Polymath: Groth16 is not the limit
H Lipmaa - Annual International Cryptology Conference, 2024 - Springer
Shortening the argument (three group elements or 1536/3072 bits over the BLS12-
381/BLS24-509 curves) of the Groth16 zk-SNARK for R1CS is a long-standing open …
381/BLS24-509 curves) of the Groth16 zk-SNARK for R1CS is a long-standing open …
Constant-size zk-SNARKs in ROM from falsifiable assumptions
We prove that the seminal KZG polynomial commitment scheme (PCS) is black-box
extractable under a simple falsifiable assumption ARSDH. To create an interactive …
extractable under a simple falsifiable assumption ARSDH. To create an interactive …
Real-world Universal zkSNARKs are non-malleable
Simulation extractability is a strong security notion of zkSNARKs that guarantees that an
attacker who produces a valid proof must know the corresponding witness, even if the …
attacker who produces a valid proof must know the corresponding witness, even if the …
Lookup arguments: improvements, extensions and applications to zero-knowledge decision trees
Lookup arguments allow to prove that the elements of a committed vector come from a
(bigger) committed table. They enable novel approaches to reduce the prover complexity of …
(bigger) committed table. They enable novel approaches to reduce the prover complexity of …
Garuda and Pari: Faster and Smaller SNARKs via Equifficient Polynomial Commitments
M Dellepere, P Mishra, A Shirzad - Cryptology ePrint Archive, 2024 - eprint.iacr.org
SNARKs are powerful cryptographic primitives that allow a prover to produce a succinct
proof of a computation. Two key goals of SNARK research are to minimize the size of the …
proof of a computation. Two key goals of SNARK research are to minimize the size of the …
The uber-knowledge assumption: A bridge to the AGM
B Bauer, P Farshim, P Harasser… - Cryptology ePrint …, 2023 - eprint.iacr.org
The generic-group model (GGM) and the algebraic-group model (AGM) have been
exceptionally successful in proving the security of many classical and modern …
exceptionally successful in proving the security of many classical and modern …
The brave new world of global generic groups and UC-secure zero-overhead SNARKs
The universal composability (UC) model provides strong security guarantees for protocols
used in arbitrary contexts. While these guarantees are highly desirable, in practice, schemes …
used in arbitrary contexts. While these guarantees are highly desirable, in practice, schemes …
Flip-and-prove r1cs
In this work, we consider the setting where one or more users with low computational
resources would lie to outsource the task of proof generation for SNARKs to one external …
resources would lie to outsource the task of proof generation for SNARKs to one external …
Efficiently-Thresholdizable Batched Identity Based Encryption, with Applications
A Agarwal, R Fernando, B Pinkas - Cryptology ePrint Archive, 2024 - eprint.iacr.org
We propose a new cryptographic primitive called" batched identity-based
encryption"(Batched IBE) and its thresholdized version. The new primitive allows encrypting …
encryption"(Batched IBE) and its thresholdized version. The new primitive allows encrypting …
On Knowledge-Soundness of Plonk in ROM from Falsifiable Assumptions
Abstract Lipmaa, Parisella, and Siim [Eurocrypt, 2024] proved the extractability of the KZG
polynomial commitment scheme under the falsifiable assumption ARSDH. They also …
polynomial commitment scheme under the falsifiable assumption ARSDH. They also …