New and improved constructions of non-malleable cryptographic protocols

We present a new constant round protocol for non-malleable zero-knowledge. Using this protocol as a subroutine, we obtain a new constant-round protocol for non-malleable commitments. Our constructions rely on the existence of (standard) collision resistant hash functions. Previous constructions either relied on the existence of trapdoor permutations and hash functions that are collision resistant against sub-exponential sized circuits, or required a super-constant number of rounds.Additional results are the first construction of a non-malleable commitment scheme that is statistically hiding (with respect to opening), and the first non-malleable protocols that satisfy a strict polynomial-time simulation requirement. The latter are constructed by additionally assuming the existence of trapdoor permutations.Our approach differs from the approaches taken in previous works in that we view non-malleable zero-knowledge as a building-block rather than an end goal. This gives rise to a modular construction of non-malleable commitments and results in a somewhat simpler analysis.The techniques that we use to construct our zero-knowl-edge protocol are non black-box, but are different than the non black-box techniques previously used in the context of non-malleable coin-tossing.

[1]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[2]  R. Cramer,et al.  Linear Zero-Knowledgde. A Note on Efficient Zero-Knowledge Proofs and Arguments , 1996 .

[3]  Rafael Pass,et al.  Concurrent non-malleable commitments , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[4]  Yehuda Lindell,et al.  Strict Polynomial-Time in Simulation and Extraction , 2004, SIAM J. Comput..

[5]  Adi Shamir,et al.  Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions , 1999, SIAM J. Comput..

[6]  Moni Naor,et al.  Does parallel repetition lower the error in computationally sound protocols? , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[7]  Oded Goldreich,et al.  Universal arguments and their applications , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[8]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[9]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[10]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[11]  Silvio Micali,et al.  CS proofs , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[12]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[13]  Salil P. Vadhan,et al.  Simpler Session-Key Generation from Short Random Passwords , 2004, TCC.

[14]  Ivan Damgård,et al.  Non-interactive and reusable non-malleable commitment schemes , 2003, STOC '03.

[15]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[16]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[17]  Yehuda Lindell,et al.  Session-Key Generation Using Human Passwords Only , 2001, Journal of Cryptology.

[18]  Rafail Ostrovsky,et al.  Robust Non-interactive Zero Knowledge , 2001, CRYPTO.

[19]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[20]  Rafael Pass,et al.  Bounded-concurrent secure two-party computation in a constant number of rounds , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[21]  Rafail Ostrovsky,et al.  Non-interactive and non-malleable commitment , 1998, STOC '98.

[22]  Rafail Ostrovsky,et al.  Perfect Zero-Knowledge Arguments for NP Using Any One-Way Permutation , 1998, Journal of Cryptology.

[23]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[24]  Silvio Micali,et al.  Computationally Sound Proofs , 2000, SIAM J. Comput..

[25]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[26]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[27]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[28]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[29]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[30]  Ivan Damgård,et al.  On the existence of statistically hiding bit commitment schemes and fail-stop signatures , 1994, Journal of Cryptology.

[31]  Manuel Blum,et al.  Coin Flipping by Telephone. , 1981, CRYPTO 1981.

[32]  Oded Goldreich,et al.  How to construct constant-round zero-knowledge proof systems for NP , 1996, Journal of Cryptology.

[33]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[34]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[35]  Rafail Ostrovsky,et al.  Efficient and Non-interactive Non-malleable Commitment , 2001, EUROCRYPT.

[36]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[37]  Ivan Damgård,et al.  Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments , 1997, STOC '97.

[38]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[39]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[40]  Boaz Barak,et al.  Constant-round coin-tossing with a man in the middle or realizing the shared random string model , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[41]  Marc Fischlin,et al.  Efficient Non-Malleable Commitment Schemes , 2000, Annual International Cryptology Conference.

[42]  Yehuda Lindell,et al.  Bounded-concurrent secure two-party computation without setup assumptions , 2003, STOC '03.

[43]  Rafael Pass,et al.  Bounded-concurrent secure multi-party computation with a dishonest majority , 2004, STOC '04.

[44]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[45]  Michael K. Reiter,et al.  Alternatives to Non-malleability: Definitions, Constructions, and Applications (Extended Abstract) , 2004, TCC.

[46]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 1, Basic Tools , 2001 .