TY - GEN
T1 - Private coins versus public coins in zero-knowledge proof systems
AU - Pass, Rafael
AU - Venkitasubramaniam, Muthuramakrishnan
PY - 2010
Y1 - 2010
N2 - Goldreich-Krawczyk (Siam J of Comp'96) showed that only languages in BPP have constant-round public-coin black-box zero-know-ledge protocols. We extend their lower bound to "fully black-box" private-coin protocols based on one-way functions. More precisely, we show that only languages in BPP Sam -where Sam is a "collision-finding" oracle in analogy with Simon (Eurocrypt'98) and Haitner et. al (FOCS'07)-can have constant-round fully black-box zero-knowledge proofs; the same holds for constant-round fully black-box zero-knowledge arguments with sublinear verifier communication complexity. We also establish near-linear lower bounds on the round complexity of fully black-box concurrent zero-knowledge proofs (or arguments with sublinear verifier communication) for languages outside BPPSam. The technique used to establish these results is a transformation from private-coin protocols into Sam-relativized public-coin protocols; for the case of fully black-box protocols based on one-way functions, this transformation preserves zero knowledge, round complexity and communication complexity.
AB - Goldreich-Krawczyk (Siam J of Comp'96) showed that only languages in BPP have constant-round public-coin black-box zero-know-ledge protocols. We extend their lower bound to "fully black-box" private-coin protocols based on one-way functions. More precisely, we show that only languages in BPP Sam -where Sam is a "collision-finding" oracle in analogy with Simon (Eurocrypt'98) and Haitner et. al (FOCS'07)-can have constant-round fully black-box zero-knowledge proofs; the same holds for constant-round fully black-box zero-knowledge arguments with sublinear verifier communication complexity. We also establish near-linear lower bounds on the round complexity of fully black-box concurrent zero-knowledge proofs (or arguments with sublinear verifier communication) for languages outside BPPSam. The technique used to establish these results is a transformation from private-coin protocols into Sam-relativized public-coin protocols; for the case of fully black-box protocols based on one-way functions, this transformation preserves zero knowledge, round complexity and communication complexity.
UR - http://www.scopus.com/inward/record.url?scp=77949644021&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-11799-2_35
DO - 10.1007/978-3-642-11799-2_35
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:77949644021
SN - 3642117988
SN - 9783642117985
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 588
EP - 605
BT - Theory of Cryptography - 7th Theory of Cryptography Conference, TCC 2010, Proceedings
T2 - 7th Theory of Cryptography Conference, TCC 2010
Y2 - 9 February 2010 through 11 February 2010
ER -