Abstract
We consider complexity of perfect zero-knowledge arguments [4]. Let T denote the time needed to (deterministically) check a proof and let L denote an appropriate security parameter. We introduce new techniques for implementing very efficient zero-knowledge arguments. The resulting argument has the following features:
-
The arguer can, if provided with the proof that can be deterministically checked in O(T) time, run in time O(TL O(1)). The best previous bound was O(T 1+ε L O(1)).
-
The protocol can be simulated in time O(L O(1)). The best previous bound was O(T 1+ε L O(1)).
-
A communication complexity of O(L lg L), where L is the security parameter against the prover. The best previous known bound was O(L lg T).
This can be based on fairly general algebraic assumptions, such as the hardness of discrete logarithms.
Aside from the quantitative improvements, our results become qualitatively different when considering arguers that can run for some super-polynomial but bounded amount of time. In this scenario, we give the first arguments zero-knowledge arguments and the first “constructive” arguments in which the complexity of arguing a proof is tightly bounded by the complexity of verifying the proof.
We obtain our results by a hybrid construction that combines the best features of different PCPs. This allows us to obtain better bounds than the previous technique, which only used a single PCP. In our proof of soundness we exploit the error correction capabilities as well as the soundness of the known PCPs.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
S. Arora and S. Safra. Probabilistic Checking of Proofs, Proceedings of STOC 1992.
S. Arora and T. Leighton and B. Maggs. On-line algorithms for path selection in a nonblocking network. Proceedings of STOC 1990, pp. 149–158
S. Arora, C. Lund, R. Motwani, M. Sudan and M. Szegedy. Proof Verification and Hardness of Approximation Problems, Proceedings of STOC 1992.
G. Brassard, D. Chaum, and C. Crépeau. Minimum Disclosure Proofs of Knowledge, J. Comput. System Sci. 37 (1988), 156–189.
L. Babai, L. Fortnow, and C. Lund. Non-Deterministic Exponential Time has Two-Prover Interactive Proofs, Proceedings of FOCS 1990
L. Babai, L. Fortnow, L. Levin and M. Szegedy. Checking computation in polylogarithmic time. Proceedings of STOC 1991.
M. Bellare, S. Goldwasser, C. Lund, A. Russell, “Efficient probabilistic checkable proofs and applications to approximation,” Proc. 25th STOC, 1993, pp. 294–304.
M. Bellare, P. Rogaway. Random Oracles are Practical: A paradigm for Designing Efficient Protocols, Proc. First ACM Conference on Computer and Communications Security, ACM, November 1993.
I. Damgård, Non-interactive Circuit Based Proofs and Non-Interactive Perfect Zero-Knowledge with Preprocessing, Advances in Cryptology — EUROCRYPT 92, pp. 341–355.
C. Dwork, U. Feige, J. Kilian, M. Naor and S. Safra. Low communication 2-Prover Zero-Knowledge Proofs for NP. Advances in Cryptology — Crypto’ 92, pp. 215–227.
U. Feige, A. Fiat and A. Shamir. Zero knowledge proofs of identity, Proceedings of 19nd Annual Symposium on the Theory of Computation, 1987, pp. 210–217.
U. Feige, S. Goldwasser, L. Lovasz, M. Safra and M. Szegedy. Approximating Clique is Almost NP-Complete, Proceedings of 32nd Annual Symposium on Foundations of Computer Science, 1991, pp. 2–12.
U. Feige, D. Lapidot and A. Shamir. Multiple Non-Interactive Zero-Knowledge Proofs Based on a Single Random String, Proceedings of the 22th Annual Symposium on the Theory of Computation, 1990, pp. 308–317
C. Bennett. personal communication via Gilles Brassard.
M. Ben-Or, S. Goldwasser, J. Kilian, and A. Wigderson. Multi-Prover Interactive Proofs: How to Remove Intractability, Proceedings of STOC 1988.
De Santis, A., S. Micali and G. Persiano, “Bounded-Interaction Zero-Knowledge proofs,” Advances in Cryptology — Crypto’ 88
U. Feige, S. Goldwasser, L. Lovász, S. Safra and M. Szegedy. Approximating clique is almost NP-Complete. Proceedings of FOCS 1991, pp. 2–12.
L. Fortnow, J. Rompel, and M. Sipser. On the Power of Multi-Prover Interactive Protocols, Proceedings of Structure 1988.
A. Fiat and A. Shamir. How to Prove Yourself: Practical Solution to Identification and Signature Problems. Advances in Cryptology — Crypto’ 86, pp. 186–189.
S. Goldwasser, S. Micali, and C. Rackoff. The Knowledge Complexity of Interactive Proof Systems, SIAM J. Comput. 18 (1989), 186–208.
J. Kilian. A note on efficient zero-knowledge proofs and arguments, Proceedings of STOC 1992.
J. Kilian On the complexity of bounded interaction and noninteractive proofs. Proceedings of FOCS 1994.
C. Lund, L. Fortnow, H. Karloff, and N. Nisan. The polynomial-time hierarchy has interactive proofs, Proceedings of STOC 1990, pp. 2–10.
R. Merkle. A Certified Digital Signature. Proceedings of Crypto’ 89, pp. 218–238.
S. Micali. Computationally Sound Proofs, Proceedings of FOCS 1994.
M. Naor, R. Ostrovsky, R. Venkatesan and M. Yung. Perfect Zero-Knowledge Arguments for N P can be Based on General Complexity Assumptions. Advances in Cryptology — Crypto’ 92, pp. 196–214.
A. Polishchuk and D. Spielman. Nearly-linear Size Holographic Proofs. Proceedings of STOC 1994.
S. Rudich, Personal communication via Gilles Brassard.
A. Shamir. IP = PSPACE, Proceedings of FOCS 1990, IEEE.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kilian, J. (1995). Improved Efficient Arguments. In: Coppersmith, D. (eds) Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, vol 963. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44750-4_25
Download citation
DOI: https://doi.org/10.1007/3-540-44750-4_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-60221-7
Online ISBN: 978-3-540-44750-4
eBook Packages: Springer Book Archive