Cryptology ePrint Archive: Report 2020/1204

Single-to-Multi-Theorem Transformations for Non-Interactive Statistical Zero-Knowledge

Marc Fischlin and Felix Rohrbach

Abstract: Non-interactive zero-knowledge proofs or arguments allow a prover to show validity of a statement without further interaction. For non-trivial statements such protocols require a setup assumption in form of a common random or reference string (CRS). Generally, the CRS can only be used for one statement (single-theorem zero-knowledge) such that a fresh CRS would need to be generated for each proof. Fortunately, Feige, Lapidot and Shamir (FOCS 1990) presented a transformation for any non-interactive zero-knowledge proof system that allows the CRS to be reused any polynomial number of times (multi-theorem zero-knowledge). This FLS transformation, however, is only known to work for either computational zero-knowledge or requires a structured, non-uniform common reference string.

In this paper we present FLS-like transformations that work for non-interactive statistical zero-knowledge arguments in the common random string model. They allow to go from single-theorem to multi-theorem zero-knowledge and also preserve soundness, for both properties in the adaptive and non-adaptive case. Our first transformation is based on the general assumption that one-way permutations exist, while our second transformation uses lattice-based assumptions. Additionally, we define different possible soundness notions for non-interactive arguments and discuss their relationships.

Category / Keywords: cryptographic protocols / Non-interactive arguments, statistical zero-knowledge, soundness, transformation, one-way permutation, lattices, dual-mode commitments

Date: received 1 Oct 2020

Contact author: marc fischlin at cryptoplexity de, felix rohrbach@cryptoplexity de

Available format(s): PDF | BibTeX Citation

Version: 20201006:093705 (All versions of this report)

Short URL: ia.cr/2020/1204