Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems

@article{Goldreich1991ProofsTY,
  title={Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems},
  author={Oded Goldreich and Silvio Micali and Avi Wigderson},
  journal={J. ACM},
  year={1991},
  volume={38},
  pages={691-729}
}
In this paper the generality and wide applicability of Zero-knowledge proofs, a notion introduced by Goldwasser, Micali, and Rackoff is demonstrated. These are probabilistic and interactive proofs that, for the members of a language, efficiently demonstrate membership in the language without conveying any additional knowledge. All previously known zero-knowledge proofs were only for number-theoretic languages in NP fl CONP. Under the assumption that secure encryption functions exist or by using… 
View on ACM
softlab.ece.ntua.gr
1,413 Citations
Highly Influential Citations
88
Background Citations
518
Methods Citations
172
Results Citations
28

1,413 Citations

Citation Type

Citation Type

Necessary and Sufficient Assumptions for Non-iterative Zero-Knowledge Proofs of Knowledge for All NP Relations
TLDR
It is shown that assuming the hardness of factoring Blum integers is sufficient for such constructions of non-interactive zero-knowledge proofs of knowledge, namely, methods for writing a proof that on input x the prover knows y such that relation R(x, y) holds.
Deterministic-Prover Zero-Knowledge Proofs
TLDR
This paper proves the existence of deterministicprover auxiliary-input honest-verifier zero-knowledge for any NP language, under standard assumptions, and sheds light on the necessity of randomness in zero knowledge in settings where either the verifier is honest or there is no auxiliary input.
On the communication complexity of zero-knowledge proofs
TLDR
This paper studies the concrete complexity of the known general methods for constructing zero-knowledge proofs, and establishes that circuit-based methods, which can be applied in either the GMR or the BCC model, have the potential of producing proofs which could be used in practice.
Efficient Perfectly Sound One-message Zero-Knowledge Proofs via Oracle-aided Simulation
  • V. Iovino
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2019
TLDR
New efficient one-message proof systems for several practical applications are put forth, like proving that an El Gamal ciphertext decrypts to a given value and correctness of a shuffle and a perfectly sound non-interactive ZAP, WH and HZK proof system for NP relations from number-theoretic assumptions over multiplicative groups of hidden order.
Practical zero-knowledge protocols based on the discrete logarithm assumption
TLDR
This work constructs zero-knowledge arguments with sublinear communication complexity, and achievable computational demands, and constructs new protocols which compare very favorably to the current state of the art.
A uniform-complexity treatment of encryption and zero-knowledge
TLDR
It is shown that uniform variants of the two definitions of security, presented in the pioneering work of Goldwasser and Micali, are in fact equivalent, and how to construct such zero-knowledge proof systems for every language inNP, using only a uniform complexity assumption.
Zero Knowledge Proofs for Exact Cover and 0-1 Knapsack
  • Lizhi Du
  • Computer Science, Mathematics
  • 2012
TLDR
This paper designs ZKPs for those two NP problems: exact cover and 0-1 knapsack and designs a ZKP for Graph Three-colorability.
A study of perfect zero-knowledge proofs
TLDR
It is proved that all the known problems admitting perfect zero-knowledge (PZK) proofs can be characterized as non-interactive instance-dependent commitment schemes, and this result is used to generalize and strengthen previous results, as well as to prove new results about PZK problems.
Zero Knowledge Proofs Theory and Applications
TLDR
The theory underlying Zero Knowledge Proofs is surveyed, developing the idea of interactive proving protocols, which will then be formalized first in Interactive Proofs and then in more complex knowledge withholding schemes, such as Perfect and Computational Zero knowledge Proofs.
A Study of Statistical Zero-Knowledge Proofs
TLDR
This thesis is a detailed investigation of statistical zero-knowledge proofs, which are zero- knowledge proofs in which the condition that the verifier “learns nothing” is interpreted in a strong statistical sense.
...
...

References

SHOWING 1-10 OF 140 REFERENCES
Proofs that yield nothing but their validity and a methodology of cryptographic protocol design
TLDR
This paper demonstrates the generality and wide applicability of zero-knowledge proofs, a notion introduced by Goldwasser, Micali and Rackoff that efficiently demonstrate membership in the language without conveying any additional knowledge.
Perfect zero-knowledge languages can be recognized in two rounds
  • W. Aiello, J. Håstad
  • Computer Science, Mathematics
    28th Annual Symposium on Foundations of Computer Science (sfcs 1987)
  • 1987
TLDR
It is proved that if L admits a zeroknowledge proof then L can also be recognized by a two round interactive proof, and study complexity theoretic implications of a language having this property.
Perfect zero-knowledge in constant rounds
TLDR
This paper shows that any random self-reducible language has a 5 round perfect zero knowledge interactive proof, and shows that a language outside BPP requires more than 3 rounds from any perfect ZK proof.
Everything in NP can be Argued in Perfect Zero-Knowledge in a Bounded Number of Rounds
TLDR
This paper gives the first perfect zero-knowledge protocol that offers arbitrarily high security for any statement in NP with a constant number of rounds (under the assumption that it is infeasible to compute discrete logarithms modulo p even for someone who knows the factors of p−1, or more generally under the assumptions that one-way group homomorphisms exist).
Private coins versus public coins in interactive proof systems
TLDR
The probabilistic, nondeterministic, polynomial time Turing machine is defined and shown to be equivalent in power to the interactive proof system and to BPP much as BPP is the Probabilistic analog to P.
Everything Provable is Provable in Zero-Knowledge
TLDR
It is shown that every language that admits an interactive proof admits a (computational) zero-knowledge interactive proof.
On the cunning power of cheating verifiers: Some observations about zero knowledge proofs
  • Yair Oren
  • Computer Science, Mathematics
    28th Annual Symposium on Foundations of Computer Science (sfcs 1987)
  • 1987
TLDR
It is shown that randomness of both the verifier and the prover, and nontriviality of the interaction are essential properties of non-trivial auxiliary-input zero-knowledge proofs.
The complexity of perfect zero-knowledge
  • L. Fortnow
  • Computer Science, Mathematics
    Adv. Comput. Res.
  • 1989
TLDR
It is shown that knowledge complexity can be used to show that a language is easy to prove and that there are not any perfect zero-knowledge protocols for NP-complete languages unless the polynomial time hierarchy collapses.
Non-transitive transfer of confidence: A perfect zero-knowledge interactive protocol for SAT and beyond
  • G. Brassard, C. Crépeau
  • Computer Science, Mathematics
    27th Annual Symposium on Foundations of Computer Science (sfcs 1986)
  • 1986
A perfect zero-knowledge interactive proof is a protocol by which Alice can convince Bob of the truth of some theorem in a way that yields no information as to how the proof might proceed (in the
Zero-Knowledge Simulation of Boolean Circuits
A zero-knowledge interactive proof is a protocol by which Alice can convince a polynomially-bounded Bob of the truth of some theorem without giving him any hint as to how the proof might proceed.
...
...