Fiat-Shamir: From practice to theory

Ran Canetti; Yilei Chen; Justin Holmgren; Alex Lombardi; Guy N. Rothblum; Ron D. Rothblum; Daniel Wichs

doi:10.1145/3313276.3316380

Fiat-Shamir: From practice to theory

Ran Canetti, Yilei Chen, Justin Holmgren, Alex Lombardi, Guy N. Rothblum, Ron D. Rothblum, Daniel Wichs

Tel Aviv University, Weizmann Institute of Science, Technion - Israel Institute of Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

We give new instantiations of the Fiat-Shamir transform using explicit, efficiently computable hash functions. We improve over prior work by reducing the security of these protocols to qualitatively simpler and weaker computational hardness assumptions. As a consequence of our framework, we obtain the following concrete results. 1) There exists a succinct publicly verifiable non-interactive argument system for log-space uniform NC computations, under the assumption that any one of a broad class of fully homomorphic encryption (FHE) schemes has almost optimal security against polynomial-time adversaries. The class includes all FHE schemes in the literature that are based on the learning with errors (LWE) problem. 2) There exists a non-interactive zero-knowledge argument system for NP in the common reference string model, under either of the following two assumptions: (i) Almost optimal hardness of search-LWE against polynomial-time adversaries, or (ii) The existence of a circular-secure FHE scheme with a standard (polynomial time, negligible advantage) level of security. 3) The classic quadratic residuosity protocol of [Goldwasser, Micali, and Rackoff, SICOMP’89] is not zero knowledge when repeated in parallel, under any of the hardness assumptions above.

Original language	English
Title of host publication	STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing
Editors	Moses Charikar, Edith Cohen
Place of Publication	NY, NY
Publisher	Association for Computing Machinery
Pages	1082-1090
Number of pages	9
ISBN (Electronic)	9781450367059
DOIs	https://doi.org/10.1145/3313276.3316380
State	Published - 23 Jun 2019
Event	51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019 - Phoenix, United States Duration: 23 Jun 2019 → 26 Jun 2019

Publication series

Name	Proceedings of the Annual ACM Symposium on Theory of Computing

Conference

Conference	51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019
Country/Territory	United States
City	Phoenix
Period	23/06/19 → 26/06/19

Keywords

Cryptographic protocols
Delegation of computation
Fiat-Shamir heuristic
Zero-knowledge protocols

All Science Journal Classification (ASJC) codes

Software

Access to Document

10.1145/3313276.3316380

gr_STOC2019_FiatShamirFrom Practice_PV2019Final published version, 1.1 MB

Cite this

Canetti, R., Chen, Y., Holmgren, J., Lombardi, A., Rothblum, G. N., Rothblum, R. D., & Wichs, D. (2019). Fiat-Shamir: From practice to theory. In M. Charikar, & E. Cohen (Eds.), STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing (pp. 1082-1090). (Proceedings of the Annual ACM Symposium on Theory of Computing). Association for Computing Machinery. https://doi.org/10.1145/3313276.3316380

@inproceedings{05f26b4c11934c0f81146627d0fa0bfb,

title = "Fiat-Shamir: From practice to theory",

abstract = "We give new instantiations of the Fiat-Shamir transform using explicit, efficiently computable hash functions. We improve over prior work by reducing the security of these protocols to qualitatively simpler and weaker computational hardness assumptions. As a consequence of our framework, we obtain the following concrete results. 1) There exists a succinct publicly verifiable non-interactive argument system for log-space uniform NC computations, under the assumption that any one of a broad class of fully homomorphic encryption (FHE) schemes has almost optimal security against polynomial-time adversaries. The class includes all FHE schemes in the literature that are based on the learning with errors (LWE) problem. 2) There exists a non-interactive zero-knowledge argument system for NP in the common reference string model, under either of the following two assumptions: (i) Almost optimal hardness of search-LWE against polynomial-time adversaries, or (ii) The existence of a circular-secure FHE scheme with a standard (polynomial time, negligible advantage) level of security. 3) The classic quadratic residuosity protocol of [Goldwasser, Micali, and Rackoff, SICOMP{\textquoteright}89] is not zero knowledge when repeated in parallel, under any of the hardness assumptions above.",

keywords = "Cryptographic protocols, Delegation of computation, Fiat-Shamir heuristic, Zero-knowledge protocols",

author = "Ran Canetti and Yilei Chen and Justin Holmgren and Alex Lombardi and Rothblum, \{Guy N.\} and Rothblum, \{Ron D.\} and Daniel Wichs",

note = "Publisher Copyright: {\textcopyright} 2019 Association for Computing Machinery.; 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019 ; Conference date: 23-06-2019 Through 26-06-2019",

