Which Languages Have 4-Round Zero-Knowledge Proofs?

We show that if a language L has a 4-round, black-box, computational zero-knowledge proof system with negligible soundness error, then L ∈ MA. Assuming the polynomial hierarchy does not collapse, this means in particular that NP-complete languages do not have 4-round zero-knowledge proofs (at least with respect to black-box simulation).

[1]  Omer Reingold,et al.  Finding Collisions in Interactive Protocols - A Tight Lower Bound on the Round Complexity of Statistically-Hiding Commitments , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[2]  Stuart A. Kurtz,et al.  A discrete logarithm implementation of zero-knowledge blobs , 1987 .

[3]  Salil P. Vadhan,et al.  An Equivalence Between Zero Knowledge and Commitments , 2008, TCC.

[4]  Salil P. Vadhan,et al.  Derandomization in Cryptography , 2007, SIAM J. Comput..

[5]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[6]  Arkady Yerukhimovich,et al.  On the Round Complexity of Zero-Knowledge Proofs Based on One-Way Permutations , 2010, LATINCRYPT.

[7]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[8]  Moti Yung,et al.  Direct Minimum-Knowledge Computations , 1987, CRYPTO.

[9]  Kaoru Kurosawa,et al.  4 Move Perfect ZKIP of Knowledge with No Assumption , 1991, ASIACRYPT.

[10]  Omer Reingold,et al.  Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function , 2009, SIAM J. Comput..

[11]  Johan Håstad,et al.  Statistical Zero-Knowledge Languages can be Recognized in Two Rounds , 1991, J. Comput. Syst. Sci..

[12]  Joan Boyar,et al.  A discrete logarithm implementation of perfect zero-knowledge blobs , 1990, Journal of Cryptology.

[13]  Rafail Ostrovsky,et al.  The (true) complexity of statistical zero knowledge , 1990, STOC '90.

[14]  Rafail Ostrovsky,et al.  Perfect zero-knowledge in constant rounds , 1990, STOC '90.

[15]  Yehuda Lindell,et al.  Lower bounds for non-black-box zero knowledge , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[16]  Omer Reingold,et al.  Statistically-hiding commitment from any one-way function , 2007, STOC '07.

[17]  Kouichi Sakurai,et al.  On the Complexity of Constant Round ZKIP of Possession of Knowledge , 1991, ASIACRYPT.

[18]  S. Tsujii,et al.  4-Move Perfect ZKIP for Some Promise Problems , 1995 .

[19]  Rafael Pass,et al.  Private Coins versus Public Coins in Zero-Knowledge Proof Systems , 2010, TCC.

[20]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[21]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[22]  Mihir Bellare,et al.  The Knowledge-of-Exponent Assumptions and 3-Round Zero-Knowledge Protocols , 2004, CRYPTO.

[23]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[24]  Ivan Damgård,et al.  Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions , 2000, Public Key Cryptography.

[25]  László Babai,et al.  Arthur-Merlin Games: A Randomized Proof System, and a Hierarchy of Complexity Classes , 1988, J. Comput. Syst. Sci..

[26]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[27]  Giovanni Di Crescenzo,et al.  Round-Optimal Perfect Zero-Knowledge Proofs , 1994, Inf. Process. Lett..

[28]  Yehuda Lindell,et al.  Strict Polynomial-Time in Simulation and Extraction , 2004, SIAM J. Comput..

[29]  Silvio Micali,et al.  Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing , 1996, CRYPTO.

[30]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[31]  Markus Jakobsson,et al.  Round-Optimal Zero-Knowledge Arguments Based on any One-Way Function , 1997, EUROCRYPT.

[32]  Oded Goldreich,et al.  How to construct constant-round zero-knowledge proof systems for NP , 1996, Journal of Cryptology.

[33]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[34]  Ivan Damgård,et al.  On the existence of statistically hiding bit commitment schemes and fail-stop signatures , 1994, Journal of Cryptology.

[35]  Matthew Lepinski,et al.  On the Existence of 3-Round Zero-Knowledge Proofs , 2002 .

[36]  Toshiaki Tanaka,et al.  On the Existence of 3-Round Zero-Knowledge Protocols , 1998, CRYPTO.

[37]  Stathis Zachos,et al.  Does co-NP Have Short Interactive Proofs? , 1987, Inf. Process. Lett..

[38]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[39]  Lance Fortnow,et al.  The Complexity of Perfect Zero-Knowledge , 1987, Proceeding Structure in Complexity Theory.