Beyond MPC-in-the-Head: Black-Box Constructions of Short Zero-Knowledge Proofs

Carmit Hazay, Muthuramakrishnan Venkitasubramaniam, Mor Weiss

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In their seminal work, Ishai, Kushilevitz, Ostrovsky, and Sahai (STOC‘07) presented the MPC-in-the-Head paradigm, which shows how to design Zero-Knowledge Proofs (ZKPs) from secure Multi-Party Computation (MPC) protocols. This paradigm has since then revolutionized and modularized the design of efficient ZKP systems, with far-reaching applications beyond ZKPs. However, to the best of our knowledge, all previous instantiations relied on fully-secure MPC protocols and have not been able to leverage the fact that the paradigm only imposes relatively weak privacy and correctness requirements on the underlying MPC. In this work, we extend the MPC-in-the-Head paradigm to game-based cryptographic primitives supporting homomorphic computations (e.g., fully-homomorphic encryption, functional encryption, randomized encodings, homomorphic secret sharing, and more). Specifically, we present a simple yet generic compiler from these primitives to ZKPs which use the underlying primitive as a black box. We also generalize our paradigm to capture commit-and-prove protocols, and use it to devise tight black-box compilers from Interactive (Oracle) Proofs to ZKPs, assuming One-Way Functions (OWFs). We use our paradigm to obtain several new ZKP constructions: 1. The first ZKPs for NP relations R computable in (polynomial-time uniform) NC1, whose round complexity is bounded by a fixed constant (independent of the depth of R ’s verification circuit), with communication approaching witness length (specifically, n· poly(κ), where n is the witness length, and κ is a security parameter), assuming DCR. Alternatively, if we allow the round complexity to scale with the depth of the verification circuit, our ZKPs can make black-box use of OWFs. 2. Constant-round ZKPs for NP relations computable in bounded polynomial space, with O(n) + o(m) · poly(κ) communication assuming OWFs, where m is the instance length. This gives a black-box alternative to a recent non-black-box construction of Nassar and Ron (CRYPTO‘22). 3. ZKPs for NP relations computable by a logspace-uniform family of depth- d(m) circuits, with n· poly(κ, d(m) ) communication assuming OWFs. This gives a black-box alternative to a result of Goldwasser, Kalai and Rothblum (JACM).

Original languageEnglish
Title of host publicationTheory of Cryptography - 21st International Conference, TCC 2023, Proceedings
EditorsGuy Rothblum, Hoeteck Wee
PublisherSpringer Science and Business Media Deutschland GmbH
Pages3-33
Number of pages31
ISBN (Print)9783031486142
DOIs
StatePublished - 2023
Event21st International conference on Theory of Cryptography Conference, TCC 2023 - Taipei, Taiwan, Province of China
Duration: 29 Nov 20232 Dec 2023

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume14369 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference21st International conference on Theory of Cryptography Conference, TCC 2023
Country/TerritoryTaiwan, Province of China
CityTaipei
Period29/11/232/12/23

Bibliographical note

Publisher Copyright:
© 2023, International Association for Cryptologic Research.

Fingerprint

Dive into the research topics of 'Beyond MPC-in-the-Head: Black-Box Constructions of Short Zero-Knowledge Proofs'. Together they form a unique fingerprint.

Cite this