Helger Lipmaa's publications

On QA-NIZK in the BPK model

Behzad Abdolmaleki, Helger Lipmaa, Janno Siim and Michal Zajac. On QA-NIZK in the BPK model. In Aggelos Kiayias, Markulf Kohlweiss, Petros Wallden and Vassilis Zikas, editors, PKC 2020 (1), volume 12110 of Lecture Notes in Computer Science, pages 590--620, Edinburgh, UK, May 4--7, 2020. Springer, Cham.

File: [.pdf (700 KB)] pdf recommended.

Abstract:

While the CRS model is widely accepted for the construction of non-interactive zero-knowledge (NIZK) proofs, from the practical viewpoint, the crucial question is to minimize the trust needed from the creators of the CRS. Recently, Bellare mph{et al.} defined subversion-resistance (security in the case the CRS creator may be malicious) for NIZK. In particular, a Sub-ZK NIZK is zero-knowledge, even in the case of subverted CRS. We propose new definitions for Sub-ZK Quasi-Adaptive NIZKs (QA-NIZKs), where the CRS can depend on the language parameter. First, we observe that subversion zero-knowledge (Sub-ZK) in the CRS model corresponds to no-auxiliary-string non-black-box NIZK in the Bare Public Key (BPK) model. Due to well-known impossibility results, this observation provides a simple proof that the use of non-black-box techniques is needed to obtain Sub-ZK. Second, we give a precise definition of Sub-ZK QA-NIZKs that are sound if the language parameter (but not the CRS) is subverted and zero-knowledge even if both are subverted. Third, we prove that the most efficient known QA-NIZK for linear subspaces by Kiltz and Wee (after possibly adding some new elements to its public key) is no-auxiliary-string non-black-box zero-knowledge in the BPK model under a novel knowledge assumption that by itself is secure in (a weaker version of) the algebraic group model..

Keywords: Bare public key model, no-auxiliary-string zero knowledge, non-black-box zero knowledge, QA-NIZK, subversion-security.


Authors:

Page by Helger Lipmaa. Send your inqueries to <helger.lipmaa><at>gmail.com.