We initiate a formal investigation on the power of {\em predictability} for argument of knowledge systems for \NP.
Specifically, we consider private-coin argument systems where the answers of the prover can be predicted, given the private randomness of the verifier.
We show that predictable arguments of knowledge (PAoK) can be made extremely laconic, with the prover sending a single bit, and assumed to have only one round (two messages) without loss of generality. We then explore constructs of PAoK. For specific relations we obtain PAoK from Extractable Hash Proof systems (Wee, Crypto '10); we also show that PAoK are equivalent to Extractable Witness Encryption. Unfortunately, the latter poses serious doubts on the existence of PAoK for all \NP.
Finally, we apply PAoK in the context of leakage-tolerant PKE protocols.
At PKC '13 Nielsen {\em et al.} have shown that any leakage-tolerant PKE protocol requires long keys already when it tolerates super-logarithmic leakage.
We strengthen their result proving a more fine-grained lower bound for any constant numbers bits of leakage.
Moreover, we consider an adaptive-secure definition for PAoK.
In this stronger model the challenge generation algorithm is independent of the instance proved, the extraction is guaranteed for adversarial chosen instances.
↧