Article

Commitments and efficient zero-knowledge proofs from learning parity with noise

Authors:

Krzysztof Pietrzak,

Aris TentesAuthors Info & Claims

ASIACRYPT'12: Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security

Pages 663 - 680

https://doi.org/10.1007/978-3-642-34961-4_40

Published: 02 December 2012 Publication History

Abstract

We construct a perfectly binding string commitment scheme whose security is based on the learning parity with noise (LPN) assumption, or equivalently, the hardness of decoding random linear codes. Our scheme not only allows for a simple and efficient zero-knowledge proof of knowledge for committed values (essentially a Σ-protocol), but also for such proofs showing any kind of relation amongst committed values, i.e., proving that messages m₀,…,m_u, are such that m₀=C(m₁,…,m_u) for any circuit C.

To get soundness which is exponentially small in a security parameter t, and when the zero-knowledge property relies on the LPN problem with secrets of length ℓ, our 3 round protocol has communication complexity ${\mathcal O}(t|C|\ell\log(\ell))$ and computational complexity of ${\mathcal O}(t|C|\ell)$ bit operations. The hidden constants are small, and the computation consists mostly of computing inner products of bit-vectors.

References

[1]

Applebaum, B., Cash, D., Peikert, C., Sahai, A.: Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 595-618. Springer, Heidelberg (2009)

Digital Library

[2]

Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography with Constant Input Locality. Journal of Cryptology 22(4), 429-469 (2009)

Digital Library

[3]

Asharov, G., Jain, A., López-Alt, A., Tromer, E., Vaikuntanathan, V., Wichs, D.: Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 483-501. Springer, Heidelberg (2012)

Digital Library

[4]

Bellare, M., Goldreich, O.: On Defining Proofs of Knowledge. In: Brickell, E. F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390-420. Springer, Heidelberg (1993)

Digital Library

[5]

Berlekamp, E., McEliece, R., van Tilborg, H.: On the Inherent Intractability of Certain Coding Problems. IEEE Transactions on Information Theory 24(3), 384- 386 (1978)

Digital Library

[6]

Blum, A., Furst, M. L., Kearns, M., Lipton, R. J.: Cryptographic Primitives Based on Hard Learning Problems. In: Stinson, D. R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 278-291. Springer, Heidelberg (1994)

Digital Library

[7]

Blum, A., Kalai, A., Wasserman, H.: Noise-Tolerant Learning, the Parity Problem, and the Statistical Query Model. Journal of the ACM 50(4), 506-519 (2003)

Digital Library

[8]

Boyar, J., Damgård, I., Peralta, R.: Short Non-Interactive Cryptographic Proofs. Journal of Cryptology 13(4), 449-472 (2000)

[9]

Cayrel, P.-L., Lindner, R., Rückert, M., Silva, R.: Improved Zero-Knowledge Identification with Lattices. In: Heng, S.-H., Kurosawa, K. (eds.) ProvSec 2010. LNCS, vol. 6402, pp. 1-17. Springer, Heidelberg (2010)

Digital Library

[10]

Cayrel, P.-L., Véron, P., El Yousfi Alaoui, S. M.: A Zero-Knowledge Identification Scheme Based on the q-ary Syndrome Decoding Problem. In: Biryukov, A., Gong, G., Stinson, D. R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 171-186. Springer, Heidelberg (2011)

Digital Library

[11]

Chen, H., Cramer, R.: Algebraic Geometric Secret Sharing Schemes and Secure Multi-Party Computations over Small Fields. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 521-536. Springer, Heidelberg (2006)

Digital Library

[12]

Cramer, R.: Modular Design of Secure yet Practical Cryptographic Protocols. PhD thesis, CWI and University of Amsterdam (1997)

[13]

Cramer, R., Damgård, I.: Linear Zero-Knowledge - A Note on Efficient Zero-Knowledge Proofs and Arguments. In: Leighton, F. T., Shor, P. W. (eds.) STOC 1997, pp. 436-445. ACM (1997)

Digital Library

[14]

Cramer, R., Damgård, I.: Zero-Knowledge Proofs for Finite Field Arithmetic or: Can Zero-Knowledge Be for Free? In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 424-441. Springer, Heidelberg (1998)

Digital Library

[15]

Cramer, R., Damgård, I.: On the Amortized Complexity of Zero-Knowledge Protocols. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 177-191. Springer, Heidelberg (2009)

Digital Library

[16]

Damgård, I.: On S-Protocols. Lecture on Cryptologic Protocol Theory; Faculty of Science. University of Aarhus (2004)

[17]

Damgård, I., Goldreich, O., Okamoto, T., Wigderson, A.: Honest Verifier vs Dishonest Verifier in Public Coin Zero-Knowledge Proofs. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 325-338. Springer, Heidelberg (1995)

