KIT | KIT-Bibliothek | Impressum | Datenschutz

Fiat–Shamir Transformation of Multi-Round Interactive Proofs (Extended Version)

Attema, Thomas ; Fehr, Serge; Klooß, Michael ORCID iD icon 1
1 Institut für Theoretische Informatik (ITI), Karlsruher Institut für Technologie (KIT)

Abstract:

The celebrated Fiat–Shamir transformation turns any public-coin interactive proof into a non-interactive one, which inherits the main security properties (in the random oracle model) of the interactive version. While originally considered in the context of 3-move public-coin interactive proofs, i.e., so-called Σ-protocols, it is now applied to multi-round protocols as well. Unfortunately, the security loss for a (2μ+1)-move protocol is, in general, approximately Q$^μ$, where Q is the number of oracle queries performed by the attacker. In general, this is the best one can hope for, as it is easy to see that this loss applies to the μ-fold sequential repetition of Σ-protocols, but it raises the question whether certain (natural) classes of interactive proofs feature a milder security loss. In this work, we give positive and negative results on this question. On the positive side, we show that for (k$_1$,…,k$_μ$)-special-sound protocols (which cover a broad class of use cases), the knowledge error degrades linearly in Q, instead of Q$^μ$. On the negative side, we show that for t-fold parallel repetitions of typical (k$_1$,…,k$_μ$)-special-sound protocols with t≥μ (and assuming for simplicity that t and Q are integer multiples of μ), there is an attack that results in a security loss of approximately $\frac{1}{2}$Q$^μ$/μ$^{μ+t}$.


Verlagsausgabe §
DOI: 10.5445/IR/1000161760
Veröffentlicht am 30.08.2023
Originalveröffentlichung
DOI: 10.1007/s00145-023-09478-y
Scopus
Zitationen: 1
Web of Science
Zitationen: 1
Dimensions
Zitationen: 3
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Informationssicherheit und Verlässlichkeit (KASTEL)
Publikationstyp Zeitschriftenaufsatz
Publikationsmonat/-jahr 10.2023
Sprache Englisch
Identifikator ISSN: 0933-2790, 1432-1378
KITopen-ID: 1000161760
HGF-Programm 46.23.01 (POF IV, LK 01) Methods for Engineering Secure Systems
Erschienen in Journal of Cryptology
Verlag Springer
Band 36
Heft 4
Seiten Art.-Nr.: 36
Vorab online veröffentlicht am 08.08.2023
Nachgewiesen in Web of Science
Scopus
Dimensions
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page