Frequently, users on the web need to show that they are, for example, not a robot, old
enough to access an age restricted video, or eligible to download an ebook from their local …

We present position-hiding linkability for vector commitment schemes: one can prove in zero
knowledge that one or m values that comprise commitment\cm all belong to the vector of …

A decade of active research has led to practical constructions of zero-knowledge succinct
non-interactive arguments of knowledge (zk-SNARKs) that are now being used in a wide …

We propose several decentralized ceremonies for constructing a powers-of-tau structured
reference string (SRS). Our protocols make use of a blockchain platform to run in a …

We present Bingo, an adaptively secure and optimally resilient packed asynchronous
verifiable secret sharing (PAVSS) protocol that allows a dealer to share f+ 1 secrets with a …

In the algebraic group model (AGM), an adversary has to return with each group element a
linear representation with respect to input group elements. In many groups, it is easy to …

We propose a univariate sumcheck argument Count of essentially optimal communication
efficiency of one group element. While the previously most efficient univariate sumcheck …

We propose a general framework for non-universal SNARKs. It contains (1) knowledge-
sound and non-black-box any-simulation-extractable (ASE),(2) zero-knowledge and …

Non-interactive zero-knowledge proofs (NIZKs) and in particular succinct NIZK arguments of
knowledge (so called zk-SNARKs) increasingly see real-world adoption in large and …

Syncing the latest state of a blockchain can be a resource-intensive task, driving (especially
mobile) end users towards centralized services offering instant access. To expand full …