On Defining Proofs of Knowledge

  • Mihir Bellare
  • Oded Goldreich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 740)


The notion of a “proof of knowledge,” suggested by Goldwasser, Micali and Rackoff, has been used in many works as a tool for the construction of cryptographic protocols and other schemes. Yet the commonly cited formalizations of this notion are unsatisfactory and in particular inadequate for some of the applications in which they are used. Consequently, new researchers keep getting misled by existing literature. The purpose of this paper is to indicate the source of these problems and suggest a definition which resolves them.


Interactive Function Input Graph Previous Definition Satisfying Assignment Common Input 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    D. Beaver, and J. Feigenbaum, “Hiding Instances in Multioracle Queries,” Proc. of the 7th STACS, 1990, pp. 37–48.Google Scholar
  2. 2.
    M. Bellare, S. Micali and R. Ostrovsky, “The True Complexity of Statistical Zero-Knowledge,” Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, ACM (1990), pp. 494–502.Google Scholar
  3. 3.
    G. Brassard, D. Chaum, and C. Crépeau, “Minimum Disclosure Proofs of knowledge,” JCSS, Vol. 37, No. 2, 1988, pp. 156–189.zbMATHGoogle Scholar
  4. 4.
    J. Boyar, C. Lund and R. Peralta, “On the Communication Complexity of Zero-Knowledge Proofs.” 1989.Google Scholar
  5. 5.
    G. Brassard, C. Crépeau, S. Laplante and C. Léger, “Computationally Convincing Proofs of Knowledge,” Proc. of the 8th STACS, 1991.Google Scholar
  6. 6.
    U. Feige, A. Fiat, and A. Shamir, “Zero-Knowledge Proofs of Identity”, Journal of Cryptology, Vol. 1, 1988, pp. 77–94.CrossRefzbMATHMathSciNetGoogle Scholar
  7. 7.
    U. Feige, and A. Shamir, “Witness Indistinguishability and Witness Hiding Protocols,” Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, ACM (1990), pp 416–426.Google Scholar
  8. 8.
    Z. Galil, S. Haber, and M. Yung, “Symmetric Public-Key Encryption”, Advances in Cryptology — Crypto85 proceedings, Lecture Notes in Computer Science, Vol. 218, Springer-Verlag, 1986, pp. 128–137.CrossRefGoogle Scholar
  9. 9.
    M. Furer, O. Goldreich, Y. Mansour, M. Sipser, and S. Zachos, “On Completeness and Soundness in Interactive Proof Systems”, Advances in Computing Research: a research annual, Vol. 5 (S. Micali, ed.), pp. 429–442, 1989.Google Scholar
  10. 10.
    O. Goldreich, “A Uniform-Complexity Treatment of Encryption and Zero-Knowledge”, J. of Cryptology, to appear.Google Scholar
  11. 11.
    O. Goldreich, and H. Krawczyk, “On Sequential and Parallel Composition of Zero-Knowledge Protocols”, 17th ICALP, Lecture Notes in Computer Science, Vol. 443, Springer-Verlag, 1990, pp. 268–282.Google Scholar
  12. 12.
    O. Goldreich, S. Micali, and A. Wigderson, “Proofs that Yields Nothing but Their Validity or All Languages in NP Have Zero-Knowledge Proof Systems”, JACM, Vol. 38, No. 1, July 1991.Google Scholar
  13. 13.
    O. Goldreich, and Y. Oren, “Definitions and Properties of Zero-Knowledge Proof Systems”, TR-610, Computer Science Dept., Technion, Haifa, Israel. Submitted to Jour of Cryptology.Google Scholar
  14. 14.
    S. Goldwasser, S. Micali, and C. Rackoff, “The Knowledge Complexity of Interactive Proof Systems”, SIAM J. on Computing, Vol. 18, No. 1, 1989, pp. 186–208.CrossRefzbMATHMathSciNetGoogle Scholar
  15. 15.
    S. Haber, “Multi-Party Cryptographic Computations: Techniques and Applications”, PhD Dissertation, Computer Science Dept., Columbia University, Nov. 1987.Google Scholar
  16. 16.
    Y. Oren, “On the Cunning Power of Cheating Verifiers: Some Observations about Zero-Knowledge Proofs,” Proceedings of the 28th Annual IEEE Symposium on the Foundations of Computer Science, IEEE (1987), pp. 462–471.Google Scholar
  17. 17.
    A. Shamir, “IP=PSPACE,” Proceedings of the 31st Annual IEEE Symposium on the Foundations of Computer Science, IEEE (1990), pp. 11–15.Google Scholar
  18. 18.
    M. Tompa and H. Woll, “Random Self-Reducibility and Zero-Knowledge Interactive Proofs of Possession of Information,” University of California (San Diego) Computer Science and Engineering Dept. Technical Report Number CS92-244 (June 1992). (Preliminary version in Proceedings of the 28th Annual IEEE Symposium on the Foundations of Computer Science, IEEE (1987), pp. 472–482.)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Mihir Bellare
    • 1
  • Oded Goldreich
    • 2
  1. 1.High Performance Computing and CommunicationsIBM T.J. Watson Research CenterYorktown HeightsUSA
  2. 2.Computer Science DepartmentTechnionHaifaIsrael

Personalised recommendations