Zero-knowledge protocols for search problems

Ben Berger; Zvika Brakerski

doi:10.1007/978-3-319-98113-0_16

Zero-knowledge protocols for search problems

Ben Berger, Zvika Brakerski

Department of Computer Science and Applied Mathematics

Weizmann Institute of Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

We consider natural ways to extend the notion of Zero-Knowledge (ZK) Proofs beyond decision problems. Specifically, we consider search problems, and define zero-knowledge proofs in this context as interactive protocols in which the prover can establish the correctness of a solution to a given instance without the verifier learning anything beyond the intended solution, even if it deviates from the protocol. The goal of this work is to initiate a study of Search Zero-Knowledge (search-ZK), the class of search problems for which such systems exist. This class trivially contains search problems where the validity of a solution can be efficiently verified (using a single message proof containing only the solution). A slightly less obvious, but still straightforward, way to obtain zero-knowledge proofs for search problems is to let the prover send a solution and prove in zero-knowledge that the instance-solution pair is valid. However, there may be other ways to obtain such zero-knowledge proofs, and they may be more advantageous. In fact, we prove that there are search problems for which the aforementioned approach fails, but still search zero-knowledge protocols exist. On the other hand, we show sufficient conditions for search problems under which some form of zero-knowledge can be obtained using the straightforward way.

Original language	English
Title of host publication	Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings
Editors	Dario Catalano, Roberto De Prisco
Publisher	Springer Verlag
Pages	292-309
Number of pages	18
ISBN (Print)	9783319981123
DOIs	https://doi.org/10.1007/978-3-319-98113-0_16
State	Published - 2018
Event	11th International Conference on Security and Cryptography for Networks, SCN 2018 - Amalfi, Italy Duration: 5 Sep 2018 → 7 Sep 2018

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11035 LNCS

Conference

Conference	11th International Conference on Security and Cryptography for Networks, SCN 2018
Country/Territory	Italy
City	Amalfi
Period	5/09/18 → 7/09/18

Keywords

Interactive proofs
Search problems
Zero-knowledge

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-319-98113-0_16

Cite this

Berger, B., & Brakerski, Z. (2018). Zero-knowledge protocols for search problems. In D. Catalano, & R. De Prisco (Eds.), Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings (pp. 292-309). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11035 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-98113-0_16

Berger, Ben ; Brakerski, Zvika. / Zero-knowledge protocols for search problems. Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings. editor / Dario Catalano ; Roberto De Prisco. Springer Verlag, 2018. pp. 292-309 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{2a74a7276e4b4d60854d1686bcb787b2,

title = "Zero-knowledge protocols for search problems",

abstract = "We consider natural ways to extend the notion of Zero-Knowledge (ZK) Proofs beyond decision problems. Specifically, we consider search problems, and define zero-knowledge proofs in this context as interactive protocols in which the prover can establish the correctness of a solution to a given instance without the verifier learning anything beyond the intended solution, even if it deviates from the protocol. The goal of this work is to initiate a study of Search Zero-Knowledge (search-ZK), the class of search problems for which such systems exist. This class trivially contains search problems where the validity of a solution can be efficiently verified (using a single message proof containing only the solution). A slightly less obvious, but still straightforward, way to obtain zero-knowledge proofs for search problems is to let the prover send a solution and prove in zero-knowledge that the instance-solution pair is valid. However, there may be other ways to obtain such zero-knowledge proofs, and they may be more advantageous. In fact, we prove that there are search problems for which the aforementioned approach fails, but still search zero-knowledge protocols exist. On the other hand, we show sufficient conditions for search problems under which some form of zero-knowledge can be obtained using the straightforward way.",

keywords = "Interactive proofs, Search problems, Zero-knowledge",

author = "Ben Berger and Zvika Brakerski",

note = "Publisher Copyright: {\textcopyright} 2018, Springer Nature Switzerland AG.; 11th International Conference on Security and Cryptography for Networks, SCN 2018 ; Conference date: 05-09-2018 Through 07-09-2018",