Digital Library

[18]

Gilbert, H., Robshaw, M. J. B., Seurin, Y.: How to Encrypt with the LPN Problem. In: Aceto, L., Damgård, I., Goldberg, L. A., Halldórsson, M. M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 679-690. Springer, Heidelberg (2008)

Digital Library

[19]

Goldreich, O., Micali, S., Wigderson, A.: How to Play Any Mental Game, or A Completeness Theorem for Protocols with Honest Majority. In: Aho, A. V. (ed.) STOC 1987, pp. 218-229. ACM (1987)

Digital Library

[20]

Groth, J., Sahai, A.: Efficient Non-interactive Proof Systems for Bilinear Groups. In: Smart, N. P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415-432. Springer, Heidelberg (2008)

Digital Library

[21]

Hopper, N. J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52-66. Springer, Heidelberg (2001)

Digital Library

[22]

Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: Johnson, D. S., Feige, U. (eds.) STOC 2007, pp. 21-30. ACM (2007)

Digital Library

[23]

Jain, A., Krenn, S., Pietrzak, K., Tentes, A.: Commitments and Efficient Zero-Knowledge Proofs from Hard Learning Problems. Cryptology ePrint Archive, Report 2012/513 (2012), http://eprint.iacr.org/

[24]

Juels, A., Weis, S. A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293-308. Springer, Heidelberg (2005)

Digital Library

[25]

Kalai, Y. T., Raz, R.: Succinct Non-Interactive Zero-Knowledge Proofs with Preprocessing for LOGSNP. In: FOCS 2006, pp. 355-366. IEEE Computer Society (2006)

Digital Library

[26]

Katz, J., Shin, J. S., Smith, A.: Parallel and Concurrent Security of the HB and HB+ Protocols. Journal of Cryptology 23(3), 402-421 (2010)

[27]

Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372-389. Springer, Heidelberg (2008)

Digital Library

[28]

Kearns, M. J.: Efficient Noise-Tolerant Learning from Statistical Queries. Journal of the ACM 45(6), 983-1006 (1998)

Digital Library

[29]

Kilian, J.: A Note on Efficient Zero-Knowledge Proofs and Arguments (Extended Abstract). In: STOC 1992, pp. 723-732 (1992)

Digital Library

[30]

Kilian, J., Micali, S., Ostrovsky, R.: Minimum Resource Zero-Knowledge Proofs (Extended Abstract). In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 545-546. Springer, Heidelberg (1990)

Digital Library

[31]

Kilian, J., Petrank, E.: An Efficient Noninteractive Zero-Knowledge Proof System for NP with General Assumptions. Journal of Cryptology 11(1), 1-27 (1998)

[32]

Kiltz, E., Pietrzak, K., Cash, D., Jain, A., Venturi, D.: Efficient Authentication from Hard Learning Problems. In: Paterson, K. G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 7-26. Springer, Heidelberg (2011)

Digital Library

[33]

Micali, S.: Computationally Sound Proofs. SIAM Journal on Computing 30(4), 1253-1298 (2000)

Digital Library

[34]

Micciancio, D., Mol, P.: Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to-Decision Reductions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 465-484. Springer, Heidelberg (2011)

Digital Library

[35]

Regev, O.: On Lattices, Learning with Errors, Random Linear Codes, and Cryptography. In: STOC 2005, pp. 84-93. ACM (2005)

Digital Library

[36]

Stern, J.: A New Identification Scheme Based on Syndrome Decoding. In: Stinson, D. R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 13-21. Springer, Heidelberg (1994)

Digital Library

[37]

Véron, P.: Improved Identification Schemes Based on Error-Correcting Codes. Applicable Algebra in Engineering, Communication and Computing 8(1), 57-69 (1996)

Cited By

Farzaliyev VPärn CSaarse HWillemson J(2025)Lattice-Based Zero-Knowledge Proofs in Action: Applications to Electronic VotingJournal of Cryptology10.1007/s00145-024-09530-538:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s00145-024-09530-5
Nguyen KSafavi-Naini RSusilo WWang HXu YZeng N(2024)Group encryptionTheoretical Computer Science10.1016/j.tcs.2024.1146781007:COnline publication date: 29-Jul-2024
https://dl.acm.org/doi/10.1016/j.tcs.2024.114678
Gilchrist VMarco LPetit CTang G(2024)Solving the Tensor Isomorphism Problem for Special Orbits with Low Rank Points: Cryptanalysis and Repair of an Asiacrypt 2023 Commitment SchemeAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68376-3_5(141-173)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68376-3_5
Show More Cited By

Commitments and efficient zero-knowledge proofs from learning parity with noise
1. Security and privacy

