Non-Malleable Zero-Knowledge Arguments with Lower Round Complexity

Abstract

Abstract Round complexity is one of the fundamental problems in zero-knowledge (ZK) proof systems. Non-malleable zero-knowledge (NMZK) protocols are ZK protocols that provide security even when man-in-the-middle adversaries interact with a prover and a verifier simultaneously. It is known that the first constant-round public-coin NMZK arguments for NP can be constructed by assuming the existence of collision-resistant hash functions (Pass, R. and Rosen, A. (2005) New and Improved Constructions of Non-Malleable Cryptographic Protocols. In Gabow, H.N. and Fagin, R. (eds) Proc. 37th Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, May 2224, 2005, pp. 533542. ACM) and has relatively high round complexity; the first four-round private-coin NMZK arguments for NP can be constructed in the plain model by assuming the existence of one-way functions (Goyal, V., Richelson, S., Rosen, A. and Vald, M. (2014) An Algebraic Approach to Non-Malleability. In 55th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2014, Philadelphia, PA, USA, October 1821, 2014, pp. 4150. IEEE Computer Society and Ciampi, M., Ostrovsky, R., Siniscalchi, L. and Visconti, I. (2017) Delayed-Input Non-Malleable Zero Knowledge and Multi-Party Coin Tossing in Four Rounds. In Kalai, Y. and Reyzin, L. (eds) Theory of Cryptography15th Int. Conf., TCC 2017. Lecture Notes in Computer Science, Baltimore, MD, USA, November 1215, 2017, Part I, Vol. 10677, pp. 711742. Springer). In this paper, we present a six-round public-coin NMZK argument of knowledge system assuming the existence of collision-resistant hash functions and a three-round private-coin NMZK argument system from multi-collision resistance of hash functions assumption in the keyless setting.