Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces.

Saved in:
Bibliographic Details
Title: Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces.
Authors: Jutla, Charanjit1 csjutla@us.ibm.com, Roy, Arnab2 aroy@us.fujitsu.com
Source: Journal of Cryptology. Oct2017, Vol. 30 Issue 4, p1116-1156. 41p.
Subjects: Zero-knowledge proofs, Linear equations, Encryption protocols, Security management, Statistics
Abstract: We define a novel notion of quasi-adaptive non-interactive zero-knowledge (NIZK) proofs for probability distributions on parameterized languages. It is quasi-adaptive in the sense that the common reference string (CRS) generator can generate the CRS depending on the language parameters. However, the simulation is required to be uniform, i.e., a single efficient simulator should work for the whole class of parameterized languages. For distributions on languages that are linear subspaces of vector spaces over bilinear groups, we give computationally sound quasi-adaptive NIZKs that are shorter and more efficient than Groth-Sahai NIZKs. For many cryptographic applications quasi-adaptive NIZKs suffice and our constructions can lead to significant efficiency improvements in the standard model. Our construction can be based on any k-linear assumption, and in particular under the eXternal Diffie Hellman (XDH) assumption our proofs are even competitive with Random Oracle-based $$\Sigma $$ -protocol NIZK proofs. We also show that our system can be extended to include integer tags in the defining linear equations, where the tags are provided adaptively by the adversary. This leads to applicability of our system to many applications that use tags, e.g., applications using Cramer-Shoup projective hash proofs. Our techniques also lead to the shortest known (ciphertext) fully secure identity-based encryption scheme under standard static assumptions. Further, we also get a short publicly verifiable CCA2-secure IBE scheme. [ABSTRACT FROM AUTHOR]
Copyright of Journal of Cryptology is the property of Springer Nature and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Description
Abstract:We define a novel notion of quasi-adaptive non-interactive zero-knowledge (NIZK) proofs for probability distributions on parameterized languages. It is quasi-adaptive in the sense that the common reference string (CRS) generator can generate the CRS depending on the language parameters. However, the simulation is required to be uniform, i.e., a single efficient simulator should work for the whole class of parameterized languages. For distributions on languages that are linear subspaces of vector spaces over bilinear groups, we give computationally sound quasi-adaptive NIZKs that are shorter and more efficient than Groth-Sahai NIZKs. For many cryptographic applications quasi-adaptive NIZKs suffice and our constructions can lead to significant efficiency improvements in the standard model. Our construction can be based on any k-linear assumption, and in particular under the eXternal Diffie Hellman (XDH) assumption our proofs are even competitive with Random Oracle-based $$\Sigma $$ -protocol NIZK proofs. We also show that our system can be extended to include integer tags in the defining linear equations, where the tags are provided adaptively by the adversary. This leads to applicability of our system to many applications that use tags, e.g., applications using Cramer-Shoup projective hash proofs. Our techniques also lead to the shortest known (ciphertext) fully secure identity-based encryption scheme under standard static assumptions. Further, we also get a short publicly verifiable CCA2-secure IBE scheme. [ABSTRACT FROM AUTHOR]
ISSN:09332790
DOI:10.1007/s00145-016-9243-7