Implicit Zero-Knowledge Arguments and Applications to the Malicious Setting

We introduce \emph{implicit zero-knowledge} arguments (iZK) and simulation-sound variants thereof (SSiZK); these are lightweight alternatives to zero-knowledge arguments for enforcing semi-honest behavior. Our main technical contribution is a construction of efficient two-flow iZK and SSiZK protocols for a large class of languages under the (plain) DDH assumption in cyclic groups in the common reference string model. As an application of iZK, we improve upon the round-efficiency of existing protocols for securely computing inner product under the DDH assumption. This new protocol in turn provides privacy-preserving biometric authentication with lower latency.

[1]  David Pointcheval,et al.  Disjunctions for Hash Proof Systems: New Constructions and Applications , 2015, EUROCRYPT.

[2]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[3]  Daniel J. Bernstein,et al.  Curve25519: New Diffie-Hellman Speed Records , 2006, Public Key Cryptography.

[4]  Bogdan Warinschi,et al.  How Not to Prove Yourself: Pitfalls of the Fiat-Shamir Heuristic and Applications to Helios , 2012, ASIACRYPT.

[5]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[6]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[7]  Jonathan Katz,et al.  Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose , 2013, CRYPTO.

[8]  Ueli Maurer,et al.  Unifying Zero-Knowledge Proofs of Knowledge , 2009, AFRICACRYPT.

[9]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[10]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[11]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[12]  Abhi Shelat,et al.  Two-Output Secure Computation with Malicious Adversaries , 2011, EUROCRYPT.

[13]  Tibor Jager,et al.  Tightly secure signatures and public-key encryption , 2012, Designs, Codes and Cryptography.

[14]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[15]  Francisco Rodríguez-Henríquez,et al.  High-Speed Software Implementation of the Optimal Ate Pairing over Barreto-Naehrig Curves , 2010, Pairing.

[16]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[17]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[18]  Silvio Micali,et al.  How to Prove all NP-Statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design , 1986, CRYPTO.

[19]  Yehuda Lindell,et al.  Black-box constructions for secure computation , 2006, STOC '06.

[20]  Juan A. Garay,et al.  Strengthening Zero-Knowledge Protocols Using Signatures , 2003, EUROCRYPT.

[21]  Mihir Bellare,et al.  Simulation without the Artificial Abort: Simplified Proof and Improved Concrete Security for Waters' IBE Scheme , 2009, EUROCRYPT.

[22]  Moti Yung,et al.  Signatures Resilient to Continual Leakage on Memory and Computation , 2011, IACR Cryptol. ePrint Arch..

[23]  Eike Kiltz,et al.  Programmable Hash Functions and Their Applications , 2008, CRYPTO.

[24]  Mihir Bellare,et al.  An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem , 2004, EUROCRYPT.

[25]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[26]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[27]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[28]  Yehuda Lindell,et al.  Universally Composable Password-Based Key Exchange , 2005, EUROCRYPT.

[29]  Moti Yung,et al.  Non-Malleability from Malleability: Simulation-Sound Quasi-Adaptive NIZK Proofs and CCA2-Secure Encryption from Homomorphic Signatures , 2014, IACR Cryptol. ePrint Arch..

[30]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[31]  Brent Waters,et al.  Witness encryption and its applications , 2013, STOC '13.

[32]  Antoine Joux,et al.  A Heuristic Quasi-Polynomial Algorithm for Discrete Logarithm in Finite Fields of Small Characteristic , 2014, EUROCRYPT.

[33]  Abhi Shelat,et al.  Fast two-party secure computation with minimal assumptions , 2013, CCS.

[34]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[35]  David Pointcheval,et al.  Round-Optimal Privacy-Preserving Protocols with Smooth Projective Hash Functions , 2012, TCC.

[36]  Yehuda Lindell,et al.  A framework for password-based authenticated key exchange1 , 2006, TSEC.

[37]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[38]  Adi Shamir,et al.  Multiple non-interactive zero knowledge proofs based on a single random string , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[39]  David Pointcheval,et al.  SPHF-Friendly Non-interactive Commitments , 2013, ASIACRYPT.

[40]  Yehuda Lindell Fast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries , 2013, CRYPTO.

[41]  David Pointcheval,et al.  New Techniques for SPHFs and Efficient One-Round PAKE Protocols , 2013, IACR Cryptol. ePrint Arch..

[42]  Yehuda Lindell,et al.  A Framework for Password-Based Authenticated Key Exchange , 2003, EUROCRYPT.

[43]  Claus-Peter Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1990, EUROCRYPT.

[44]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[45]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[46]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[47]  Thorsten Kleinjung,et al.  Fe b 20 14 Breaking ‘ 128-bit Secure ’ Supersingular Binary Curves ⋆ ( or how to solve discrete logarithms in F , 2014 .

[48]  Georg Fuchsbauer,et al.  Batch Groth-Sahai , 2010, ACNS.

[49]  Stanislaw Jarecki Practical Covert Authentication , 2014, Public Key Cryptography.

[50]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, Journal of Cryptology.

[51]  Moni Naor,et al.  Non-Malleable Cryptography (Extended Abstract) , 1991, STOC 1991.

[52]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[53]  Yehuda Lindell,et al.  Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer , 2010, IACR Cryptol. ePrint Arch..