Non-Black-Box Simulation In The Fully Concurrent Setting

We present a new zero-knowledge argument protocol by relying on the non-black-box simulation technique of Barak (FOCS'01). Similar to the protocol of Barak, ours is publiccoin, is based on the existence of collision-resistant hash functions, and, is not based on "rewinding techniques" but rather uses non-black-box simulation. However in contrast to the protocol of Barak, our protocol is secure even if there are any unbounded (polynomial) number of concurrent sessions.This gives us the first construction of public-coin concurrent zero-knowledge. Prior to our work, Pass, Tseng and Wikstrom (SIAM J. Comp. 2011) had shown that using black-box simulation, getting a construction for even publiccoin parallel zero-knowledge is impossible.A public-coin concurrent zero-knowledge protocol directly implies the existence of a concurrent resettably-sound zero-knowledge protocol. This is an improvement over the corresponding construction of Deng, Goyal and Sahai (FOCS'09) which was based on stronger assumptions. Furthermore, this also directly leads to an alternative (and arguable cleaner) construction of a simultaneous resettable zero-knowledge argument system.An important feature of our protocol is the existence of a "straight-line" simulator. This gives a fundamentally different tool for constructing concurrently secure computation protocols (for functionalities even beyond zero-knowledge). The round complexity of our protocol is n(epsilon) (for any constant epsilon > 0), and, the simulator runs in strict polynomial time. The main technique behind our construction is purely combinatorial in nature.