Statistical Concurrent Non-Malleable Zero-Knowledge from One-Way Functions

Abstract

Concurrent non-malleable zero-knowledge ($$\mathrm {CNMZK}$$) protocols are zero-knowledge protocols that provides security even when adversaries interact with multiple provers and verifiers simultaneously. It is known that $$\mathrm {CNMZK}$$ arguments for $$\mathcal {NP}$$ can be constructed in the plain model. Furthermore, it was recently shown that statistical$$\mathrm {CNMZK}$$ arguments for $$\mathcal {NP}$$ can also be constructed in the plain model. However, although the former requires only the existence of one-way functions, the latter requires the DDH assumption. In this paper, we construct a statistical $$\mathrm {CNMZK}$$ argument for $$\mathcal {NP}$$ assuming only the existence of one-way functions. The security is proven via black-box simulation, and the round complexity is $$\mathsf {poly}(n)$$. Under the existence of collision-resistant hash functions, the round complexity is reduced to $$\omega (\log n)$$, which is essentially optimal for black-box concurrent zero-knowledge protocols.