Fair-Zero Knowledge

  • Matt Lepinski
  • Silvio Micali
  • Abhi Shelat
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3378)


We introduce Fair Zero-Knowledge, a multi-verifier ZK system where every proof is guaranteed to be “zero-knowledge for all verifiers.” That is, if an honest verifier accepts a fair zero-knowledge proof, then he is assured that all other verifiers also learn nothing more than the verity of the statement in question, even if they maliciously collude with a cheating prover.

We construct Fair Zero-Knowledge systems based on standard complexity assumptions (specifically, the quadratic residuosity assumption) and an initial, one-time use of a physically secure communication channel (specifically, each verifier sends the prover a private message in an envelope). All other communication occurs (and must occur) on a broadcast channel.

The main technical challenge of our construction consists of provably removing any possibility of using steganography in a ZK proof. To overcome this technical difficulty, we introduce tools —such as Unique Zero Knowledge— that may be of independent interest.


Proof System Honest Party Reference String Jacobi Symbol Zero Knowledge 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [BFM88]
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: STOC 1988, pp. 103–112 (1988)Google Scholar
  2. [BSMP91]
    Blum, M., De Santis, A., Micali, S., Persiano, G.: Noninteractive zero-knowledge. SIAM J. Computing 20(6), 1084–1118 (1991)zbMATHCrossRefGoogle Scholar
  3. [DAM92]
    Damgård, I.: Non-interactive circuit based proofs and non-interactive perfect zero-knowledge with preprocessing. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 341–355. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  4. [DGB87]
    Desmedt, Y., Goutier, C., Bengio, S.: Special uses and abuses of the Fiat-Shamir passport protocol. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 21–39. Springer, Heidelberg (1988)Google Scholar
  5. [DMP91]
    De Santis, A., Micali, S., Persiano, G.: Non-interactive zero-knowledge with preprocessing. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 269–282. Springer, Heidelberg (1990)Google Scholar
  6. [FLS90]
    Feige, U., Lapidot, D., Shamir, A.: Multiple non-interactive zero knowledge proofs based on a single random string. In: Proc. 31th FOCS, pp. 308–317 (1990)Google Scholar
  7. [GMW87]
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proc of STOC 1987, pp. 218–229. ACM, New York (1987)Google Scholar
  8. [GGM86]
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM 33(4), 792–807 (1986)CrossRefMathSciNetGoogle Scholar
  9. [GMR89]
    Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof-systems. SIAM. J. Computing 18(1), 186–208 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  10. [GM84]
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Science 28(2) (1984)Google Scholar
  11. [GMR88]
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Computing 17(2), 281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  12. [KP98]
    Kilian, J., Petrank, E.: An efficient noninteractive zero-knowledge proof system for np with general assumptions. J. Cryptology 11(1), 1–27 (1998)zbMATHCrossRefMathSciNetGoogle Scholar
  13. [NHvA02]
    Hopper, N.J., Langford, J., von Ahn, L.: Provably Secure Steganography. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 77. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Matt Lepinski
    • 1
  • Silvio Micali
    • 1
  • Abhi Shelat
    • 1
  1. 1.Massachusetts Institute of TechnologyCambridgeUSA

Personalised recommendations