Cryptology ePrint Archive: Report 2019/808

2-Message Publicly Verifiable WI from (Subexponential) LWE

Alex Lombardi and Vinod Vaikuntanathan and Daniel Wichs

Abstract: We construct a 2-message publicly verifiable witness indistinguishable argument system for NP assuming that the Learning with Errors (LWE) problem is subexponentially hard. Moreover, the protocol is ``delayed input''; that is, the verifier message in this protocol does not depend on the instance. This means that a single verifier message can be reused many times.

We construct two variants of this argument system: one variant is adaptively sound, while the other is public-coin (but only non-adaptively sound).

We obtain our result via a generic transformation showing that the correlation intractable hash families constructed by Canetti et al. (STOC 2019) and Peikert and Shiehian (CRYPTO 2019) suffice to construct such 2-message WI arguments when combined with an appropriately chosen ``trapdoor Sigma-protocol.'' Our construction can be seen as an adaptation of the Dwork-Naor ``reverse randomization'' paradigm (FOCS '00) for constructing ZAPs to the setting of computational soundness rather than statistical soundness. Our adaptation of the Dwork-Naor transformation crucially relies on complexity leveraging to prove that soundness is preserved.

Category / Keywords:

Date: received 11 Jul 2019

Contact author: alexjl at mit edu

Available format(s): PDF | BibTeX Citation

Version: 20190714:155429 (All versions of this report)

Short URL: ia.cr/2019/808


[ Cryptology ePrint archive ]