Paper 2019/1464

New Techniques for Zero-Knowledge: Leveraging Inefficient Provers to Reduce Assumptions and Interaction

Marshall Ball, Dana Dachman-Soled, and Mukul Kulkarni

Abstract

We present a transformation from NIZK with inefficient provers in the uniform random string (URS) model to ZAPs (two message witness indistinguishable proofs) with inefficient provers. While such a transformation was known for the case where the prover is efficient, the security proof breaks down if the prover is inefficient. Our transformation is obtained via new applications of Nisan-Wigderson designs, a combinatorial object originally introduced in the derandomization literature. We observe that our transformation is applicable both in the setting of super-polynomial provers/poly-time adversaries, as well as a new fine-grained setting, where the prover is polynomial time and the verifier/simulator/zero knowledge distinguisher are in a lower complexity class, such as $$. We also present $$-fine-grained NIZK in the URS model for all of $$ from the worst-case assumption $$. Our techniques yield the following applications: 1. ZAPs for $$ from Minicrypt assumptions (with super-polynomial time provers), 2. $$-fine-grained ZAPs for $$ from worst-case assumptions, 3. Protocols achieving an "offline'' notion of NIZK (oNIZK) in the standard (no-CRS) model with uniform soundness in both the super-polynomial setting (from Minicrypt assumptions) and the $$-fine-grained setting (from worst-case assumptions). The oNIZK notion is sufficient for use in indistinguishability-based proofs.