interactive protocol for SAT and beyond , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[11]  Moti Yung,et al.  Everything in NP can be Argued in Perfect Zero-Knowledge in a Bounded Number of Rounds , 1989, ICALP.

[12]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[13]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[14]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[15]  Shafi Goldwasser,et al.  On the Power of Interaction , 1986, FOCS.

[16]  Stathis Zachos,et al.  Does co-NP Have Short Interactive Proofs? , 1987, Inf. Process. Lett..

[17]  Larry J. Stockmeyer,et al.  The Polynomial-Time Hierarchy , 1976, Theor. Comput. Sci..

[18]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[19]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[20]  Richard M. Karp,et al.  Reducibility among combinatorial problems" in complexity of computer computations , 1972 .

[21]  Moti Yung,et al.  Direct Minimum-Knowledge Computations , 1987, CRYPTO.

[22]  Yuri Gurevich,et al.  Average Case Completeness , 1991, J. Comput. Syst. Sci..

[23]  Moni Naor,et al.  Bit commitment using pseudo-randomness (extended abstract) , 1989, CRYPTO 1989.

[24]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[25]  Uwe Schöning,et al.  Graph Isomorphism is in the Low Hierarchy , 1987, J. Comput. Syst. Sci..

[26]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[27]  László Babai,et al.  Computational complexity and the classification of finite simple groups , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[28]  Gilles Brassard,et al.  Zero-Knowledge Simulation of Boolean Circuits , 1986, CRYPTO.

[29]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[30]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[31]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[32]  Andrew Odlyzko,et al.  Proceedings on Advances in cryptology---CRYPTO '86 , 1987 .

[33]  Oded Goldreich,et al.  Interactive proof systems: Provers that never fail and random selection , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[34]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[35]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[36]  David S. Johnson,et al.  Some Simplified NP-Complete Graph Problems , 1976, Theor. Comput. Sci..

[37]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[38]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[39]  Moti Yung,et al.  Cryptographic Computation: Secure Faut-Tolerant Protocols and the Public-Key Model , 1987, CRYPTO.

[40]  Oded Goldreich,et al.  How to Solve any Protocol Problem - An Efficiency Improvement , 1987, CRYPTO.

[41]  Johan Håstad,et al.  Perfect zero-knowledge languages can be recognized in two rounds , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[42]  Lance Fortnow,et al.  The Complexity of Perfect Zero-Knowledge , 1987, Proceeding Structure in Complexity Theory.

[43]  Michael J. Fischer,et al.  A robust and verifiable cryptographically secure election scheme , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[44]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[45]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[46]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[47]  László Babai,et al.  Trading group theory for randomness , 1985, STOC '85.

[48]  GoldreichOded A uniform-complexity treatment of encryption and zero-knowledge , 1993 .

[49]  Rafail Ostrovsky,et al.  Perfect zero-knowledge in constant rounds , 1990, STOC '90.

[50]  Noam Nisan,et al.  Hardness vs. randomness , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[51]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[52]  Johan Håstad,et al.  Pseudo-random generators under uniform assumptions , 1990, STOC '90.

[53]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[54]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[55]  Leonid A. Levin,et al.  Average Case Complete Problems , 1986, SIAM J. Comput..

[56]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[57]  Shafi Goldwasser,et al.  Private coins versus public coins in interactive proof systems , 1986, STOC '86.

[58]  Shafi Goldwasser,et al.  On the power of interaction , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[59]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[60]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[61]  Uwe Schning GRAPH ISOMORPHISM IS IN THE LOW HIERARCHY , 2022 .

[62]  Moni Naor,et al.  Bit Commitment Using Pseudo-Randomness , 1989, CRYPTO.

[63]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[64]  David Chaum,et al.  Demonstrating That a Public Predicate Can Be Satisfied Without Revealing Any Information About How , 1986, CRYPTO.

[65]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.