Lower bounds for non-black-box zero knowledge

Journal of Computer and System Sciences

Volumn 72, Issue 2, 2006, Pages 321-391

  Barak, Boaz ^a   Lindell, Yehuda ^b   Vadhan, Salil ^c  

^a INSTITUTE FOR ADVANCED STUDY   (United States)

^b BAR ILAN UNIVERSITY   (Israel)

^c HARVARD UNIVERSITY   (United States)

Author keywords

Argument systems; Interactive proof systems; Non black box simulation; Pseudorandom generators; Randomness extractors; Zero knowledge

Indexed keywords

COMPUTATIONAL COMPLEXITY; CRYPTOGRAPHY;

ARGUMENT SYSTEM; INTERACTIVE PROOF SYSTEMS; NON-BLACK-BOX SIMULATIONS; PSEUDORANDOM GENERATORS; RANDOMNESS EXTRACTORS; ZERO KNOWLEDGE;

KNOWLEDGE REPRESENTATION;

EID: 32844469026     PISSN: 00220000     EISSN: 10902724     Source Type: Journal    
DOI: 10.1016/j.jcss.2005.06.010     Document Type: Article

References (67)

1. V. Arvind, and J. Köbler On pseudorandomness and resource-bounded measure Theoret. Comput. Sci. 255 1-2 2001 205 221
2. L. Babai, and S. Moran Arthur-Merlin Games: A Randomized Proof System and a Hierarchy of Complexity Classes J. Comput. System Sci. 36 1988 254 276
3. B. Barak, How to go beyond the black-box simulation barrier, in: Proceedings of the 42nd FOCS, IEEE, 2001, pp. 106-115. (preliminary full version available on http://www.wisdom.weizmann.ac.il/~boaz ).
4. B. Barak, O. Goldreich, Universal arguments and their applications, Cryptology ePrint Archive, Report 2001/105, 2001 (Preliminary version appeared in CCC' 2002).
5. B. Barak, Y. Lindell, Strict polynomial-time in simulation and extraction, Cryptology ePrint Archive, Report 2002/043, 2002. http://eprint.iacr.org/. Extended form appeared in STOC' 02.
6. B. Barak, Y. Lindell, S. Vadhan, Lower bounds for non-black-box zero knowledge, in: Proceedings of the 44th Annual Symposium on Foundations of Computer Science, FOCS '03, IEEE, Cambridge, MA, 11-14 October, 2003, pp. 384-393.
7. B. Barak, S.J. Ong, S. Vadhan, Derandomization in cryptography, in: D. Boneh (Ed.), Advances in Cryptology - CRYPTO '03, 17-21 August 2003, Lecture Notes in Computer Science, vol. 2729, Springer, New York.
8. M. Bellare A note on negligible functions J. Cryptology 15 4 2002 271 284
9. M. Bellare, O. Goldreich, and E. Petrank Uniform generation of NP-witnesses using an NP-?Oracle Inform. and Comput. 163 2000
10. B. Barak, O. Goldreich, S. Goldwasser, Y. Lindell, Resettably-sound zero-knowledge and its applications, Record 2001/063, Cryptology ePrint Archive, August 2001 (Appeared in 42nd FOCS, 2001).
11. M. Bellare, A. Palacio, The knowledge-of-exponent Assumptions and 3-round zero-knowledge protocols, Cryptology ePrint Archive, Report 2004/008, 2004. http://eprint.iacr.org/.
12. E.R. Berlekamp Factoring polynomials over large finite fields Math. Comput. 24 1970
13. M. Blum, Coin flipping by phone, in: Proceedings of the 24th IEEE Computer Conference, CompCon, 1982, pp. 133-137
14. (see also SIGACT News 15(1) (1983)).
15. M. Blum How to prove a theorem so no one else can claim it Proceedings of the International Congress of Mathematicians 1987 1444 1451
16. G. Brassard, C. Crépeau, M. Yung, Everything in NP can be argued in perfect zero-knowledge in a bounded number of rounds, in: Eurocrypt '89, 1989, pp. 192-195, LNCS No. 434.
17. R. Canetti Universally composable security, a new paradigm for cryptographic protocols extended abstract 42nd IEEE Symposium on Foundations of Computer Science, Las Vegas, NV, 2001 2001 IEEE Computer Society Los Alamitos, CA 136 145
18. R. Canetti, O. Goldreich, S. Goldwasser, and S. Micali Resettable Zero-Knowledge Proceedings of the 32th STOC 2000 ACM New York 235 244