year = "2019",

month = jun,

day = "23",

doi = "10.1145/3313276.3316380",

language = "الإنجليزيّة",

series = "Proceedings of the Annual ACM Symposium on Theory of Computing",

publisher = "Association for Computing Machinery",

pages = "1082--1090",

editor = "Moses Charikar and Edith Cohen",

booktitle = "STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing",

address = "الولايات المتّحدة",

}

Canetti, R, Chen, Y, Holmgren, J, Lombardi, A, Rothblum, GN , Rothblum, RD & Wichs, D 2019, Fiat-Shamir: From practice to theory. in M Charikar & E Cohen (eds), STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing. Proceedings of the Annual ACM Symposium on Theory of Computing, Association for Computing Machinery, NY, NY, pp. 1082-1090, 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019, Phoenix, United States, 23/06/19. https://doi.org/10.1145/3313276.3316380

Fiat-Shamir: From practice to theory. / Canetti, Ran; Chen, Yilei; Holmgren, Justin et al.
STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing. ed. / Moses Charikar; Edith Cohen. NY, NY: Association for Computing Machinery, 2019. p. 1082-1090 (Proceedings of the Annual ACM Symposium on Theory of Computing).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Fiat-Shamir

T2 - 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019

AU - Canetti, Ran

AU - Chen, Yilei

AU - Holmgren, Justin

AU - Lombardi, Alex

AU - Rothblum, Guy N.

AU - Rothblum, Ron D.

AU - Wichs, Daniel

PY - 2019/6/23

Y1 - 2019/6/23

N2 - We give new instantiations of the Fiat-Shamir transform using explicit, efficiently computable hash functions. We improve over prior work by reducing the security of these protocols to qualitatively simpler and weaker computational hardness assumptions. As a consequence of our framework, we obtain the following concrete results. 1) There exists a succinct publicly verifiable non-interactive argument system for log-space uniform NC computations, under the assumption that any one of a broad class of fully homomorphic encryption (FHE) schemes has almost optimal security against polynomial-time adversaries. The class includes all FHE schemes in the literature that are based on the learning with errors (LWE) problem. 2) There exists a non-interactive zero-knowledge argument system for NP in the common reference string model, under either of the following two assumptions: (i) Almost optimal hardness of search-LWE against polynomial-time adversaries, or (ii) The existence of a circular-secure FHE scheme with a standard (polynomial time, negligible advantage) level of security. 3) The classic quadratic residuosity protocol of [Goldwasser, Micali, and Rackoff, SICOMP’89] is not zero knowledge when repeated in parallel, under any of the hardness assumptions above.

AB - We give new instantiations of the Fiat-Shamir transform using explicit, efficiently computable hash functions. We improve over prior work by reducing the security of these protocols to qualitatively simpler and weaker computational hardness assumptions. As a consequence of our framework, we obtain the following concrete results. 1) There exists a succinct publicly verifiable non-interactive argument system for log-space uniform NC computations, under the assumption that any one of a broad class of fully homomorphic encryption (FHE) schemes has almost optimal security against polynomial-time adversaries. The class includes all FHE schemes in the literature that are based on the learning with errors (LWE) problem. 2) There exists a non-interactive zero-knowledge argument system for NP in the common reference string model, under either of the following two assumptions: (i) Almost optimal hardness of search-LWE against polynomial-time adversaries, or (ii) The existence of a circular-secure FHE scheme with a standard (polynomial time, negligible advantage) level of security. 3) The classic quadratic residuosity protocol of [Goldwasser, Micali, and Rackoff, SICOMP’89] is not zero knowledge when repeated in parallel, under any of the hardness assumptions above.

KW - Cryptographic protocols

KW - Delegation of computation

KW - Fiat-Shamir heuristic

KW - Zero-knowledge protocols

UR - http://www.scopus.com/inward/record.url?scp=85065129547&partnerID=8YFLogxK

U2 - 10.1145/3313276.3316380

DO - 10.1145/3313276.3316380

M3 - منشور من مؤتمر

T3 - Proceedings of the Annual ACM Symposium on Theory of Computing

SP - 1082

EP - 1090

BT - STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing

A2 - Charikar, Moses

A2 - Cohen, Edith

PB - Association for Computing Machinery

CY - NY, NY

Y2 - 23 June 2019 through 26 June 2019

ER -

Canetti R, Chen Y, Holmgren J, Lombardi A, Rothblum GN , Rothblum RD et al. Fiat-Shamir: From practice to theory. In Charikar M, Cohen E, editors, STOC 2019 - Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing. NY, NY: Association for Computing Machinery. 2019. p. 1082-1090. (Proceedings of the Annual ACM Symposium on Theory of Computing). doi: 10.1145/3313276.3316380

Fiat-Shamir: From practice to theory

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this