Delayed-Input Non-Malleable Zero Knowledge and Multi-Party Coin Tossing in Four Rounds

In this work we start from the following two results in the state-of-the art: 1. 4-round non-malleable zero knowledge (NMZK): Goyal et al. in FOCS 2014 showed the first 4-round one-one NMZK argument from one-way functions (OWFs). Their construction requires the prover to know the instance and the witness already at the 2nd round. 2. 4-round multi-party coin tossing (MPCT): Garg et al. in Eurocrypt 2016 showed the first 4-round protocol for MPCT. Their result crucially relies on 3-round 3-robust parallel non-malleable commitments. So far there is no candidate construction for such a commitment scheme under standard polynomial-time hardness assumptions. We improve the state-of-the art on NMZK and MPCT by presenting the following two results: 1. a delayed-input 4-round one-many NMZK argument ΠNMZK from OWFs; moreover ΠNMZK is also a delayed-input many-many synchronous NMZK argument. 2. a 4-round MPCT protocol ΠMPCT from one-to-one OWFs; ΠMPCT uses ΠNMZK as subprotocol and exploits the special properties (e.g., delayed input, many-many synchronous) of ΠNMZK. Both ΠNMZK and ΠMPCT make use of a special proof of knowledge that offers additional security guarantees when played in parallel with other protocols. The new technique behind such a proof of knowledge is an additional contribution of this work and is of independent interest.

[1]  R. Ostrovsky,et al.  Delayed-Input Non-Malleable Zero Knowledge and Multi-Party Coin Tossing in Four Rounds , 2017, IACR Cryptol. ePrint Arch..

[2]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[3]  Markus Jakobsson,et al.  Round-Optimal Zero-Knowledge Arguments Based on any One-Way Function , 1997, EUROCRYPT.

[4]  Rafael Pass,et al.  Bounded-concurrent secure multi-party computation with a dishonest majority , 2004, STOC '04.

[5]  Rafail Ostrovsky,et al.  Constructing Non-malleable Commitments: A Black-Box Approach , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[6]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[7]  Silas Richelson,et al.  An Algebraic Approach to Non-malleability , 2014, 2014 IEEE 55th Annual Symposium on Foundations of Computer Science.

[8]  Hoeteck Wee,et al.  Black-Box Constructions of Two-Party Protocols from One-Way Functions , 2009, TCC.

[9]  Silas Richelson,et al.  Textbook non-malleable commitments , 2016, STOC.

[10]  Sanjam Garg,et al.  The Exact Round Complexity of Secure Computation , 2016, EUROCRYPT.

[11]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[12]  Rafail Ostrovsky,et al.  Edinburgh Research Explorer Four-Round Concurrent Non-Malleable Commitments from One-Way Functions , 2016 .

[13]  Arka Rai Choudhuri,et al.  A New Approach to Round-Optimal Secure Multiparty Computation , 2017, CRYPTO.

[14]  Ivan Visconti,et al.  Improved OR Composition of Sigma-Protocols , 2016, IACR Cryptol. ePrint Arch..

[15]  Manuel Blum,et al.  How to Prove a Theorem So No One Else Can Claim It , 2010 .

[16]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[17]  Moni Naor,et al.  Non-Malleable Cryptography (Extended Abstract) , 1991, STOC 1991.

[18]  Rafail Ostrovsky,et al.  Robust Non-interactive Zero Knowledge , 2001, CRYPTO.

[19]  Kai-Min Chung,et al.  Non-black-box simulation from one-way functions and applications to resettable security , 2013, STOC '13.

[20]  Rafael Pass,et al.  A unified framework for concurrent security: universal composability from stand-alone non-malleability , 2009, STOC '09.

[21]  Vipul Goyal,et al.  Constant round non-malleable protocols using one way functions , 2011, STOC '11.

[22]  Rafael Pass,et al.  Concurrent Non-Malleable Zero Knowledge with Adaptive Inputs , 2011, TCC.

[23]  Rafael Pass,et al.  New and Improved Constructions of Nonmalleable Cryptographic Protocols , 2008, SIAM J. Comput..

[24]  Rafael Pass,et al.  Constant-round non-malleable commitments from any one-way function , 2011, STOC '11.

[25]  Adi Shamir,et al.  Publicly Verifiable Non-Interactive Zero-Knowledge Proofs , 1990, CRYPTO.

[26]  Rafail Ostrovsky,et al.  Round Efficiency of Multi-party Computation with a Dishonest Majority , 2003, EUROCRYPT.

[27]  Vinod Vaikuntanathan,et al.  Adaptive One-Way Functions and Applications , 2008, CRYPTO.

[28]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[29]  Rafail Ostrovsky,et al.  Round-Optimal Secure Two-Party Computation from Trapdoor Permutations , 2017, IACR Cryptol. ePrint Arch..

[30]  Rafael Pass,et al.  Concurrent Non-malleable Commitments from Any One-Way Function , 2008, TCC.

[31]  Boaz Barak,et al.  Constant-round coin-tossing with a man in the middle or realizing the shared random string model , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[32]  Rafael Pass,et al.  New and improved constructions of non-malleable cryptographic protocols , 2005, STOC '05.

[33]  Daniele Venturi,et al.  Fiat-Shamir for Highly Sound Protocols Is Instantiable , 2016, SCN.

[34]  Rafail Ostrovsky,et al.  4-Round Resettably-Sound Zero Knowledge , 2014, TCC.

[35]  Rafail Ostrovsky,et al.  Concurrent Non-Malleable Commitments (and More) in 3 Rounds , 2016, CRYPTO.

[36]  Ivan Visconti,et al.  Online/Offline OR Composition of Sigma Protocols , 2016, IACR Cryptol. ePrint Arch..

[37]  Rafail Ostrovsky,et al.  Simultaneous Resettability from Collision Resistance , 2012, Electron. Colloquium Comput. Complex..

[38]  Juan A. Garay,et al.  Strengthening Zero-Knowledge Protocols Using Signatures , 2003, Journal of Cryptology.