We investigate the existence of constant-round post-quantum black-box zero-knowledge protocols for $\mathbf{NP}$. As a main result, we show that there is no constant-round post-quantum black-box zero-knowledge argument for $\mathbf{NP}$ unless $\mathbf{NP}\subseteq \mathbf{BQP}$. As constant-round black-box zero-knowledge arguments for $\mathbf{NP}$ exist in the classical setting, our main result points out a fundamental difference between post-quantum and classical zero-knowledge protocols. Combining previous results, we conclude that unless $\mathbf{NP}\subseteq \mathbf{BQP}$, constant-round post-quantum zero-knowledge protocols for $\mathbf{NP}$ exist if and only if we use non-black-box techniques or relax certain security requirements such as relaxing standard zero-knowledge to $\epsilon$-zero-knowledge. Additionally, we also prove that three-round and public-coin constant-round post-quantum black-box $\epsilon$-zero-knowledge arguments for $\mathbf{NP}$ do not exist unless $\mathbf{NP}\subseteq \mathbf{BQP}$.
翻译:我们调查了 $\ mathbf{NP} 是否存在常态黑盒后黑盒零知识协议。 作为主要结果, 我们显示, 除非$\\ mathbf{NP}$, 不存在常态后QQbb{NP} 美元, 除非$\\ mathbf{BQP}$, 除非$\\\\\ NP ⁇ subseteq\ mathbf{BQP} $。 由于古典设置中存在 $\ mathbf{PNP} 的常态黑盒零知识争论, 我们的主要结果表明, 后方和古老的零知识协议之间有根本的区别。 合并之前的结果, 我们的结论是, 除非$\\\\\\\\ mathb{sub{sub{b{B}subcregn- QNPF} 后方协议存在, 只要我们使用非黑盒技术或放松某些安全要求, 如将标准零知识放松标准的零价$\ n2$\ nB_Q_Q_Q\ n% Q\\\\ n2\ n2\ n2\\\ n2\ n该, 除非我们也证明三轮的。