CryptoDB
Black-Box Concurrent Zero-Knowledge Requires $\tilde\Omega(\log n)$ Rounds
Authors: | |
---|---|
Download: | |
Abstract: | We show that any concurrent zero-knowledge protocol for a non-trivial language (i.e., for a language outside $\BPP$), whose security is proven via black-box simulation, must use at least $\tilde\Omega(\log n)$ rounds of interaction. This result achieves a substantial improvement over previous lower bounds, and is the first bound to rule out the possibility of constant-round concurrent zero-knowledge when proven via black-box simulation. Furthermore, the bound is polynomially related to the number of rounds in the best known concurrent zero-knowledge protocol for languages in $\NP$. |
BibTeX
@misc{eprint-2001-11463, title={Black-Box Concurrent Zero-Knowledge Requires $\tilde\Omega(\log n)$ Rounds}, booktitle={IACR Eprint archive}, keywords={cryptographic protocols / zero-knowledge}, url={http://eprint.iacr.org/2001/051}, note={An extended abstract to appear in STOC01 alon@wisdom.weizmann.ac.il 11497 received 24 Jun 2001}, author={Ran Canetti and Joe Kilian and Erez Petrank and Alon Rosen}, year=2001 }