19. R. Canetti, J. Kilian, E. Petrank, A. Rosen, Black-box concurrent zero-knowledge requires Ω̃(log n) rounds, Record 2001/051, Cryptology ePrint Archive, June 2001 (Extended abstract appeared in STOC' 01).
20. R. Canetti, E. Kushilevitz, Y. Lindell, On the limitations of universally composable two-party computation without set-up assumptions, in: EUROCRYPT '03, 2003, pp. 68-86.
21. R. Cramer, V. Shoup, Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack, Cryptology ePrint Archive, Report 2001/108, 2001. http://eprint.iacr.org/.
22. R. Cramer, B. Schoenmakers, and I. Damgård Proofs of partial knowledge and simplified design of witness hiding protocols CWI Quart. 8 2 1995 111 127
23. I. Damgård Towards practical public-key cryptosystems provably-secure against chosen-ciphertext attack J. Feigenbaum Advances in Cryptology - CRYPTO '91, Lecture Notes in Computer Science vol. 576 1991 Springer New York 445 456 1991 11-15 August
24. C. Dwork, and M. Naor Zaps and their applications Proceedings of the 41st FOCS 2000 IEEE 283 293
25. C. Dwork, M. Naor, O. Reingold, and L. Stockmeyer Magic functions Proceedings of the 40th FOCS 1999 IEEE 523 534
26. C. Dwork, M. Naor, and A. Sahai Concurrent zero knowledge Proceedings of the 30th STOC 1998 ACM New York 409 418
27. U. Feige, A. Shamir, Zero knowledge proofs of knowledge in two rounds, in: Crypto '89, Lecture Notes in Computer Science, vol. 435, Springer, Berlin, 1989, pp. 526-545.
28. A. Fiat, A. Shamir, How to prove yourself: practical solutions to identification and signature problems, in: Crypto '86, Lecture Notes in Computer Science, vol. 263, 1986, pp. 186-194.
29. O. Goldreich A uniform-complexity treatment of encryption and zero-knowledge J. Cryptology 6 1 1993 21 53
30. O. Goldreich Foundations of Cryptography: Basic Tools 2001 Cambridge University Press Cambridge
31. O. Goldreich, Lecture notes for the course "Randomized Methods in Computation", 2001. Available from http://www.wisdom.weizmann.ac.il/~oded/ rnd.html.
32. O. Goldreich Foundations of Cryptography: Basic Applications 2004 Cambridge University Press Cambridge
33. O. Goldreich, and A. Kahan How to construct constant-round zero-knowledge proof systems for NP J. Cryptology 9 3 1996 167 189
34. O. Goldreich, and H. Krawczyk On the composition of zero proof systems SIAM J. Comput. 25 1 1996 169 192 (preliminary version appeared in ICALP' 90)
35. O. Goldreich, S. Micali, and A. Wigderson Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems J. ACM 38 3 1991 691 729
36. O. Goldreich, and Y. Oren Definitions and properties of zero-knowledge proof systems J. Cryptology 7 1 1994 1 32 (preliminary version in FOCS' 87)
37. O. Goldreich, S. Vadhan, and A. Wigderson On interactive proofs with a Laconic prover Comput. Complex. 11 2002 1 53 (Extended abstract in ICALP '01)
38. S. Goldwasser, S. Micali, and C. Rackoff The knowledge complexity of interactive proof systems SIAM J. Comput. 18 1 1989 186 208 (preliminary version in STOC' 85)
39. S. Goldwasser, Y. Tauman, On the (In)security of the Fiat-Shamir paradigm. Cryptology ePrint Archive, Report 2003/034, 2003, Extended abstract appears in these proceedings.
40. L.C. Guillou, J.-J. Quisquater, A "paradoxical" identity-based signature scheme resulting from zero-knowledge, in: Advances in Cryptology - CRYPTO '88, Santa Barbara, CA, 1988, Lecture Notes in Computer Science, vol. 403, Springer, Berlin, 1990, pp. 216-231.
41. S. Hada, T. Tanaka, On the existence of 3-round zero-knowledge protocols, in: Advances in cryptology - CRYPTO '98, Lecture Notes in Computer Science, Santa vol. 1462, Barbara, CA, 1998, Springer, Berlin, 1998, pp. 408-423.
