Efficient Zaps and Signatures of Knowledge

The concept of Zaps, two-round witness indistinguish- able proofs, was introduced by Dwork and Naor in 2000. They constructed Zaps based on non-interactive zero- knowledge proof. This left open the following problem: does there exist a non-interactive Zaps? Barak et al. and Groth et al. answered this question affirmatively under the assumption of the existence of Hitting Set Generators against co-nondeterministic circuits and Decisional Linear Assumption, respectively. In this paper, we will construct ef- ficient non-interactive Zaps under the existence of one-way function. In 2006, Chase and Lysyanskaya defined and con- structed signatures of knowledge based on non-interactive zero-knowledge proof. We prove that their signature is not secure and point out that they exist under the existence of trapdoor permutation. Feige and Shamir stated that digi- tal signature cannot be zero-knowledge(otherwise they are forgeable) and it can be witness hiding. In this paper, we will revise the definition of the signatures of knowledge by using witness hiding protocol and construct them under the existence of one-way function.