New and Improved Constructions of Nonmalleable Cryptographic Protocols

We present a new constant-round protocol for nonmalleable zero-knowledge. Using this protocol as a subroutine, we obtain a new constant-round protocol for nonmalleable commitments. Our constructions rely on the existence of (standard) collision-resistant hash functions. Previous constructions either relied on the existence of trapdoor permutations and hash functions that are collision resistant against subexponential-sized circuits or required a superconstant number of rounds. Additional results are the first construction of a nonmalleable commitment scheme that is statistically hiding (with respect to opening) and the first nonmalleable commitments that satisfy a strict polynomial-time simulation requirement. Our approach differs from the approaches taken in previous works in that we view nonmalleable zero-knowledge as a building block rather than an end goal. This gives rise to a modular construction of nonmalleable commitments and results in a somewhat simpler analysis.