Paper 2008/541
Resettably-Sound Resettable Zero Knowledge Arguments for NP
Yi Deng
Abstract
We construct resettably-sound resettable zero knowledge arguments for NP based on standard hardness assumption (the existence of claw-free permutations) in the plain model. This proves the simultaneous resettability conjecture posed by Barak et al. in [FOCS 2001]. \setlength{\parindent}{2em} Our construction, inspired by the paradigm for designing concurrent zero knowledge protocols, makes crucial use of a tool called instance-dependent resettably-sound resettable WI argument of knowledge (\textsf{IDWIAOK} (and a special-purpose variant), introduced recently by Deng and Lin in [Eurocrypt 2007]).Roughly speaking, for a NP statement of the form $x_0\vee x_1$,\textsf{IDWIAOK} is an argument for which resettable WI property holds when both $x_0$ and $x_1$ are YES instances, and resettably-sound argument of knowledge property holds when $x_0$ is a NO instance. The heart of the simulator for our protocol is a new technique that allows us to embed the (non-black-box) straight-line simulation strategy in the (black-box) recursive rewinding simulation strategy.
Note: We just add the analysis of the running time of our simulator in appendix F into the previous version. The content in previous version remains unchanged.
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- zero knowledgesimultaneous resettabilityinstance-dependent primitive
- Contact author(s)
- ydeng cas @ gmail com
- History
- 2009-02-19: last of 2 revisions
- 2008-12-28: received
- See all versions
- Short URL
- https://ia.cr/2008/541
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2008/541,
author = {Yi Deng},
title = {Resettably-Sound Resettable Zero Knowledge Arguments for NP},
howpublished = {Cryptology ePrint Archive, Paper 2008/541},
year = {2008},
note = {\url{https://eprint.iacr.org/2008/541}},
url = {https://eprint.iacr.org/2008/541}
}
