Honest-verifier statistical zero-knowledge equals general statistical zero-knowledge

@inproceedings{Goldreich1998HonestverifierSZ,
  title={Honest-verifier statistical zero-knowledge equals general statistical zero-knowledge},
  author={Oded Goldreich and Amit Sahai and Salil P. Vadhan},
  booktitle={STOC '98},
  year={1998}
}
We show how to transform any interactive proof system which is statistical zero-knowledge with respect to the honest-verifier, into a proof system which is statistical zero-knowledgewith respect to any verifier. This is done by limiting the behavior of potentially cheating verifiers, without using computational assumptions or even referring to the complexity of such verifier strategies. (Previous transformations have either relied on computational assumptions or were applicable only to constant… 
Public-Coin Statistical Zero-Knowledge Batch Verification against Malicious Verifiers
TLDR
This work constructs a public-coin maliciousverifier SZK protocol for batch verification of NISZK, and the communication complexity of this protocol is ( k + poly(m) ) · polylog(k,m).
Making Classical Honest Verifier Zero Knowledge Protocols Secure against Quantum Attacks
We show that any problem that has a classical zero-knowledge protocol against the honest verifier also has, under a reasonable condition, a classical zero-knowledge protocol which is secure against
On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs
TLDR
Some classical HVSZK proof systems, like the one for the complete Statistical-Distance problem (Sahai and Vadhan, JACM 2003) admit randomness sparsification with no penalty, and new notions of pseudorandomness against interactive proof systems are introduced.
A complete problem for statistical zero knowledge
TLDR
The first complete problem for SZK, the class of promise problems possessing statistical zero-knowledge proofs (against an honest verifier) is presented, to decide whether two efficiently samplable distributions are either statistically close or far apart.
Batch Verification for Statistical Zero Knowledge Proofs
TLDR
It is shown that, for every problem Π, there exists an honest-verifier SZK protocol for batch verification of k instances, with communication complexity poly(n)+k ·poly(log n, log k), where poly refers to a fixed polynomial that depends only on Π (and not on k).
A study of perfect zero-knowledge proofs
TLDR
It is proved that all the known problems admitting perfect zero-knowledge (PZK) proofs can be characterized as non-interactive instance-dependent commitment schemes, and this result is used to generalize and strengthen previous results, as well as to prove new results about PZK problems.
A Study of Statistical Zero-Knowledge Proofs
TLDR
This thesis is a detailed investigation of statistical zero-knowledge proofs, which are zero- knowledge proofs in which the condition that the verifier “learns nothing” is interpreted in a strong statistical sense.
Non-Interactive Quantum Statistical and Perfect Zero-Knowledge
TLDR
The results may be the first non-trivial quantum zero- knowledge proofs secure even against dishonest quantum verifiers, since the protocols are non-interactive, and thus the zero-knowledge property does not depend on whether the verifier in the protocol is honest or not.
Zero-knowledge against quantum attacks
  • J. Watrous
  • Mathematics, Computer Science
    STOC '06
  • 2006
TLDR
This paper proves that several interactive proof systems are zero-knowledge against general quantum attacks and establishes for the first time that true zero- knowledge is indeed possible in the presence of quantum information and computation.
Certified Everlasting Zero-Knowledge Proof for QMA
TLDR
This work introduces a novel compromise, which is a computational zero-knowledge proof for QMA, but the verifier issues a classical certificate that shows that the verifiers has deleted its quantum information.
...
...

References

SHOWING 1-10 OF 43 REFERENCES
Honest Verifier vs Dishonest Verifier in Public Coin Zero-Knowledge Proofs
TLDR
Two transformations of public-coin/Arthur-Merlin proof systems which are zero-knowledge with respect to the honest verifier are presented, using ordinary hashing functions instead of the interactive hashing protocol which was used by Damgard.
Interactive Hashing can Simplify Zero-Knowledge Protocol Design Without Computational Assumptions (Extended Abstract)
We show that any 3-round protocol (in general, any bounded round protocol) in which the verifier sends only random bits, and which is zero-knowledge against an honest verifier can be transformed into
The (true) complexity of statistical zero knowledge
TLDR
It is shown that given a complexity assumption a much weaker condition suffices to attain statistical zeroknowledge and is able to simplify statistical zero-knowledge and to better characterize, on many counts, the class of languages that possess statisticalzero-knowledge proofs.
On relationships between statistical zero-knowledge proofs
  • T. Okamoto
  • Computer Science, Mathematics
    STOC '96
  • 1996
TLDR
This paper solves several fundamental open problems about statistical zero-knowledge interactive proofs (SZKIPs) and proves that the complement of L has a statisticalzero-knowledge constant (one) round interactive proof against an honest verifier.
Keeping the SZK-Verifier Honest Unconditionally
TLDR
This paper shows that using direct properties of a zero-knowledge protocol itself, one may impose a honest behavior on the verifier (without additional cryptographic tools) when using a non-uniform simulation model of SZK.
Interactive Hashing Simplifies Zero-Knowledge Protocol Design
TLDR
This paper shows how a compiler which transforms protocols proven secure only with respect to the honest verifier into protocols which are secure against any (even cheating) verifier can be constructed based on any one-way permutation using the recent method of interactive hashing.
Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems
In this paper the generality and wide applicability of Zero-knowledge proofs, a notion introduced by Goldwasser, Micali, and Rackoff is demonstrated. These are probabilistic and interactive proofs
Private coins versus public coins in interactive proof systems
TLDR
The probabilistic, nondeterministic, polynomial time Turing machine is defined and shown to be equivalent in power to the interactive proof system and to BPP much as BPP is the Probabilistic analog to P.
The complexity of perfect zero-knowledge
  • L. Fortnow
  • Computer Science, Mathematics
    Adv. Comput. Res.
  • 1989
TLDR
It is shown that knowledge complexity can be used to show that a language is easy to prove and that there are not any perfect zero-knowledge protocols for NP-complete languages unless the polynomial time hierarchy collapses.
Perfect zero-knowledge languages can be recognized in two rounds
  • W. Aiello, J. Håstad
  • Computer Science, Mathematics
    28th Annual Symposium on Foundations of Computer Science (sfcs 1987)
  • 1987
TLDR
It is proved that if L admits a zeroknowledge proof then L can also be recognized by a two round interactive proof, and study complexity theoretic implications of a language having this property.
...
...