Efficient Zero-Knowledge for NP from Secure Two-Party Computation

Ishai et al. [28, 29] introduced a powerful technique that provided a general transformation from secure multiparty computation (MPC) protocols to zero-knowledge (ZK) proofs in a black-box way, called “MPC-in-the-head”. A recent work [27] extends this technique and shows two ZK proof protocols from a secure two-party computation (2PC) protocol. The works [28, 27] both show a basic three-round ZK proof protocol which can be made negligibly sound by standard sequential repetition [19]. Under general black-box zero knowledge notion, neither ZK proofs nor arguments with negligible soundness error can be achieved in less than four rounds without additional assumptions [15]. In this paper, we address this problem under the notion of augmented black-box zero knowledge [26], which is defined with a new simulation method, called augmented black-box simulation. It is presented by permitting the simulator to have access to the verifier’s current private state (i.e. “random coins” used to compute the current message) in a special manner. We first show a three-round augmented black-box ZK proof for the language graph 3-colorability, denoted G3C. And then we generalize the construction to a three-round augmented black-box ZK proof for any NP relation R(x, w) without relying on expensive Karp reductions. The two constructions are based on a family of claw-free permutations and the general construction is additionally based on a black-box use of a secure 2PC for a related two-party functionality. Besides, we show our protocols can be made negligibly sound by directly parallel repetition

Candidate Differing-Inputs Obfuscation from Indistinguishability Obfuscation and Auxiliary-Input Point Obfuscation

Differing-inputs obfuscation (diO), first proposed by Barak et. al. [4], provides stronger security than that provided by indistinguishability obfuscation (iO). An iO scheme provides indistinguishability between the obfuscations of two programs that are equivalent and have the same length of description. A diO scheme ensures that the obfuscations of two efficiently generated programs with the same description length are indistinguishable if it is hard to find an input on which their outputs differ. Ananth et. al. [1], provides stronger security than that provided by indistinguishability obfuscation (iO). An iO scheme provides indistinguishability between the obfuscations of two programs that are equivalent and have the same length of description. A diO scheme ensures that the obfuscations of two efficiently generated programs with the same description length are indistinguishable if it is hard to find an input on which their outputs differ. Ananth et. al. [1 showed the definition of diO with respect to arbitrary auxiliary inputs. However, Garg et al. [19] showed that the existence of this kind of diO contradicts a certain “special-purpose obfuscation” conjecture. Ishai, Pandey and Sahai [23] suggested a diO variant called public-coin diO, which requires the auxiliary input to be a public random string and given as input to all relevant algorithms. They gave a construction of public-coin diO by assuming the existence of public-coin differing-inputs obfuscator for NC^1 circuits. In this paper, we use a slightly different definition, called public-coin-dependent diO. It allows the obfuscation algorithm to additionally take as input the random coins used to sample the circuit pair (including the circuit to be obfuscated) and thus the obfuscation algorithm can use the property of the circuit pair. We first construct a public-coin differing-inputs obfuscator for a class of new defined function with iO and point obfuscation with auxiliary input (AIPO). And then we use it to complete the public-coin-dependent diO for any pair of circuits that are hard to be found an input on which their outputs differ. The constructions are based on secure iO schemes for NC^1, fully homomorphic encryption scheme, and the existence of AIPO. Besides, we show the applications of our constructions

Some Low Round Zero Knowledge Protocols

In this paper, we focus on zero-knowledge protocols for NP with low round complexity under the augmented black-box simulation technique, in which the simulator has access to the verifier\u27s secret information, and obtain positive results on 3-round zero-knowledge proofs and 2-round zero-knowledge arguments for NP and 2-round zero-knowledge proofs for QNR. More precisely, our contributions are five-fold: (i) we propose the notion of generalized claw-free function and the notion of trapdoor generalized claw-free function, and then we show a construction of trapdoor generalized claw-free function under the discrete logarithm assumption and the knowledge of exponent assumption, (ii) we propose the notion of completely extractable bit-commitment and give a construction of it from trapdoor generalized claw-free functions, (iii) we present a 3-round zero-knowledge proof for NP based on the completely extractable bit-commitment schemes and Yao\u27s garbling circuit technique, (iv) we show a 2-round zero-knowledge argument for NP based on indistinguishable obfuscator, (v) we transform the basic 2-round honest verifier zero-knowledge proof protocol for quadratic non-residue into a 2-round zero-knowledge proof protocol

