2 research outputs found
New Techniques for Zero-Knowledge: Leveraging Inefficient Provers to Reduce Assumptions and Interaction
We present a transformation from NIZK with inefficient provers in the uniform random string (URS) model
to ZAPs (two message witness indistinguishable proofs) with inefficient provers.
While such a transformation was known for the case where the prover is efficient, the security
proof breaks down if the prover is inefficient.
Our transformation is obtained via new applications of Nisan-Wigderson designs, a combinatorial object originally
introduced in the derandomization literature.
We observe that our transformation is applicable both in the setting of super-polynomial provers/poly-time adversaries, as well as a new fine-grained setting, where the prover is polynomial time and the verifier/simulator/zero knowledge distinguisher are in a lower complexity class, such as .
We also present -fine-grained NIZK in the URS model for all of
from the worst-case assumption \oplus L/\mathsf{\poly} \not\subseteq \mathsf{NC}^1.
Our techniques yield the following applications:
1. ZAPs for from Minicrypt assumptions (with super-polynomial time provers),
2. -fine-grained ZAPs for from worst-case assumptions,
3. Protocols achieving an offline\u27\u27 notion of NIZK (oNIZK) in the standard (no-CRS) model with uniform soundness in
both the super-polynomial setting (from Minicrypt assumptions) and
the -fine-grained setting (from worst-case assumptions). The oNIZK notion is sufficient for use in indistinguishability-based proofs
All-But-Many Encryption: A New Framework for Fully-Equipped UC Commitments
We present a general framework for constructing
non-interactive universally composable (UC) commitment schemes that are secure against adaptive adversaries
in the non-erasure model under a re-usable common reference string.
Previously, such ``fully-equipped\u27\u27 UC commitment schemes have been known only in [CF01,CLOS02], with strict expansion factor O(k);
meaning that to commit L bits, communication strictly requires O(Lk)$ bits,
where k denotes the security parameter.
Efficient construction of a fully-equipped UC commitment scheme is
a long-standing open problem.
We introduce new abstraction, called all-but-many encryption (ABME),
and prove that it captures fully-equipped UC commitment schemes.
We propose the first fully-equipped UC commitment scheme
with optimal expansion factor O(1) from our ABME scheme related to the DCR assumption.
We also provide an all-but-many lossy trapdoor function (ABM-LTF)[Hof12] from
our DCR-based ABME scheme, with a better lossy rate than [Hof12]