**Witness Maps and Applications**

*Suvradip Chakraborty and Manoj Prabhakaran and Daniel Wichs*

**Abstract: **We introduce the notion of Witness Maps as a cryptographic notion of
a proof system. A Unique Witness Map (UWM) deterministically maps all
witnesses for an $\mathbf{NP}$ statement to a single representative witness, resulting
in a computationally sound, deterministic-prover, non-interactive witness
independent proof system. A relaxation of UWM, called Compact Witness Map
(CWM), maps all the witnesses to a small number of witnesses, resulting in a
``lossy'' deterministic-prover, non-interactive proof-system. We also define
a Dual Mode Witness Map (DMWM) which adds an ``extractable'' mode to
a CWM.

\medskip

Our main construction is a DMWM for all $\mathbf{NP}$ relations, assuming sub-exponentially secure indistinguishability obfuscation ($i\mathcal{O}$), along with standard cryptographic assumptions. The DMWM construction relies on a CWM and a new primitive called Cumulative All-Lossy-But-One Trapdoor Functions (C-ALBO-TDF), both of which are in turn instantiated based on $i\mathcal{O}$ and other primitives. Our instantiation of a CWM is in fact a UWM; in turn, we show that a UWM implies Witness Encryption. Along the way to constructing UWM and C-ALBO-TDF, we also construct, from standard assumptions, Puncturable Digital Signatures and a new primitive called Cumulative Lossy Trapdoor Functions (C-LTDF). The former improves up on a construction of Bellare et al. (Eurocrypt 2016), who relied on sub-exponentially secure $i\mathcal{O}$ and sub-exponentially secure OWF.

\medskip

As an application of our constructions, we show how to use a DMWM to construct the first leakage and tamper-resilient signatures with a deterministic signer, thereby solving a decade old open problem posed by Katz and Vaikunthanathan (Asiacrypt 2009), by Boyle, Segev and Wichs (Eurocrypt 2011), as well as by Faonio and Venturi (Asiacrypt 2016). Our construction achieves the optimal leakage rate of $1 - o(1)$.

**Category / Keywords: **Witness Maps, Zero Knowledge, Lossy Trapdoor Functions, Leakage, Tampering, Signatures.

**Original Publication**** (with major differences): **IACR-PKC-2020

**Date: **received 29 Jan 2020, last revised 5 Feb 2020

**Contact author: **suvradip1111 at gmail,danwichs@gmail com,manojmp@gmail com

**Available format(s): **PDF | BibTeX Citation

**Version: **20200205:130030 (All versions of this report)

**Short URL: **ia.cr/2020/090

[ Cryptology ePrint archive ]