Multi-theorem (Malicious) Designated-Verifier NIZK for QMA

TL;DR

This paper introduces the first non-interactive zero-knowledge argument system for QMA with multi-theorem security, in the malicious designated-verifier model, based on classical techniques that extend to quantum protocols.

Contribution

It provides a novel transformation that converts any sigma protocol into a reusable MDV-NIZK for QMA, enhancing security and reusability.

Findings

First non-interactive QMA ZK argument with multi-theorem security

Secure under Learning with Errors assumption

Transformation applicable to quantum protocols

Abstract

We present the first non-interactive zero-knowledge argument system for QMA with multi-theorem security. Our protocol setup constitutes an additional improvement and is constructed in the malicious designated-verifier (MDV-NIZK) model (Quach, Rothblum, and Wichs, EUROCRYPT 2019), where the setup consists of a trusted part that includes only a common uniformly random string and an untrusted part of classical public and secret verification keys, which even if sampled maliciously by the verifier, the zero knowledge property still holds. The security of our protocol is established under the Learning with Errors Assumption. Our main technical contribution is showing a general transformation that compiles any sigma protocol into a reusable MDV-NIZK protocol, using NIZK for NP. Our technique is classical but works for quantum protocols and allows the construction of a reusable MDV-NIZK for QMA.