Some Observations on Zap and Its Applications

摘要

Zap, first introduced by Dwork and Naor, is itself a 2-round public-coin witness indistinguishable (WI) proof system for NP. Zaps are a very powerful cryptographic tool to significantly simplify many cryptographic tasks. As a notable example, it is used to achieve the first 2-round timed deniable authentication scheme. Deniable authentication first appears in [10,12], and is then formalized in [14]. Roughly speaking, a deniable authentication scheme is a public-key interactive authentication scheme in which an authenticator AP convinces a second party V, only accessing to AP's public-key, that AP is willing to authenticate a message m. However, different from the case of digital signatures, deniable authentication does not permit V to convince a third party that AP has authenticated m. That is, there is no "paper trail" of the conversation other than what could be produced by V alone. Several 4-round timed deniable authentication protocols appear in [14,15] and the first 2-round timed deniable authentication is presented by Dwork and Naor in [13].