Non-Interactive Zero-Knowledge Proof Systems

The intriguing notion of a Zero-Knowledge Proof System has been introduced by Goldwasser, Micali and Rackoff [GMR] and its wide applicability has been demonstrated by Goldreich, Micali and Wigderson [GMW1]-[GMW2|.Based on complexity theoretic assumptions, Zero-Knowledge Proof Systems exist, provided that (i) The prover and the verifier are allowed to talk back and forth. (ii) The verifier is allowed to flip coins whose result the prover cannot see.Blum, Feldman and Micali [BFM] have recently shown that, based on specific complexity theoretic assumption (the computational difficulty of distinguishing products of two primes from those product of three primes), both the requirements (i) and (ii) above are not necessary to the existence of Zero-Knowledge Proof Systems. Instead of (i), it is enough for the prover only to talk and for the verifier only to listen. Instead of (ii), it is enough that both the prover and verifier share a randomly selected string.We strengthen their result by showing that Non-Interactive Zero-Knowledge Proof Systems exist based on the weaker and well-known assumption that quadratic residuosity is hard.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[3]  Manuel Blum,et al.  Coin Flipping by Telephone. , 1981, CRYPTO 1981.

[4]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[5]  Moti Yung,et al.  A private interactive test of a boolean predicate a minimum-knowledge public-key cryptosystems , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[6]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[7]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1988, Journal of Cryptology.

[8]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[9]  Amos Fiat,et al.  Zero Knowledge Proofs of Identity , 1987, STOC.

[10]  Gilles Brassard,et al.  Non-transitive transfer of confidence: A perfect zero-knowledge interactive protocol for SAT and beyond , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[11]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.