33 Hits in 0.64 sec

Succinct Malleable NIZKs and an Application to Compact Shuffles [chapter]

Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, Sarah Meiklejohn
2013 Lecture Notes in Computer Science  
In this paper, we address these issues by providing a generic construction of controlled-malleable proofs using succinct non-interactive arguments of knowledge, or SNARGs for short.  ...  supported by NSF grants 1012060, 0964379, 0831293, and Sarah Meiklejohn was supported in part by a MURI grant administered by the Air Force Office of Scientific Research and in part by a graduate fellowship from  ...  A Construction of cm-NIZKs from SNARGs In this section, we construct cm-NIZK proofs from zero-knowledge SNARGs that are malleable with respect to a wide range of transformations, namely all t-tiered transformation  ... 
doi:10.1007/978-3-642-36594-2_6 fatcat:calwocpwjfbhrcw5atn5ewsffq

Functional Encryption from (Small) Hardware Tokens [chapter]

Kai-Min Chung, Jonathan Katz, Hong-Sheng Zhou
2013 Lecture Notes in Computer Science  
{Gen, Sign, Vrfy} is a signature scheme, SNARG.{Gen, P, V } is a SNARG scheme, NIZK.{Gen, P, V } is a NIZK scheme.  ...  The authority also sets up the reference strings crs and (rs, vrs) for NIZK and for SNARG respectively.  ... 
doi:10.1007/978-3-642-42045-0_7 fatcat:odtsxwdsq5eizhy7jybjlzssr4

On the Size of Pairing-Based Non-interactive Arguments [chapter]

Jens Groth
2016 Lecture Notes in Computer Science  
It follows from this that SNARGs where the prover and verifier use generic asymmetric bilinear group operations cannot consist of a single group element.  ...  This gives the first lower bound for pairing-based SNARGs.  ...  such a SNARG.  ... 
doi:10.1007/978-3-662-49896-5_11 fatcat:feoo4qccbbhxbj4syaje47c4wq

From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again

Nir Bitansky, Ran Canetti, Alessandro Chiesa, Eran Tromer
2012 Proceedings of the 3rd Innovations in Theoretical Computer Science Conference on - ITCS '12  
In order to prove membership for an instance y with valid witness w, the prover performs the following steps: Unlike in the "SNARK on top of NIZK" approach, in the "NIZK on top of SNARG" approach the knowledge  ...  The validity of the simulation follows from the semantic security of the encryption and the validity of the NIZK simulator, as well as from the fact that the zkSNARK is a proof of knowledge.  ... 
doi:10.1145/2090236.2090263 dblp:conf/innovations/BitanskyCCT12 fatcat:2327yyhwrvgoblswnscyjsdtzm

Separating succinct non-interactive arguments from all falsifiable assumptions

Craig Gentry, Daniel Wichs
2011 Proceedings of the 43rd annual ACM symposium on Theory of computing - STOC '11  
Our separation result also extends to designated verifier SNARGs, where the verifier needs a trapdoor associated with the CRS to verify arguments, and slightly succinct SNARGs, whose size is only required  ...  However, we currently do not know of any construction of SNARGs with a formal proof of security under any simple cryptographic assumption.  ...  Black-Box Separation of SNARGs From Falsifiable Assumptions We are now ready to state and prove the main result of the paper. Theorem 5.1.  ... 
doi:10.1145/1993636.1993651 dblp:conf/stoc/GentryW11 fatcat:7evdlxueozdk7ax3xnihgissxi

Secure Two-Party Computation with Low Communication [chapter]

Ivan Damgård, Sebastian Faust, Carmit Hazay
2012 Lecture Notes in Computer Science  
Computation, within part of this work was performed; and from the CFEM research center, supported by the Danish Strategic Research Council.  ...  The authors acknowledge support from the Danish National Research Foundation and The National Science Foundation of China (under the grant 61061130540) for the Sino-Danish Center for the Theory of Interactive  ...  Also, to get a zero-knowledge SNARG, we do not use the PCP+PIR approach from earlier work for a general PIR, instead we build a PIR-like scheme based on FHE, allowing the prover to compute NIZKs "inside  ... 
doi:10.1007/978-3-642-28914-9_4 fatcat:drm5kev64fedplit4p2fhqwsxa

Functional Signatures and Pseudorandom Functions [chapter]

Elette Boyle, Shafi Goldwasser, Ioana Ivan
2014 Lecture Notes in Computer Science  
SNARGs from Functional Signatures Recall that in a SNARG system for a language L, there is a verifier V , and a prover P who wishes to convince the verifier that an input x is in L.  ...  In Section 3, we show how to construct delegation schemes and succinct non-interactive arguments (SNARGs) from functional signatures schemes.  ...  This inefficiency stems both from sampling a truly random function H, and from testing whether the adversary's evaluation queries y are contained within  ... 
doi:10.1007/978-3-642-54631-0_29 fatcat:6mr73ixjp5bthnw6wquhlyjgbe

