Results 1  10
of
122,455
On the (Im)Plausibility of ConstantRound PublicCoin StraightLineSimulatable ZeroKnowledge Proofs
"... Abstract. In 2001, a breakthrough result by Barak [FOCS 2001] showed how to achieve publiccoin zeroknowledge (ZK) arguments in constant rounds, a feature known to be impossible using blackbox simulation. In this approach, the simulator makes use of the code of the malicious verifier in computing ..."
Abstract
 Add to MetaCart
progress on this front, by providing strong evidence that such an extension is far from likely. Specifically, we show that for a natural class of constantround publiccoin ZK proofs (which we call “canonical, ” as all known nonblackbox ZK protocols fall in this category), a straightline simulator based
On ConstantRound Concurrent ZeroKnowledge
"... Abstract. Loosely speaking, an interactive proof is said to be zeroknowledge if the view of every “efficient ” verifier can be “efficiently” simulated. An outstanding open question regarding zeroknowledge is whether constantround concurrent zeroknowledge proofs exists for nontrivial languages. We ..."
Abstract

Cited by 13 (7 self)
 Add to MetaCart
Abstract. Loosely speaking, an interactive proof is said to be zeroknowledge if the view of every “efficient ” verifier can be “efficiently” simulated. An outstanding open question regarding zeroknowledge is whether constantround concurrent zeroknowledge proofs exists for nontrivial languages
On Limitations of Universal Simulation: ConstantRound PublicCoin ZeroKnowledge Proofs Imply Understanding Programs
, 2013
"... Abstract. In this paper we consider the problem of whether there exist nontrivial constantround publiccoin zeroknowledge (ZK) proofs. We focus on the type of ZK proofs that admit a universal simulator (which handles all malicious verifiers), and show a connection between the existence of such pr ..."
Abstract
 Add to MetaCart
Abstract. In this paper we consider the problem of whether there exist nontrivial constantround publiccoin zeroknowledge (ZK) proofs. We focus on the type of ZK proofs that admit a universal simulator (which handles all malicious verifiers), and show a connection between the existence
PublicCoin Parallel ZeroKnowledge for NP
, 2011
"... We show that, assuming the existence of collisionresistant hash functions, every language in NP has a constantround publiccoin zeroknowledge argument that remains secure under unbounded parallel composition (a.k.a. parallel zero knowledge.) Our protocol is a variant of Barak’s zeroknowledge arg ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
We show that, assuming the existence of collisionresistant hash functions, every language in NP has a constantround publiccoin zeroknowledge argument that remains secure under unbounded parallel composition (a.k.a. parallel zero knowledge.) Our protocol is a variant of Barak’s zeroknowledge
PublicCoin Concurrent ZeroKnowledge in Logarithmic Rounds ⋆
"... Abstract. We construct O(log 1+ɛ n)round publiccoin concurrent zero knowledge arguments for NP from standard (against any polynomialtime adversary) collisionresistant hash functions for arbitrarily small constant ɛ. Our construction is straightline simulatable. This is the first publiccoin con ..."
Abstract
 Add to MetaCart
Abstract. We construct O(log 1+ɛ n)round publiccoin concurrent zero knowledge arguments for NP from standard (against any polynomialtime adversary) collisionresistant hash functions for arbitrarily small constant ɛ. Our construction is straightline simulatable. This is the first publiccoin
On the Composition of PublicCoin ZeroKnowledge Protocols
 In CYPTO, Springer LNCS 5677
, 2009
"... Abstract. We show that only languages in BPP have publiccoin, blackbox zeroknowledge protocols that are secure under an unbounded (polynomial) number of parallel repetitions. This result holds both in the plain model (without any setup) and in the Bare PublicKey Model (where the prover and the v ..."
Abstract

Cited by 13 (7 self)
 Add to MetaCart
and the verifier have registered public keys). We complement this result by showing the existence of a publiccoin blackbox zeroknowledge proof that remains secure under any apriori bounded number of concurrent executions. 1
Concurrent ZeroKnowledge
 IN 30TH STOC
, 1999
"... Concurrent executions of a zeroknowledge protocol by a single prover (with one or more verifiers) may leak information and may not be zeroknowledge in toto. In this paper, we study the problem of maintaining zeroknowledge We introduce the notion of an (; ) timing constraint: for any two proces ..."
Abstract

Cited by 177 (18 self)
 Add to MetaCart
processors P1 and P2 , if P1 measures elapsed time on its local clock and P2 measures elapsed time on its local clock, and P2 starts after P1 does, then P2 will finish after P1 does. We show that if the adversary is constrained by an (; ) assumption then there exist fourround almost concurrent zeroknowledge
On the Composition of ZeroKnowledge Proof Systems
 SIAM Journal on Computing
, 1990
"... : The wide applicability of zeroknowledge interactive proofs comes from the possibility of using these proofs as subroutines in cryptographic protocols. A basic question concerning this use is whether the (sequential and/or parallel) composition of zeroknowledge protocols is zeroknowledge too. We ..."
Abstract

Cited by 214 (15 self)
 Add to MetaCart
execution. We present lower bounds on the round complexity of zeroknowledge proofs, with significant implications to the parallelization of zeroknowledge protocols. We prove that 3round interactive proofs and constantround ArthurMerlin proofs that are blackbox simulation zeroknowledge exist only
ConstantRound Concurrent Zeroknowledge from
, 2014
"... We present a constantround concurrent zeroknowledge protocol for NP. Our protocol relies on the existence of families of collisionresistant hash functions, oneway permutations, and indistinguishability obfuscators for P/poly (with slightly superpolynomial security). ..."
Abstract
 Add to MetaCart
We present a constantround concurrent zeroknowledge protocol for NP. Our protocol relies on the existence of families of collisionresistant hash functions, oneway permutations, and indistinguishability obfuscators for P/poly (with slightly superpolynomial security).
A Note on ConstantRound ZeroKnowledge Proofs of Knowledge ∗
, 2011
"... In this note, we show the existence of constantround computational zeroknowledge proofs of knowledge for all N P. The existence of constantround zeroknowledge proofs was proven by Goldreich and Kahan (Journal of Cryptology, 1996), and the existence of constantround zeroknowledge arguments of kn ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
In this note, we show the existence of constantround computational zeroknowledge proofs of knowledge for all N P. The existence of constantround zeroknowledge proofs was proven by Goldreich and Kahan (Journal of Cryptology, 1996), and the existence of constantround zeroknowledge arguments
Results 1  10
of
122,455