Improved Zero-Knowledge Argument of Encrypted Extended Permutation

Extended permutation (EP) is a generalized notion of the standard permutation. Unlike the one-to-one correspondence mapping of the standard permutation, EP allows to replicate or omit elements as many times as needed during the mapping. EP is useful in the area of secure multi-party computation (MPC), especially for the problem of private function evaluation (PFE). As a special class of MPC problems, PFE focuses on the scenario where a party holds a private circuit C while all other parties hold their private inputs x1, . . . , xn, respectively. The goal of PFE protocols is to securely compute the evaluation result C(x1, . . . , xn), while any other information beyond C(x1, . . . , xn) is hidden. EP here is introduced to describe the topological structure of the circuit C, and it is further used to support the evaluation of C privately. For an actively secure PFE protocol, it is crucial to guarantee that the private circuit provider cannot deviate from the protocol to learn more information. Hence, we need to ensure that the private circuit provider correctly performs an EP. This seeks the help of the so-called zero-knowledge argument of encrypted extended permutation protocol. In this paper, we provide an improvement of this protocol. Our new protocol can be instantiated to be non-interactive while the previous protocol should be interactive. Meanwhile, compared with the previous protocol, our protocol is significantly (e.g., more than 3.4×) faster, and the communication cost is only around 24% of that of the previous one.

[1]  Vladimir Kolesnikov,et al.  A Practical Universal Circuit Construction and Secure Evaluation of Private Functions , 2008, Financial Cryptography.

[2]  Payman Mohassel,et al.  Valiant's Universal Circuit: Improvements, Implementation, and Applications , 2016, IACR Cryptol. ePrint Arch..

[3]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[4]  Jens Groth,et al.  Efficient Zero-Knowledge Arguments for Arithmetic Circuits in the Discrete Log Setting , 2016, EUROCRYPT.

[5]  Jan Willemson,et al.  Composable Oblivious Extended Permutations , 2014, FPS.

[6]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[7]  Nigel P. Smart,et al.  Actively Secure Private Function Evaluation , 2014, ASIACRYPT.

[8]  Thomas Schneider,et al.  Efficient and Scalable Universal Circuits , 2020, Journal of Cryptology.

[9]  Albert Levi,et al.  Towards Practical PFE: An Efficient 2-Party Private Function Evaluation Protocol Based on Half Gates , 2019, IACR Cryptol. ePrint Arch..

[10]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[11]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[12]  S. Rajsbaum Foundations of Cryptography , 2014 .

[13]  Martín Abadi,et al.  Secure circuit evaluation , 1990, Journal of Cryptology.

[14]  Yehuda Lindell,et al.  Efficient Secure Two-Party Protocols: Techniques and Constructions , 2010 .

[15]  Hanlin Liu,et al.  Pushing the Limits of Valiant's Universal Circuits: Simpler, Tighter and More Compact , 2020, IACR Cryptol. ePrint Arch..

[16]  Hanlin Liu,et al.  Valiant's Universal Circuits Revisited: an Overall Improvement and a Lower Bound , 2019, IACR Cryptol. ePrint Arch..

[17]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[18]  Leslie G. Valiant,et al.  Universal circuits (Preliminary Report) , 1976, STOC '76.

[19]  Ágnes Kiss,et al.  Linear-Complexity Private Function Evaluation is Practical , 2020, IACR Cryptol. ePrint Arch..

[20]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 1: Basic Techniques , 2001 .

[21]  Albert Levi,et al.  Highly Efficient and Re-Executable Private Function Evaluation With Linear Complexity , 2020, IEEE Transactions on Dependable and Secure Computing.

[22]  Yehuda Lindell,et al.  Efficient Secure Two-Party Protocols , 2010, Information Security and Cryptography.

[23]  Thomas Schneider,et al.  Valiant's Universal Circuit is Practical , 2016, EUROCRYPT.

[24]  Yehuda Lindell,et al.  Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, Journal of Cryptology.

[25]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[26]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[27]  Yehuda Lindell,et al.  Introduction to Modern Cryptography, Second Edition , 2014 .

[28]  Payman Mohassel,et al.  How to Hide Circuits in MPC: An Efficient Framework for Private Function Evaluation , 2013, IACR Cryptol. ePrint Arch..

[29]  Jonathan Katz,et al.  Constant-Round Private Function Evaluation with Linear Complexity , 2011, ASIACRYPT.

[30]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[31]  Jens Groth,et al.  Efficient Zero-Knowledge Argument for Correctness of a Shuffle , 2012, EUROCRYPT.

[32]  Thomas Schneider,et al.  More Efficient Universal Circuit Constructions , 2017, ASIACRYPT.