year = "2018",

doi = "10.1007/978-3-319-98113-0_16",

language = "الإنجليزيّة",

isbn = "9783319981123",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "292--309",

editor = "Dario Catalano and {De Prisco}, Roberto",

booktitle = "Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings",

address = "ألمانيا",

}

Berger, B & Brakerski, Z 2018, Zero-knowledge protocols for search problems. in D Catalano & R De Prisco (eds), Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11035 LNCS, Springer Verlag, pp. 292-309, 11th International Conference on Security and Cryptography for Networks, SCN 2018, Amalfi, Italy, 5/09/18. https://doi.org/10.1007/978-3-319-98113-0_16

Zero-knowledge protocols for search problems. / Berger, Ben; Brakerski, Zvika.
Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings. ed. / Dario Catalano; Roberto De Prisco. Springer Verlag, 2018. p. 292-309 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11035 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Zero-knowledge protocols for search problems

AU - Berger, Ben

AU - Brakerski, Zvika

PY - 2018

Y1 - 2018

N2 - We consider natural ways to extend the notion of Zero-Knowledge (ZK) Proofs beyond decision problems. Specifically, we consider search problems, and define zero-knowledge proofs in this context as interactive protocols in which the prover can establish the correctness of a solution to a given instance without the verifier learning anything beyond the intended solution, even if it deviates from the protocol. The goal of this work is to initiate a study of Search Zero-Knowledge (search-ZK), the class of search problems for which such systems exist. This class trivially contains search problems where the validity of a solution can be efficiently verified (using a single message proof containing only the solution). A slightly less obvious, but still straightforward, way to obtain zero-knowledge proofs for search problems is to let the prover send a solution and prove in zero-knowledge that the instance-solution pair is valid. However, there may be other ways to obtain such zero-knowledge proofs, and they may be more advantageous. In fact, we prove that there are search problems for which the aforementioned approach fails, but still search zero-knowledge protocols exist. On the other hand, we show sufficient conditions for search problems under which some form of zero-knowledge can be obtained using the straightforward way.

AB - We consider natural ways to extend the notion of Zero-Knowledge (ZK) Proofs beyond decision problems. Specifically, we consider search problems, and define zero-knowledge proofs in this context as interactive protocols in which the prover can establish the correctness of a solution to a given instance without the verifier learning anything beyond the intended solution, even if it deviates from the protocol. The goal of this work is to initiate a study of Search Zero-Knowledge (search-ZK), the class of search problems for which such systems exist. This class trivially contains search problems where the validity of a solution can be efficiently verified (using a single message proof containing only the solution). A slightly less obvious, but still straightforward, way to obtain zero-knowledge proofs for search problems is to let the prover send a solution and prove in zero-knowledge that the instance-solution pair is valid. However, there may be other ways to obtain such zero-knowledge proofs, and they may be more advantageous. In fact, we prove that there are search problems for which the aforementioned approach fails, but still search zero-knowledge protocols exist. On the other hand, we show sufficient conditions for search problems under which some form of zero-knowledge can be obtained using the straightforward way.

KW - Interactive proofs

KW - Search problems

KW - Zero-knowledge

UR - http://www.scopus.com/inward/record.url?scp=85053627019&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-98113-0_16

DO - 10.1007/978-3-319-98113-0_16

M3 - منشور من مؤتمر

SN - 9783319981123

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 292

EP - 309

BT - Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings

A2 - Catalano, Dario

A2 - De Prisco, Roberto

PB - Springer Verlag

T2 - 11th International Conference on Security and Cryptography for Networks, SCN 2018

Y2 - 5 September 2018 through 7 September 2018

ER -

Berger B, Brakerski Z. Zero-knowledge protocols for search problems. In Catalano D, De Prisco R, editors, Security and Cryptography for Networks - 11th International Conference, SCN 2018, Proceedings. Springer Verlag. 2018. p. 292-309. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-98113-0_16

Zero-knowledge protocols for search problems

Abstract

Publication series

Conference

Keywords

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this