ZK-PCPs from Leakage-Resilient Secret Sharing

Carmit Hazay, Muthuramakrishnan Venkitasubramaniam, Mor Weiss

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

Zero-Knowledge PCPs (ZK-PCPs; Kilian, Petrank, and Tardos, STOC ‘97) are PCPs with the additional zero-knowledge guarantee that the view of any (possibly malicious) verifier making a bounded number of queries to the proof can be efficiently simulated up to a small statistical distance. Similarly, ZK-PCPs of Proximity (ZK-PCPPs; Ishai and Weiss, TCC ‘14) are PCPPs in which the view of an adversarial verifier can be efficiently simulated with few queries to the input. Previous ZK-PCP constructions obtained an exponential gap between the query complexity q of the honest verifier, and the bound q on the queries of a malicious verifier (i.e., q= polylog (q)), but required either exponential-time simulation, or adaptive honest verification. This should be contrasted with standard PCPs, that can be verified non-adaptively (i.e., with a single round of queries to the proof). The problem of constructing such ZK-PCPs, even whenq= q, has remained open since they were first introduced more than 2 decades ago. This question is also open for ZK-PCPPs, for which no construction with non-adaptive honest verification is known (not even with exponential-time simulation). We resolve this question by constructing the first ZK-PCPs and ZK-PCPPs which simultaneously achieve efficient zero-knowledge simulation and non-adaptive honest verification. Our schemes have a square-root query gap, namely q∗/q=O(n), where n is the input length. Our constructions combine the “MPC-in-the-head” technique (Ishai et al., STOC ‘07) with leakage-resilient secret sharing. Specifically, we use the MPC-in-the-head technique to construct a ZK-PCP variant over a large alphabet, then employ leakage-resilient secret sharing to design a new alphabet reduction for ZK-PCPs which preserves zero-knowledge.

Original languageEnglish
Article number23
JournalJournal of Cryptology
Volume35
Issue number4
DOIs
StatePublished - Oct 2022

Bibliographical note

Publisher Copyright:
© 2022, International Association for Cryptologic Research.

Funding

We thank the anonymous ITC‘21 reviewers for their helpful comments, in particular for pointing out the connection to RPEs and noting that the ZK code of [, Theorem 2.2] is equivocal. The first and third authors are supported by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office. The first author is supported by ISF grant No. 1316/18. The first and second authors are supported by DARPA under Contract No. HR001120C0087. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA.

FundersFunder number
Defense Advanced Research Projects AgencyHR001120C0087
Israel Science Foundation1316/18

    Keywords

    • Leakage resilience
    • Probabilistically checkable proofs
    • Probabilistically checkable proofs of proximity
    • Secret sharing
    • Secure multi-party computation
    • Zero knowledge

    Fingerprint

    Dive into the research topics of 'ZK-PCPs from Leakage-Resilient Secret Sharing'. Together they form a unique fingerprint.

    Cite this