Isolated Proofs of Knowledge and Isolated Zero Knowledge

We consider proof of knowledge protocols where the cheating prover may communicate with some external adversarial environment during the run of the proof. Without additional setup assumptions, no witness hiding protocol can securely ensure that the prover knows a witness in this scenario. This is because the prover may just be forwarding messages between the environment and the verifier while the environment performs all the necessary computation. In this paper we consider an l-isolated prover, which is restricted to exchanging at most l bits of information with its environment. We introduce a new notion called l-isolated proofs of knowledge (l-IPoK). These protocols securely ensure that an l-isolated prover knows the witness. To prevent the above-mentioned attack, an l-IPoK protocol has to have communication complexity greater than l. We show that for any relation in NP and any value l, there is an l-IPoK protocol for that relation. In addition, the communication complexity of such a protocol only needs to be larger than l by a constant multiplicative factor.

[1]  Yehuda Lindell,et al.  On the Limitations of Universally Composable Two-Party Computation Without Set-Up Assumptions , 2003, Journal of Cryptology.

[2]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[3]  Yehuda Lindell,et al.  Resettably-sound zero-knowledge and its applications , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[4]  Jonathan Katz,et al.  Universally Composable Multi-party Computation Using Tamper-Proof Hardware , 2007, EUROCRYPT.

[5]  Adi Shamir,et al.  Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions , 1999, SIAM J. Comput..

[6]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[7]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[8]  Ivan Damgård,et al.  Fast and Secure Immunization Against Adaptive Man-in-the-Middle Impersonation , 1997, EUROCRYPT.

[9]  Ran Canetti,et al.  Resettable Zero-Knowledge , 1999, IACR Cryptol. ePrint Arch..

[10]  H. Stichtenoth,et al.  On the Asymptotic Behaviour of Some Towers of Function Fields over Finite Fields , 1996 .

[11]  Ivan Damgård,et al.  Universally Composable Multiparty Computation with Partially Isolated Parties , 2009, TCC.

[12]  Yehuda Lindell,et al.  Strict polynomial-time in simulation and extraction , 2002, STOC '02.

[13]  Hao Chen,et al.  Secure Computation from Random Error Correcting Codes , 2007, EUROCRYPT.

[14]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[15]  Hao Chen,et al.  Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields , 2006, CRYPTO.

[16]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.