Languages with Efficient Zero-Knowledge PCPs are in SZK
نویسندگان
چکیده
A Zero-Knowledge PCP (ZK-PCP) is a randomized PCP such that the view of any (perhaps cheating) efficient verifier can be efficiently simulated up to small statistical distance. Kilian, Petrank, and Tardos (STOC ’97) constructed ZK-PCPs for all languages in NEXP. Ishai, Mahmoody, and Sahai (TCC ’12), motivated by cryptographic applications, revisited the possibility of efficient ZK-PCPs for all L ∈ NP where the PCP is encoded as a polynomial-size circuit that given a query i returns the i symbol of the PCP. Ishai et al. showed that there is no efficient ZK-PCP for NP with a non-adaptive verifier, who prepares all of its PCP queries before seeing any answers, unless NP ⊆ coAM and polynomial-time hierarchy collapses. The question of whether adaptive verification can lead to efficient ZK-PCPs for NP remained open. In this work, we resolve this question and show that any language or promise problem with efficient ZK-PCPs must be in SZK (the class of promise problems with a statistical zeroknowledge single prover proof system). Therefore, no NP-complete problem can have an efficient ZK-PCP unless NP ⊆ SZK (which also implies NP ⊆ coAM and the polynomial-time hierarchy collapses). We prove our result by reducing any promise problem with an efficient ZK-PCP to two instances of the Conditional Entropy Approximation problem defined and studied by Vadhan (FOCS’04) which is known to be complete for the class SZK.
منابع مشابه
Secret Sharing and Statistical Zero Knowledge
We show a general connection between various types of statistical zero-knowledge (SZK) proof systems and (unconditionally secure) secret sharing schemes. Viewed through the SZK lens, we obtain several new results on secret-sharing: • Characterizations: We obtain an almost-characterization of access structures for which there are secret-sharing schemes with an efficient sharing algorithm (but no...
متن کاملFrom Statistical Zero Knowledge to Secret Sharing
We show a general connection between various types of statistical zero-knowledge (SZK) proof systems and (unconditionally secure) secret sharing schemes. Viewed through the SZK lens, we obtain several new results on secret-sharing: • Characterizations: We obtain an almost-characterization of access structures for which there are secret-sharing schemes with an efficient sharing algorithm (but no...
متن کاملResettable Statistical Zero Knowledge
Two central notions of Zero Knowledge that provide strong, yet seemingly incomparable security guarantees against malicious verifiers are those of Statistical Zero Knowledge and Resettable Zero Knowledge. The current state of the art includes several feasibility and impossibility results regarding these two notions separately. However, the question of achieving Resettable Statistical Zero Knowl...
متن کاملA Complete Promise Problem for Statistical Zero-Knowledge
We present a complete promise problem for SZK, the class of languages possessing statistical zero-knowledge proofs (against an honest verifier). The problem is to decide whether two efficiently samplable distributions are either statisticallyclose or far apart. This characterizes SZK with no reference to interaction or zero-knowledge. From this theorem and its proof, we are able to establish se...
متن کاملStatistical Randomized Encodings: A Complexity Theoretic View
A randomized encoding of a function f(x) is a randomized function f̂(x, r), such that the “encoding” f̂(x, r) reveals f(x) and essentially no additional information about x. Randomized encodings of functions have found many applications in different areas of cryptography, including secure multiparty computation, efficient parallel cryptography, and verifiable computation. We initiate a complexity...
متن کامل