Zero-Knowledge Proof Systems. Proof systems [37] are a
fundamental tool in theoretical computer science and cryptography. Consider an NP relation ℛ which defines the language
of all statements 𝑥 for which there exists a witness 𝑤 so
that ℛ𝑥, 𝑤 = true. In a zero-knowledge proof for ℛ a prover,
knowing a witness, wants to convince a verifier that 𝑥 is in
the language, without revealing any additional information
about the witness.
Since their introduction in [37] zero-knowledge (ZK) proofs
have been shown to be a very powerful instrument in the
design of secure cryptographic protocols.
For practical applications, researchers immediately recognized two limiting factors in zero-knowledge proofs: the
original protocols were interactive and the proof could be
as long as (if not longer than) the witness. When considering statistically sound proof systems for NP, unless some
complexity-theoretic collapse occurs, the prover P has to
communicate, roughly, as much information as the size of
the NP witness. Looking for ways to overcome this bound
motivated the study of computationally-sound proof systems,
also called argument systems [26].