On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption

Adriana López-Alt, Eran Tromer, Vinod Vaikuntanathan
2012 Proceedings of the 44th symposium on Theory of Computing - STOC '12  
All user's input data and intermediate results are protected from snooping by the cloud as well as other users.  ...  For our purposes, it is more convenient to use the notion of (samestring) NIZK arguments from [SCO + 01].  ...  We have shown how to construct efficient NIZK arguments for the relation R enc for the NTRU-based multikey FHE scheme from Section 3.4.  ... 
doi:10.1145/2213977.2214086 dblp:conf/stoc/Lopez-AltTV12 fatcat:2jw2ee3e7zahpchnpfjet366km

Quadratic Span Programs and Succinct NIZKs without PCPs [chapter]

Rosario Gennaro, Craig Gentry, Bryan Parno, Mariana Raykova
2013 Lecture Notes in Computer Science  
outsourced computations, where a client asks a server to compute F (x) for a given function F and must verify the result provided by the server in considerably less time than it would take to compute F from  ...  Using QSPs, we construct a NIZK argument -in the CRS model -for Circuit-SAT consisting of just 7 group elements.  ...  From QSPs to SNARKs, NIZKs, and Verifiable Computing We use QSPs to build SNARKs and NIZKs in the CRS model [9, 10] . SNARKs.  ... 
doi:10.1007/978-3-642-38348-9_37 fatcat:yvxyxqydezexveoajecxrp2nni

Subversion-Zero-Knowledge SNARKs [chapter]

Georg Fuchsbauer
2018 Lecture Notes in Computer Science  
Zero-knowledge (ZK) SNARGs are used when some inputs to the computation come from the prover (the server in our example), who wants to keep its inputs private.  ...  Without such a CRS, NIZK systems are not possible [GO94] . NIZK proof systems exist for every NP language [BFM88, BDMP91] .  ... 
doi:10.1007/978-3-319-76578-5_11 fatcat:se5k4acnang7no3rwgadmqcbry

Efficient Zero-Knowledge Proof Systems [chapter]

Jonathan Bootle, Andrea Cerulli, Pyrros Chaidos, Jens Groth
2016 Lecture Notes in Computer Science  
SNARGs which are also arguments of knowledge are referred to as SNARKs. Definition 11 (Succinctness).  ...  The prover then gives an NIZK proof that the resulting ciphertext contains a 1. NIZK Arguments.  ... 
doi:10.1007/978-3-319-43005-8_1 fatcat:d7efu3p5mje2bh3cevr7wpgvym

Breaking the O(√(n))-Bit Barrier: Byzantine Agreement with Polylog Bits Per Party [article]

Elette Boyle and Ran Cohen and Aarushi Goel
2021 arXiv   pre-print
We provide two constructions of SRDS from different cryptographic and Public-Key Infrastructure (PKI) assumptions. 2) The SRDS-based BA follows a paradigm of boosting from "almost-everywhere" agreement  ...  such protocols in which every party sends o(n) messages. 3) We further explore connections between a natural approach toward attaining SRDS and average-case succinct non-interactive argument systems (SNARGs  ...  Theorem 1.7 (SRDS from multi-signatures requires average-case SNARGs, informal).  ... 
arXiv:2002.02516v4 fatcat:7l5ulreb7bbbjmu4vk2ll4l45m

Malleable Signatures: New Definitions and Delegatable Anonymous Credentials

Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, Sarah Meiklejohn
2014 2014 IEEE 27th Computer Security Foundations Symposium  
Finally, we construct delegatable anonymous credentials from signatures that are malleable with respect to an appropriate class of transformations (that we show our malleable signature supports).  ...  0831293, and by a Sloan Foundation fellowship, and Sarah Meiklejohn was supported in part by a MURI grant administered by the Air Force Office of Scientific Research and in part by a graduate fellowship from  ...  MALLEABLE SIGNATURES FROM CM-NIZKS In this section, we provide a generic construction of malleable signatures from cm-NIZKs.  ... 
doi:10.1109/csf.2014.22 dblp:conf/csfw/ChaseKLM14 fatcat:oubti4jpubgqzaoe7evodrpzuq

Efficient CCA Timed Commitments in Class Groups

Sri Aravinda Krishnan Thyagarajan, Guilhem Castagnos, Fabian Laguillaumie, Giulio Malavolta
2021 Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security  
The documents may come from teaching and research institutions in France or abroad, or from public or private research centers.  ...  This is not a concern unique to the timed commitment settings: A large body of literature on succinct non-interactive arguments (SNARGs) aims at designing efficient protocols with the same guarantees  ...  The proof for verifiability follows from the soundness of the NIZK proof system. Notice that the winning condition of the verifiability property requires TVfy(crs, 𝑐, 𝜋) = 1 and 𝑐 ∉ TCom(crs, 𝑚).  ... 
doi:10.1145/3460120.3484773 fatcat:byouu5ahjjfebgvduf5ww5ok4q

Public-Coin Differing-Inputs Obfuscation and Its Applications [chapter]

Yuval Ishai, Omkant Pandey, Amit Sahai
2015 Lecture Notes in Computer Science  
Definition 3.1 (SNARG).  ...  The NIZK proof system of Feige, Lapidot, and Shamir [FLS99] satisfies all of these requirements.  ...  We then use the soundness of SNARG to argue that if A NC 1 n "succeeds" against our sampler then A n succeeds against the given sampler.  ... 
doi:10.1007/978-3-662-46497-7_26 fatcat:q2xs5l7d6vd4zcjdk7hnaeoanm
« Previous Showing results 1 — 15 out of 33 results