4-Round Concurrent Non-Malleable Commitments

The round complexity of non-malleable commitments and non-malleable zero knowledge arguments has been an open question for long time. Very recent results of Pass [TCC 2013] and of Goyal et al. [FOCS 2014, STOC 2016], gave almost definitive answers. In this work we show how to construct round-efficient non-malleable protocols via compilers. Starting from protocols enjoying limited non-malleability features, our compilers obtain fullfledged non-malleability without penalizing the round complexity. By instantiating our compilers with known candidate constructions, the resulting schemes improve the current state of the art. Indeed we show the first 4-round non-malleable zero knowledge argument system and the first 4-round concurrent non-malleable commitment scheme under standard polynomial-time hardness assumptions. We also discuss concrete man-in-the-middle adversaries that invalidate security proofs of previously known constructions for 4-round concurrent non-malleable commitments and 4-round non-malleable zero knowledge under polynomial-time hardness assumptions.

[1]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[2]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[3]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[4]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[5]  Adi Shamir,et al.  Publicly Verifiable Non-Interactive Zero-Knowledge Proofs , 1990, CRYPTO.

[6]  Moni Naor,et al.  Non-Malleable Cryptography (Extended Abstract) , 1991, STOC 1991.

[7]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[8]  Markus Jakobsson,et al.  Round-Optimal Zero-Knowledge Arguments Based on any One-Way Function , 1997, EUROCRYPT.

[9]  Ran Canetti,et al.  Black-Box Concurrent Zero-Knowledge Requires ~Omega(log n) Rounds , 2001, Electron. Colloquium Comput. Complex..

[10]  Rafail Ostrovsky,et al.  Robust Non-interactive Zero Knowledge , 2001, CRYPTO.

[11]  Boaz Barak,et al.  Constant-round coin-tossing with a man in the middle or realizing the shared random string model , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[12]  Ivan Damgård,et al.  Non-interactive and reusable non-malleable commitment schemes , 2003, STOC '03.

[13]  Rafael Pass,et al.  Bounded-concurrent secure two-party computation in a constant number of rounds , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[14]  Rafail Ostrovsky,et al.  Round-Optimal Secure Two-Party Computation , 2004, CRYPTO.

[15]  Giovanni Di Crescenzo,et al.  Improved Setup Assumptions for 3-Round Resettable Zero Knowledge , 2004, ASIACRYPT.

[16]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[17]  Giovanni Di Crescenzo,et al.  Constant-Round Resettable Zero Knowledge with Concurrent Soundness in the Bare Public-Key Model , 2004, CRYPTO.

[18]  Rafael Pass,et al.  Concurrent non-malleable commitments , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[19]  Rafael Pass,et al.  New and improved constructions of non-malleable cryptographic protocols , 2005, STOC '05.

[20]  Amit Sahai,et al.  Concurrent Non-Malleable Zero Knowledge , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[21]  Yunlei Zhao,et al.  Generic and Practical Resettable Zero-Knowledge in the Bare Public-Key Model , 2007, EUROCRYPT.

[22]  Vinod Vaikuntanathan,et al.  Adaptive One-Way Functions and Applications , 2008, CRYPTO.

[23]  Rafael Pass,et al.  Concurrent Non-malleable Commitments from Any One-Way Function , 2008, TCC.

[24]  Rafael Pass,et al.  New and Improved Constructions of Nonmalleable Cryptographic Protocols , 2008, SIAM J. Comput..

[25]  Rafael Pass,et al.  Concurrent Nonmalleable Commitments , 2008, SIAM J. Comput..

[26]  Hoeteck Wee,et al.  Black-Box Constructions of Two-Party Protocols from One-Way Functions , 2009, TCC.

[27]  Rafail Ostrovsky,et al.  Simulation-Based Concurrent Non-malleable Commitments and Decommitments , 2009, TCC.

[28]  Zhenfu Cao,et al.  Constant-Round Concurrent Non-Malleable Statistically Binding Commitments and Decommitments , 2010, Public Key Cryptography.

[29]  Hoeteck Wee,et al.  Constant-Round Non-malleable Commitments from Sub-exponential One-Way Functions , 2010, EUROCRYPT.

[30]  Hoeteck Wee,et al.  Black-Box, Round-Efficient Secure Computation via Non-malleability Amplification , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[31]  Rafael Pass,et al.  Constant-round non-malleable commitments from any one-way function , 2011, STOC '11.

[32]  Rafael Pass,et al.  Concurrent Non-Malleable Zero Knowledge with Adaptive Inputs , 2011, TCC.

[33]  Rafail Ostrovsky,et al.  Revisiting Lower and Upper Bounds for Selective Decommitments , 2011, IACR Cryptol. ePrint Arch..

[34]  Vipul Goyal,et al.  Constant round non-malleable protocols using one way functions , 2011, STOC '11.

[35]  Rafail Ostrovsky,et al.  Constructing Non-malleable Commitments: A Black-Box Approach , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[36]  Ivan Visconti,et al.  On Round-Optimal Zero Knowledge in the Bare Public-Key Model , 2012, EUROCRYPT.

[37]  Rafael Pass,et al.  The Curious Case of Non-Interactive Commitments - On the Power of Black-Box vs. Non-Black-Box Use of Primitives , 2012, CRYPTO.

[38]  Tal Malkin,et al.  Adaptive and Concurrent Secure Computation from New Adaptive, Non-malleable Commitments , 2013, ASIACRYPT.

[39]  Rafail Ostrovsky,et al.  Constant-Round Concurrent Zero Knowledge in the Bounded Player Model , 2013, ASIACRYPT.

[40]  Kai-Min Chung,et al.  Non-black-box simulation from one-way functions and applications to resettable security , 2013, STOC '13.

[41]  Rafail Ostrovsky,et al.  4-Round Resettably-Sound Zero Knowledge , 2014, TCC.

[42]  Silas Richelson,et al.  An Algebraic Approach to Non-malleability , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.

[43]  R. Pass,et al.  Constant-Round Nonmalleable Commitments from Any One-Way Function , 2015, Journal of the ACM.

[44]  Ivan Visconti,et al.  Improved OR Composition of Sigma-Protocols , 2016, IACR Cryptol. ePrint Arch..

[45]  Silas Richelson,et al.  Fast Non-Malleable Commitments , 2015, CCS.

[46]  Ivan Visconti,et al.  Online/Offline OR Composition of Sigma Protocols , 2016, IACR Cryptol. ePrint Arch..

[47]  Rafail Ostrovsky,et al.  Concurrent Non-Malleable Commitments (and More) in 3 Rounds , 2016, CRYPTO.

[48]  Sanjam Garg,et al.  The Exact Round Complexity of Secure Computation , 2016, EUROCRYPT.

[49]  Carmit Hazay,et al.  On the Power of Secure Two-Party Computation , 2016, Journal of Cryptology.

[50]  Silas Richelson,et al.  Textbook non-malleable commitments , 2016, STOC.

[51]  Muthuramakrishnan Venkitasubramaniam,et al.  What Security Can We Achieve In Less Than 4-Rounds ? , 2016 .

[52]  Daniele Venturi,et al.  Fiat-Shamir for Highly Sound Protocols Is Instantiable , 2016, SCN.

[53]  Rafael Pass,et al.  Unprovable Security of Perfect NIZK and Non-interactive Non-malleable Commitments , 2013, computational complexity.

[54]  Carmit Hazay,et al.  Composable Security in the Tamper Proof Model under Minimal Complexity , 2016 .