On zero-knowledge proofs: "From membership to decision" (extended abstract)

Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

"Zero-knowledge proofs of membership" are methods for proving that a string x is in a language L without revealing any additional information. This is a fundamental notion that has proven to be useful and applicable in many settings. Two main variants have been considered in the literature. The first, "zero-knowledge proofs of decision power", consists of methods for proving the knowledge of whether a string x is in a language L or not without revealing any additional information. The second, "result- indistinguishable zero-knowledge proofs of decision", consists of methods for transfering whether a string x is in a language L or not without revealing any additional information. Due to the quite stringent definitions of these two variants, it seemed that the class of languages having zero-knowledge proofs of membership was not as large as any of the classes of languages having zero-knowledge protocols in these two models. In this paper we give strong indications that this may not be the case. Our main result is that any language having what we call "meet-the challenge" game as a perfect (statistical) zk proof of membership, has also such a perfect (statistical) zk proof in the two "decision proof" models. This can be extended to prove, among other things, that honest-verifier statistical zk proof of membership for a language implies a honest-verifier statistical zk protocol in the two "decision" models. Technically, we introduce new protocol techniques, such as "language-based coin flipping protocols" that may have other applications.

Original languageEnglish
Title of host publicationProceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000
Pages255-264
Number of pages10
DOIs
Publication statusPublished - Dec 1 2000
Event32nd Annual ACM Symposium on Theory of Computing, STOC 2000 - Portland, OR, United States
Duration: May 21 2000May 23 2000

Publication series

NameProceedings of the Annual ACM Symposium on Theory of Computing
ISSN (Print)0737-8017

Other

Other32nd Annual ACM Symposium on Theory of Computing, STOC 2000
CountryUnited States
CityPortland, OR
Period5/21/005/23/00

All Science Journal Classification (ASJC) codes

  • Software

Cite this

Di Crescenzo, G., Sakurai, K., & Yung, M. (2000). On zero-knowledge proofs: "From membership to decision" (extended abstract). In Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000 (pp. 255-264). (Proceedings of the Annual ACM Symposium on Theory of Computing). https://doi.org/10.1145/335305.335336

On zero-knowledge proofs : "From membership to decision" (extended abstract). / Di Crescenzo, Giovanni; Sakurai, Kouichi; Yung, Moti.

Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000. 2000. p. 255-264 (Proceedings of the Annual ACM Symposium on Theory of Computing).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Di Crescenzo, G, Sakurai, K & Yung, M 2000, On zero-knowledge proofs: "From membership to decision" (extended abstract). in Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000. Proceedings of the Annual ACM Symposium on Theory of Computing, pp. 255-264, 32nd Annual ACM Symposium on Theory of Computing, STOC 2000, Portland, OR, United States, 5/21/00. https://doi.org/10.1145/335305.335336
Di Crescenzo G, Sakurai K, Yung M. On zero-knowledge proofs: "From membership to decision" (extended abstract). In Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000. 2000. p. 255-264. (Proceedings of the Annual ACM Symposium on Theory of Computing). https://doi.org/10.1145/335305.335336
Di Crescenzo, Giovanni ; Sakurai, Kouichi ; Yung, Moti. / On zero-knowledge proofs : "From membership to decision" (extended abstract). Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000. 2000. pp. 255-264 (Proceedings of the Annual ACM Symposium on Theory of Computing).
@inproceedings{3d7a70d56d804f4fb9146b91e1cad9fa,
title = "On zero-knowledge proofs: {"}From membership to decision{"} (extended abstract)",
abstract = "{"}Zero-knowledge proofs of membership{"} are methods for proving that a string x is in a language L without revealing any additional information. This is a fundamental notion that has proven to be useful and applicable in many settings. Two main variants have been considered in the literature. The first, {"}zero-knowledge proofs of decision power{"}, consists of methods for proving the knowledge of whether a string x is in a language L or not without revealing any additional information. The second, {"}result- indistinguishable zero-knowledge proofs of decision{"}, consists of methods for transfering whether a string x is in a language L or not without revealing any additional information. Due to the quite stringent definitions of these two variants, it seemed that the class of languages having zero-knowledge proofs of membership was not as large as any of the classes of languages having zero-knowledge protocols in these two models. In this paper we give strong indications that this may not be the case. Our main result is that any language having what we call {"}meet-the challenge{"} game as a perfect (statistical) zk proof of membership, has also such a perfect (statistical) zk proof in the two {"}decision proof{"} models. This can be extended to prove, among other things, that honest-verifier statistical zk proof of membership for a language implies a honest-verifier statistical zk protocol in the two {"}decision{"} models. Technically, we introduce new protocol techniques, such as {"}language-based coin flipping protocols{"} that may have other applications.",
author = "{Di Crescenzo}, Giovanni and Kouichi Sakurai and Moti Yung",
year = "2000",
month = "12",
day = "1",
doi = "10.1145/335305.335336",
language = "English",
isbn = "1581131844",
series = "Proceedings of the Annual ACM Symposium on Theory of Computing",
pages = "255--264",
booktitle = "Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000",

