Constant-Round Concurrent Non-malleable Zero Knowledge in the Bare Public-Key Model
نویسندگان
چکیده
One of the central questions in Cryptography is the design of round-efficient protocols that are secure under concurrent man-in-the-middle attacks. In this paper we present the first constant-round concurrent non-malleable zero-knowledge argument system for NP in the Bare Public-Key model [Canetti et al. STOC 2000], resolving one of the major open problems in this area. To achieve our result, we introduce and study the notion of non-malleable witness indistinguishability, which is of independent interest. Previous results either achieved relaxed forms of concurrency/security or needed stronger setup assumptions or required a non-constant round complexity.
منابع مشابه
Constant-Round Concurrent NMWI and its relation to NMZK
One of the central questions in Cryptography is to design round-efficient protocols that are secure under man-in-the-middle attacks. In this paper we introduce and study the notion of non-malleable witness indistinguishability (NMWI) and examine its relation with the classic notion of non-malleable zero knowledge (NMZK). Indeed, despite tremendous applicability of witness indistinguishability, ...
متن کاملConcurrently Non-Malleable Zero Knowledge in the Authenticated Public-Key Model
We consider a type of zero-knowledge protocols that are of interest for their practical applications within networks like the Internet: efficient zero-knowledge arguments of knowledge that remain secure against concurrent man-in-the-middle attacks. As negative results in the area of concurrent non-malleable zero-knowledge imply that protocols in the standard setting (i.e., under no setup assump...
متن کاملConstant-Round Resettable Zero Knowledge with Concurrent Soundness in the Bare Public-Key Model
In the bare public-key model (BPK in short), each verifier is assumed to have deposited a public key in a file that is accessible by all users at all times. In this model, introduced by Canetti et al. [STOC 2000], constant-round black-box concurrent and resettable zero knowledge is possible as opposed to the standard model for zero knowledge. As pointed out by Micali and Reyzin [Crypto 2001], t...
متن کاملConcurrent Non-Malleable Witness Indistinguishability and its Applications
One of the central questions in Cryptography today is proving security of the protocols “on the Internet”, i.e., in a concurrent setting where there are multiple interactions between players, and where the adversary can play so called “man-in-the-middle” attacks, forwarding and modifying messages between two or more unsuspecting players. Indeed, the main challenge in this setting is to provide ...
متن کاملResettable Zero Knowledge in the Bare Public-Key Model under Standard Assumption
In this paper we resolve an open problem regarding resettable zero knowledge in the bare public-key (BPK for short) model: Does there exist constant round resettable zero knowledge argument with concurrent soundness for NP in BPK model without assuming sub-exponential hardness? We give a positive answer to this question by presenting such a protocol for any language in NP in the bare public-key...
متن کامل