The Taub Faculty of Computer Science Events and Talks
Nick Spooner (University of Toronto)
Monday, 10.07.2017, 12:30
Existing constructions of zero knowledge proof systems typically work as follows: construct a proof system which is information-theoretically sound but not zero knowledge, then apply some cryptographic transformation to obtain a proof or argument system which is zero-knowledge. In this talk I will suggest a different approach: construct a proof system (in an extended model) which is information-theoretically sound /and/ zero knowledge, and then apply a ZK-preserving cryptographic transformation to obtain a zero-knowledge proof/argument system in a standard model.
I will illustrate the power of this idea by giving a perfect ZK protocol for NEXP in the interactive PCP model, which can then be 'compiled' into a non-interactive ZK argument in the random oracle model using a transformation of [BCS16]. A crucial part of this protocol is a zero-knowledge IPCP analogue of sumcheck.
This talk is based on joint work with Eli Ben-Sasson, Alessandro Chiesa, Michael Forbes, Ariel Gabizon and Michael Riabzev.