Interactive locking, zero-knowledge PCPs, and unconditional cryptography

Vipul Goyal; Yuval Ishai; Mohammad Mahmoody; Amit Sahai

doi:10.1007/978-3-642-14623-7_10

Interactive locking, zero-knowledge PCPs, and unconditional cryptography

Vipul Goyal, Yuval Ishai, Mohammad Mahmoody, Amit Sahai

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

38 Scopus citations

Abstract

Motivated by the question of basing cryptographic protocols on stateless tamper-proof hardware tokens, we revisit the question of unconditional two-prover zero-knowledge proofs for NP. We show that such protocols exist in the interactive PCP model of Kalai and Raz (ICALP '08), where one of the provers is replaced by a PCP oracle. This strengthens the feasibility result of Ben-Or, Goldwasser, Kilian, and Wigderson (STOC '88) which requires two stateful provers. In contrast to previous zero-knowledge PCPs of Kilian, Petrank, and Tardos (STOC '97), in our protocol both the prover and the PCP oracle are efficient given an NP witness. Our main technical tool is a new primitive that we call interactive locking, an efficient realization of an unconditionally secure commitment scheme in the interactive PCP model. We implement interactive locking by adapting previous constructions of interactive hashing protocols to our setting, and also provide a direct construction which uses a minimal amount of interaction and improves over our interactive hashing based constructions. Finally, we apply the above results towards showing the feasibility of basing unconditional cryptography on stateless tamper-proof hardware tokens, and obtain the following results. (1) We show that if tokens can be used to encapsulate other tokens, then there exist unconditional and statistically secure (in fact, UC secure) protocols for general secure computation. (2) Even if token encapsulation is not possible, there are unconditional and statistically secure commitment protocols and zero-knowledge proofs for NP. (3) Finally, if token encapsulation is not possible, then no protocol can realize statistically secure oblivious transfer.

Original language	English
Title of host publication	Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings
Pages	173-190
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-642-14623-7_10
State	Published - 2010
Externally published	Yes
Event	30th Annual International Cryptology Conference, CRYPTO 2010 - Santa Barbara, CA, United States Duration: 15 Aug 2010 → 19 Aug 2010

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6223 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	30th Annual International Cryptology Conference, CRYPTO 2010
Country/Territory	United States
City	Santa Barbara, CA
Period	15/08/10 → 19/08/10

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-642-14623-7_10

Cite this

Goyal, V., Ishai, Y., Mahmoody, M., & Sahai, A. (2010). Interactive locking, zero-knowledge PCPs, and unconditional cryptography. In Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings (pp. 173-190). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6223 LNCS). https://doi.org/10.1007/978-3-642-14623-7_10

Goyal, Vipul ; Ishai, Yuval ; Mahmoody, Mohammad et al. / Interactive locking, zero-knowledge PCPs, and unconditional cryptography. Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. 2010. pp. 173-190 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{6e7b8fd184ce492c8a8eccb882f42392,

title = "Interactive locking, zero-knowledge PCPs, and unconditional cryptography",

abstract = "Motivated by the question of basing cryptographic protocols on stateless tamper-proof hardware tokens, we revisit the question of unconditional two-prover zero-knowledge proofs for NP. We show that such protocols exist in the interactive PCP model of Kalai and Raz (ICALP '08), where one of the provers is replaced by a PCP oracle. This strengthens the feasibility result of Ben-Or, Goldwasser, Kilian, and Wigderson (STOC '88) which requires two stateful provers. In contrast to previous zero-knowledge PCPs of Kilian, Petrank, and Tardos (STOC '97), in our protocol both the prover and the PCP oracle are efficient given an NP witness. Our main technical tool is a new primitive that we call interactive locking, an efficient realization of an unconditionally secure commitment scheme in the interactive PCP model. We implement interactive locking by adapting previous constructions of interactive hashing protocols to our setting, and also provide a direct construction which uses a minimal amount of interaction and improves over our interactive hashing based constructions. Finally, we apply the above results towards showing the feasibility of basing unconditional cryptography on stateless tamper-proof hardware tokens, and obtain the following results. (1) We show that if tokens can be used to encapsulate other tokens, then there exist unconditional and statistically secure (in fact, UC secure) protocols for general secure computation. (2) Even if token encapsulation is not possible, there are unconditional and statistically secure commitment protocols and zero-knowledge proofs for NP. (3) Finally, if token encapsulation is not possible, then no protocol can realize statistically secure oblivious transfer.",

author = "Vipul Goyal and Yuval Ishai and Mohammad Mahmoody and Amit Sahai",

year = "2010",

doi = "10.1007/978-3-642-14623-7_10",

language = "אנגלית",

isbn = "3642146228",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "173--190",

booktitle = "Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings",

note = "30th Annual International Cryptology Conference, CRYPTO 2010 ; Conference date: 15-08-2010 Through 19-08-2010",