42. J. Håstad, R. Impagliazzo, L.A. Levin, and M. Luby A pseudorandom generator from any one-way function SIAM J. Comput. 28 4 1999 1364 1396
43. R. Impagliazzo, and A. Wigderson P = BPP if E Requires Exponential Circuits: Derandomizing the XOR Lemma Proceedings of the 29th STOC 1997 ACM New York 220 229
44. M.R. Jerrum, L.G. Valiant, and V.V. Vazirani Random generation of combinatorial structures from a uniform distribution Theoret. Comput. Sci. 43 2-3 1986 169 188
45. J. Kilian A note on efficient zero-knowledge proofs and arguments (extended abstract) Proceedings of the 24th STOC 1992 ACM New York 723 732
46. J. Kilian, E. Petrank, Concurrent zero-knowledge in poly-logarithmic rounds cryptology, ePrint Archive, Report 2000/013, 2000 (preliminary version appeared in STOC' 01).
47. J. Kilian, E. Petrank, and C. Rackoff Lower bounds for zero knowledge on the Internet Proceedings of the 39th FOCS 1998 IEEE 484 492
48. A.R. Klivans, and D. van Melkebeek Graph nonisomorphism has subexponential size proofs unless the polynomial-time hierarchy collapses SIAM J. Comput. 31 5 2002 1501 1526
49. L.A. Levin Universal search problems Problemy Peredači Inform. 9 3 1973 115 116
50. M.G. Luby Pseudorandomness and cryptographic applications. Princeton Computer Science Notes 1996 Princeton University Press Princeton, NJ
51. S. Micali CS proofs Proceedings of the 35th FOCS 1994 IEEE 436 453
52. P.B. Miltersen, and N.V. Vinodchandran Derandomizing Arthur-Merlin games using hitting sets Proceedings of the 40th FOCS 1999 IEEE 71 80
53. M. Naor Bit Commitment Using Pseudorandomness J. Cryptology 4 2 1991 151 158 (preliminary version in CRYPTO' 89)
54. M. Naor, On cryptographic assumptions and challenges, in: D. Boneh (Ed.), Advances in Cryptology - CRYPTO '03, 17-21 August 2003, Lecture Notes in Computer Science, vol. 2729, Springer, Berlin.
55. N. Nisan, and D. Zuckerman Randomness is linear in space J. Comput. System Sci. 52 1 1996 43 52
56. T. Okamoto, Provably secure and practical identification schemes and corresponding signature schemes, in: Advances in Cryptology - CRYPTO '92, Santa Barbara, CA, 1992, Lecture Notes in Computer Science, vol. 740, Springer, Berlin, 1993, pp. 31-53.
57. D. Pointcheval, J. Stern, Security proofs for signature schemes, in: Advances in Cryptology - EUROCRYPT '96, Saragossa, 1996, Lecture Notes in Computer Science, vol. 1070, Springer, Berlin, 1996, pp. 387-398.
58. M. Prabhakaran, A. Rosen, and A. Sahai Concurrent zero knowledge with logarithmic round-complexity Proceedings of the 33rd FOCS 1992 IEEE
59. L. Reyzin, Zero-knowledge with public keys, Ph.D. Thesis, MIT, Cambridge 2001.
60. R. Richardson, J. Kilian, On the concurrent composition of zero-knowledge proofs. in: Eurocrypt '99, vol. 1592, Springer, Berlin (1999).
61. A. Rosen, A note on the round-complexity of concurrent zero-knowledge. in: Crypto '00, Lecture Notes in Computer Science, vol. 1880, Springer, Berlin, 2000.
62. A. Sahai, and S. Vadhan A complete problem for statistical zero knowledge J. ACM 50 2 2003 196 249 (Extended abstract in FOCS '97)
63. C.P. Schnorr Efficient signature generation by smart cards J. Cryptology 4 3 1991 161 174
64. R. Shaltiel, and C. Umans Simple extractors for all min-entropies and a new pseudo-random generator Proceedings of the 42st FOCS 2001 IEEE 648 657
65. M. Sipser, A complexity theoretic approach to randomness, in: Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing, 25-27 April, 1983, Boston, Massachusetts, pp. 330-335.
66. A. Srinivasan, and D. Zuckerman Computing with very weak random sources SIAM J. Comput. 28 4 1999 1433 1459 (electronic)
67. L. Stockmeyer On approximation algorithms for #P SIAM J. Comput. 14 4 1985 849 861