Augmented Black-Box Simulation and Zero Knowledge Argument for NP

The standard zero knowledge notion is formalized by requiring that for any probabilistic polynomial-time (PPT) verifier $V^*$, there is a PPT algorithm (simulator) $S_{V^*}$, such that the outputs of $S_{V^*}$ is indistinguishable from real protocol views. The simulator is not permitted to access the verifier $V^*$\u27s private state. So the power of $S_{V^*}$ is, in fact, inferior to that of $V^*$. In this paper, a new simulation method, called augmented black-box simulation, is presented by permitting the simulator to have access to the verifier\u27s current private state in a special manner. The augmented black-box simulator only has the same computing power as the verifier although it is given access to the verifier\u27s current private state. Therefore, augmented black-box simulation is a reasonable method to prove zero knowledge property, and brings results that hard to obtain with previous simulation techniques. Zero knowledge property, proved by means of augmented black-box simulation, is called augmented black-box zero-knowledge. We present a 5-round statistical augmented black-box zero-knowledge argument for Exact Cover Problem under the Decision Multilinear No-Exact-Cover Assumption. In addition, we show a 2-round computational augmented black-box zero-knowledge argument protocol for Exact Cover problem under the Decision Multilinear No-Exact-Cover Assumption and the assumption of the existence of hash functions. It is well known that 2-round zero knowledge protocols does not exist under general zero knowledge notion. Besides, following [19], we consider leakage-resilient property of augmented black-box zero knowledge, and prove that the presented statistical zero-knowledge protocol has optimal leakage-resilient property

UniqueChain: A Fast, Provably Secure Proof-of-Stake Based Blockchain Protocol in the Open Setting

We present UniqueChain, a proof-of-stake based blockchain protocol that is secure against a mildly adaptive adversary in open setting, where newly joining parties can be initialized securely without any additional trusted assumptions. What\u27s more, UniqueChain provides secure best local chains for existing honest parties and achieves fast messages (transactions) confirmation. Security of protocol holds if majority of overall stakes are controlled by honest parties. To achieve the above guarantees, we formalize a secure bootstrapping mechanism for new parties, a best local chain selection rule for existing honest parties and propose a new form of two-chain structure that realizes uniqueness of the chains, which contain messages, held by honest parties. Further, we prove that $UniqueChain$ satisfies security properties as chain growth, chain quality, common prefix and soundness, and two additional properties as uniqueness and high efficiency

The operational efficiency of a novel AnMBR treating antibiotic solvent wastewater in start-up stage

The performance of a novel anaerobic membrane bioreactor (AnMBR) for treating antibiotic solvent wastewater was investigated in the start-up stage. The removal efficiencies of the four tested antibiotics were over 90%, mainly attributed to the biological process. Volatile fatty acid increased along with anaerobic sludge acclimation. pH (mean value 7.5) and a (mean value 0.12) remained stable. Mixed liquid suspended solids and mixed liquor volatile suspended solids increased along with the sludge acclimation as well. The protein and polysaccharide in suspended sludge decreased, while the protein/polysaccharide in exopolysaccharides increased. Microbial community analysis showed the abundance of Methanosarcina spp. fluctuated over time and was finally stable at 17%. The abundance of Methanosaeta spp. increased significantly. There are two kinds of hydrogen producing methane producing microorganisms (Methanobacteriales and Methanomicrobiales) in AnMBR. Methanobacteriales was the dominant methanogenus. These results indicate that an AnMBR can effectively treat antibiotic solvent wastewater in the start-up period

Selectively Investigating Molecular Configuration Effect on Blue Electrophosphorescent Host Performance through a Series of Hydrocarbon Oligomers

Hydrocarbon oligomers X9F, including S9F, D9F, and T9F as monomer, dimer, and trimer, respectively, were designed and prepared on the basis of indirect linkage and 9,9-diphenylfluorene (S9F) as repeat unit to form planar, linear, and V-shaped configurations without polarity variation and function amplification. The identical optical and electrochemical properties of X9F were achieved because of the effectively blocked intramolecualr electronic interactions by indirect linkage, including the same T₁ value of 2.98 eV, high enough for hosts in blue phosphorescent organic light-emitting diodes (PHOLEDs), and the approximate FMO energy levels, which established the basis for selective investigation of independent configuration effect on the optoelectronic performance of host materials. Density function theory simulation manifested the frontier molecular orbital (FMO) location extension after oligomerization and the specific T₁ locations on peripheral fluorenyls in X9F, giving rise to their different carrier-transporting abilities and host-localized triplet–triplet annihilation (TTA) and triplet–polaron quenching (TPQ) effects. As a result, D9F with the linear and locally unsymmetrical configuration revealed electron-predominant characteristics for charge balance, restrained triplet interaction for TTA suppression, and partially separated FMO and T₁ locations for TPQ suppression. Consequently, the low driving voltages and the favorable maximum efficiencies, such as ∼11% for external quantum efficiency (EQE), as well as reduced roll-offs less than 8% for EQE at 1000 cd m^–2, were achieved by D9F-based blue PHOLEDs as the highest performance among X9F, in which device efficiencies were improved by 50% compared to that of conventional polarized host mCP. It is conceivable that molecular configuration has significant effects on electrical properties and quenching effects of organic semiconductors with remarkable influence on intermolecular interplay and excited-state locations