}

Goyal, V, Ishai, Y, Mahmoody, M & Sahai, A 2010, Interactive locking, zero-knowledge PCPs, and unconditional cryptography. in Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6223 LNCS, pp. 173-190, 30th Annual International Cryptology Conference, CRYPTO 2010, Santa Barbara, CA, United States, 15/08/10. https://doi.org/10.1007/978-3-642-14623-7_10

Interactive locking, zero-knowledge PCPs, and unconditional cryptography. / Goyal, Vipul; Ishai, Yuval; Mahmoody, Mohammad et al.
Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. 2010. p. 173-190 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6223 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Interactive locking, zero-knowledge PCPs, and unconditional cryptography

AU - Goyal, Vipul

AU - Ishai, Yuval

AU - Mahmoody, Mohammad

AU - Sahai, Amit

PY - 2010

Y1 - 2010

N2 - Motivated by the question of basing cryptographic protocols on stateless tamper-proof hardware tokens, we revisit the question of unconditional two-prover zero-knowledge proofs for NP. We show that such protocols exist in the interactive PCP model of Kalai and Raz (ICALP '08), where one of the provers is replaced by a PCP oracle. This strengthens the feasibility result of Ben-Or, Goldwasser, Kilian, and Wigderson (STOC '88) which requires two stateful provers. In contrast to previous zero-knowledge PCPs of Kilian, Petrank, and Tardos (STOC '97), in our protocol both the prover and the PCP oracle are efficient given an NP witness. Our main technical tool is a new primitive that we call interactive locking, an efficient realization of an unconditionally secure commitment scheme in the interactive PCP model. We implement interactive locking by adapting previous constructions of interactive hashing protocols to our setting, and also provide a direct construction which uses a minimal amount of interaction and improves over our interactive hashing based constructions. Finally, we apply the above results towards showing the feasibility of basing unconditional cryptography on stateless tamper-proof hardware tokens, and obtain the following results. (1) We show that if tokens can be used to encapsulate other tokens, then there exist unconditional and statistically secure (in fact, UC secure) protocols for general secure computation. (2) Even if token encapsulation is not possible, there are unconditional and statistically secure commitment protocols and zero-knowledge proofs for NP. (3) Finally, if token encapsulation is not possible, then no protocol can realize statistically secure oblivious transfer.

AB - Motivated by the question of basing cryptographic protocols on stateless tamper-proof hardware tokens, we revisit the question of unconditional two-prover zero-knowledge proofs for NP. We show that such protocols exist in the interactive PCP model of Kalai and Raz (ICALP '08), where one of the provers is replaced by a PCP oracle. This strengthens the feasibility result of Ben-Or, Goldwasser, Kilian, and Wigderson (STOC '88) which requires two stateful provers. In contrast to previous zero-knowledge PCPs of Kilian, Petrank, and Tardos (STOC '97), in our protocol both the prover and the PCP oracle are efficient given an NP witness. Our main technical tool is a new primitive that we call interactive locking, an efficient realization of an unconditionally secure commitment scheme in the interactive PCP model. We implement interactive locking by adapting previous constructions of interactive hashing protocols to our setting, and also provide a direct construction which uses a minimal amount of interaction and improves over our interactive hashing based constructions. Finally, we apply the above results towards showing the feasibility of basing unconditional cryptography on stateless tamper-proof hardware tokens, and obtain the following results. (1) We show that if tokens can be used to encapsulate other tokens, then there exist unconditional and statistically secure (in fact, UC secure) protocols for general secure computation. (2) Even if token encapsulation is not possible, there are unconditional and statistically secure commitment protocols and zero-knowledge proofs for NP. (3) Finally, if token encapsulation is not possible, then no protocol can realize statistically secure oblivious transfer.

UR - http://www.scopus.com/inward/record.url?scp=77957013832&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-14623-7_10

DO - 10.1007/978-3-642-14623-7_10

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:77957013832

SN - 3642146228

SN - 9783642146220

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 173

EP - 190

BT - Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings

T2 - 30th Annual International Cryptology Conference, CRYPTO 2010

Y2 - 15 August 2010 through 19 August 2010

ER -

Goyal V, Ishai Y, Mahmoody M, Sahai A. Interactive locking, zero-knowledge PCPs, and unconditional cryptography. In Advances in Cryptology - CRYPTO 2010 - 30th Annual Cryptology Conference, Proceedings. 2010. p. 173-190. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-14623-7_10

Interactive locking, zero-knowledge PCPs, and unconditional cryptography

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this