Recommendations

Efficient Constructions of Composable Commitments and Zero-Knowledge Proofs
CRYPTO 2008: Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Canetti et al. [7] recently proposed a new framework - termed Generalized Universal Composability (GUC) - for properly analyzing concurrent execution of cryptographic protocols in the presence of a global setup, and constructed the first known GUC-...
Efficient zero-knowledge proofs
AFRICACRYPT'11: Proceedings of the 4th international conference on Progress in cryptology in Africa

A zero-knowledge proof is a two-party protocol that enables a prover to convince a verifier of the truth of a statement without revealing anything else. Zero-knowledge proofs are widely used in cryptography to guarantee that parties are acting correctly ...
Efficient Fully Secure Computation via Distributed Zero-Knowledge Proofs
Advances in Cryptology – ASIACRYPT 2020
Abstract
Secure computation protocols enable mutually distrusting parties to compute a function of their private inputs while revealing nothing but the output. Protocols with full security (also known as guaranteed output delivery) in particular protect ...
$_{^{}}$ $\frac{}{}$

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

ASIACRYPT'12: Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security

December 2012

775 pages

ISBN:9783642349607

Editors:
Xiaoyun Wang
Tsinghua University, 30 Shuangqing Road, Beijing, China
,
Kazue Sako
Central Research Laboratories, NEC, 1754 Shimonumabe Nakahara, Kawasaki, Japan

Sponsors

NSF of China: National Natural Science Foundation of China
INTEL: Intel Corporation
Huawei Technologies Co. Ltd.: Huawei Technologies Co. Ltd.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 02 December 2012

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

41
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Farzaliyev VPärn CSaarse HWillemson J(2025)Lattice-Based Zero-Knowledge Proofs in Action: Applications to Electronic VotingJournal of Cryptology10.1007/s00145-024-09530-538:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s00145-024-09530-5
Nguyen KSafavi-Naini RSusilo WWang HXu YZeng N(2024)Group encryptionTheoretical Computer Science10.1016/j.tcs.2024.1146781007:COnline publication date: 29-Jul-2024
https://dl.acm.org/doi/10.1016/j.tcs.2024.114678
Gilchrist VMarco LPetit CTang G(2024)Solving the Tensor Isomorphism Problem for Special Orbits with Low Rank Points: Cryptanalysis and Repair of an Asiacrypt 2023 Commitment SchemeAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68376-3_5(141-173)Online publication date: 18-Aug-2024
https://dl.acm.org/doi/10.1007/978-3-031-68376-3_5
Liu HWang XYang KYu Y(2024)The Hardness of LPN over Any Integer Ring and Field for PCG ApplicationsAdvances in Cryptology – EUROCRYPT 202410.1007/978-3-031-58751-1_6(149-179)Online publication date: 26-May-2024
https://dl.acm.org/doi/10.1007/978-3-031-58751-1_6
Liu XWang L(2024)Short Code-Based One-out-of-Many Proofs and ApplicationsPublic-Key Cryptography – PKC 202410.1007/978-3-031-57722-2_12(370-399)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57722-2_12
Ling SNguyen KPhan DTang KWang HXu Y(2024)Fully Dynamic Attribute-Based Signatures for Circuits from CodesPublic-Key Cryptography – PKC 202410.1007/978-3-031-57718-5_2(37-73)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57718-5_2
Buser MDowsley REsgin MGritti CKasra Kermanshahi SKuchta VLegrow JLiu JPhan RSakzad ASteinfeld RYu J(2023)A Survey on Exotic Signatures for Post-quantum Blockchain: Challenges and Research DirectionsACM Computing Surveys10.1145/357277155:12(1-32)Online publication date: 2-Mar-2023
https://dl.acm.org/doi/10.1145/3572771
Maire JVergnaud D(2023)Commitments with Efficient Zero-Knowledge Arguments from Subset Sum ProblemsComputer Security – ESORICS 202310.1007/978-3-031-50594-2_10(189-208)Online publication date: 25-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-50594-2_10
Dutta PDuong DSusilo WFukushima KKiyomoto S(2022)Zero-Knowledge Range Arguments for Signed Fractional Numbers from LatticesProvable and Practical Security10.1007/978-3-031-20917-8_9(121-136)Online publication date: 11-Nov-2022
https://dl.acm.org/doi/10.1007/978-3-031-20917-8_9
Ebrahimi Evan Wier J(2022)Post-quantum Plaintext-AwarenessPost-Quantum Cryptography10.1007/978-3-031-17234-2_13(260-285)Online publication date: 28-Sep-2022
https://dl.acm.org/doi/10.1007/978-3-031-17234-2_13
Show More Cited By

View Options

View options

Figures

Tables

Media

View Table of Conten