A witness-indistinguishable proof (WIP) is a variant of a zero-knowledge proof for languages in NP. In a typical zero-knowledge proof of a statement, the prover will use a witness for the statement as input to the protocol, and the verifier will learn nothing other than the truth of the statement. In a WIP, this zero-knowledge condition is weakened, and the only guarantee is that the verifier will not be able to distinguish between provers that use different witnesses. In particular, the protocol may leak information about the set of all witnesses, or even leak the witness that was used when there is only one possible witness.
Witness-indistinguishable proof systems were first introduced by Feige and Shamir.[1] Unlike zero-knowledge proofs, they remain secure when multiple proofs are being performed in parallel.
See also
References
Wikiwand in your browser!
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.
