Improved non-interactive zero knowledge with applications to post-quantum signatures

Jonathan Katz; Vladimir Kolesnikov; Xiao Wang

doi:10.1145/3243734.3243805

Improved non-interactive zero knowledge with applications to post-quantum signatures

Jonathan Katz, Vladimir Kolesnikov, Xiao Wang

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

92 Scopus citations

Abstract

Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the “MPC-in-the-head” paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300-100,000 AND gates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with “post-quantum” security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

Original language	English (US)
Title of host publication	CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	525-537
Number of pages	13
ISBN (Electronic)	9781450356930
DOIs	https://doi.org/10.1145/3243734.3243805
State	Published - Oct 15 2018
Event	25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada Duration: Oct 15 2018 → …

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Conference

Conference	25th ACM Conference on Computer and Communications Security, CCS 2018
Country/Territory	Canada
City	Toronto
Period	10/15/18 → …

Keywords

Zero-knowledge proof; Post-quantum signature

ASJC Scopus subject areas

Software
Computer Networks and Communications

Access to Document

10.1145/3243734.3243805

Cite this

Katz, J., Kolesnikov, V., & Wang, X. (2018). Improved non-interactive zero knowledge with applications to post-quantum signatures. In CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 525-537). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3243734.3243805

Katz, Jonathan ; Kolesnikov, Vladimir ; Wang, Xiao. / Improved non-interactive zero knowledge with applications to post-quantum signatures. CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2018. pp. 525-537 (Proceedings of the ACM Conference on Computer and Communications Security).

@inproceedings{d04fb951cb5e4aed904230538e1e3bfb,

title = "Improved non-interactive zero knowledge with applications to post-quantum signatures",

abstract = "Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the “MPC-in-the-head” paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300-100,000 AND gates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with “post-quantum” security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.",

keywords = "Zero-knowledge proof; Post-quantum signature",

author = "Jonathan Katz and Vladimir Kolesnikov and Xiao Wang",

note = "Funding Information: This material is based on work supported by NSF awards #1111599 and #1563722. Work of the second and third authors was done in part while at Bell Labs, and was supported in part by the Office of Naval Research (ONR) under contract number N00014-14-C0113. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes not withstanding any copyright notation thereon. The views, opinions, and/or findings expressed are those of the authors and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government. Publisher Copyright: {\textcopyright} 2018 Copyright held by the owner/author(s).; 25th ACM Conference on Computer and Communications Security, CCS 2018 ; Conference date: 15-10-2018",

year = "2018",

month = oct,

day = "15",

doi = "10.1145/3243734.3243805",

language = "English (US)",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "525--537",

booktitle = "CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security",

}

Katz, J, Kolesnikov, V & Wang, X 2018, Improved non-interactive zero knowledge with applications to post-quantum signatures. in CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 525-537, 25th ACM Conference on Computer and Communications Security, CCS 2018, Toronto, Canada, 10/15/18. https://doi.org/10.1145/3243734.3243805

Improved non-interactive zero knowledge with applications to post-quantum signatures. / Katz, Jonathan; Kolesnikov, Vladimir; Wang, Xiao.

CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2018. p. 525-537 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Improved non-interactive zero knowledge with applications to post-quantum signatures

AU - Katz, Jonathan

AU - Kolesnikov, Vladimir

AU - Wang, Xiao

N1 - Funding Information: This material is based on work supported by NSF awards #1111599 and #1563722. Work of the second and third authors was done in part while at Bell Labs, and was supported in part by the Office of Naval Research (ONR) under contract number N00014-14-C0113. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes not withstanding any copyright notation thereon. The views, opinions, and/or findings expressed are those of the authors and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government. Publisher Copyright: © 2018 Copyright held by the owner/author(s).

PY - 2018/10/15

Y1 - 2018/10/15

N2 - Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the “MPC-in-the-head” paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300-100,000 AND gates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with “post-quantum” security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

AB - Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the “MPC-in-the-head” paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300-100,000 AND gates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with “post-quantum” security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

KW - Zero-knowledge proof; Post-quantum signature

UR - http://www.scopus.com/inward/record.url?scp=85056886844&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85056886844&partnerID=8YFLogxK

U2 - 10.1145/3243734.3243805

DO - 10.1145/3243734.3243805

M3 - Conference contribution

AN - SCOPUS:85056886844

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 525

EP - 537

BT - CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

T2 - 25th ACM Conference on Computer and Communications Security, CCS 2018

Y2 - 15 October 2018

ER -

Katz J, Kolesnikov V, Wang X. Improved non-interactive zero knowledge with applications to post-quantum signatures. In CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. 2018. p. 525-537. (Proceedings of the ACM Conference on Computer and Communications Security). doi: 10.1145/3243734.3243805

Improved non-interactive zero knowledge with applications to post-quantum signatures

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this