Constant-Round Leakage-Resilient Zero-Knowledge from Collision Resistance
نویسنده
چکیده
We construct a constant-round leakage-resilient zero-knowledge argument system under the existence of collision-resistant hash function family. That is, using collision-resistant hash functions, we construct a constant-round zero-knowledge argument system such that for any cheating verifier that obtains arbitrary amount of leakage of the prover’s state, there exists a simulator that can simulate the adversary’s view by obtaining at most the same amount of leakage of the witness. Previously, leakage-resilient zero-knowledge protocols were constructed only under a relaxed security definition (Garg-Jain-Sahai, CRYPTO’11) or under the DDH assumption (Pandey, TCC’14). Our leakage-resilient zero-knowledge argument system satisfies an additional property that it is simultaneously leakage-resilient zero-knowledge, meaning that both zero-knowledgeness and soundness hold in the presence of leakage.
منابع مشابه
Constant-Round Leakage-Resilient Zero-Knowledge Arguments of Knowledge for NP
Garg, Jain, and Sahai first consider zero knowledge proofs in the presence of leakage on the local state of the prover, and present a leakageresilient-zero-knowledge proof system for HC (Hamiltonian Cycle) problem. Their construction is called (1 + ε)-leakage-resilient zero-knowledge, for any constant ε > 0, because the total length of the leakage the simulator needs is (1 + ε) times as large a...
متن کاملAchieving Constant Round Leakage-Resilient Zero-Knowledge
Recently there has been a huge emphasis on constructing cryptographic protocols that maintain their security guarantees even in the presence of side channel attacks. Such attacks exploit the physical characteristics of a cryptographic device to learn useful information about the internal state of the device. Designing protocols that deliver meaningful security even in the presence of such leaka...
متن کاملConstant-Round Concurrent Zero-Knowledge from Indistinguishability Obfuscation
We present a constant-round concurrent zero-knowledge protocol for NP. Our protocol relies on the existence of families of collision-resistant hash functions, one-way permutations, and indistinguishability obfuscators for P/poly (with slightly super-polynomial security).
متن کاملConstant-Round Concurrent Zero Knowledge in the Bounded Player Model
In [18] Goyal et al. introduced the bounded player model for secure computation. In the bounded player model, there are an a priori bounded number of players in the system, however, each player may execute any unbounded (polynomial) number of sessions. They showed that even though the model consists of a relatively mild relaxation of the standard model, it allows for round-efficient concurrent ...
متن کاملAugmented Black-Box Simulation and Zero Knowledge Argument for NP
The standard zero knowledge notion is formalized by requiring that for any probabilistic polynomial-time (PPT) verifier V ∗, there is a PPT algorithm (simulator) SV ∗ , such that the outputs of SV ∗ is indistinguishable from real protocol views. The simulator is not permitted to access the verifier V ∗’s private state. So the power of SV ∗ is, in fact, inferior to that of V ∗. In this paper, a ...
متن کامل