}

TY - GEN

T1 - On zero-knowledge proofs

T2 - "From membership to decision" (extended abstract)

AU - Di Crescenzo, Giovanni

AU - Sakurai, Kouichi

AU - Yung, Moti

PY - 2000/12/1

Y1 - 2000/12/1

N2 - "Zero-knowledge proofs of membership" are methods for proving that a string x is in a language L without revealing any additional information. This is a fundamental notion that has proven to be useful and applicable in many settings. Two main variants have been considered in the literature. The first, "zero-knowledge proofs of decision power", consists of methods for proving the knowledge of whether a string x is in a language L or not without revealing any additional information. The second, "result- indistinguishable zero-knowledge proofs of decision", consists of methods for transfering whether a string x is in a language L or not without revealing any additional information. Due to the quite stringent definitions of these two variants, it seemed that the class of languages having zero-knowledge proofs of membership was not as large as any of the classes of languages having zero-knowledge protocols in these two models. In this paper we give strong indications that this may not be the case. Our main result is that any language having what we call "meet-the challenge" game as a perfect (statistical) zk proof of membership, has also such a perfect (statistical) zk proof in the two "decision proof" models. This can be extended to prove, among other things, that honest-verifier statistical zk proof of membership for a language implies a honest-verifier statistical zk protocol in the two "decision" models. Technically, we introduce new protocol techniques, such as "language-based coin flipping protocols" that may have other applications.

AB - "Zero-knowledge proofs of membership" are methods for proving that a string x is in a language L without revealing any additional information. This is a fundamental notion that has proven to be useful and applicable in many settings. Two main variants have been considered in the literature. The first, "zero-knowledge proofs of decision power", consists of methods for proving the knowledge of whether a string x is in a language L or not without revealing any additional information. The second, "result- indistinguishable zero-knowledge proofs of decision", consists of methods for transfering whether a string x is in a language L or not without revealing any additional information. Due to the quite stringent definitions of these two variants, it seemed that the class of languages having zero-knowledge proofs of membership was not as large as any of the classes of languages having zero-knowledge protocols in these two models. In this paper we give strong indications that this may not be the case. Our main result is that any language having what we call "meet-the challenge" game as a perfect (statistical) zk proof of membership, has also such a perfect (statistical) zk proof in the two "decision proof" models. This can be extended to prove, among other things, that honest-verifier statistical zk proof of membership for a language implies a honest-verifier statistical zk protocol in the two "decision" models. Technically, we introduce new protocol techniques, such as "language-based coin flipping protocols" that may have other applications.

UR - http://www.scopus.com/inward/record.url?scp=0033701729&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0033701729&partnerID=8YFLogxK

U2 - 10.1145/335305.335336

DO - 10.1145/335305.335336

M3 - Conference contribution

AN - SCOPUS:0033701729

SN - 1581131844

SN - 9781581131840

T3 - Proceedings of the Annual ACM Symposium on Theory of Computing

SP - 255

EP - 264

BT - Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, STOC 2000

ER -