Spartan and bulletproofs are simulation-extractable (for free!)
Increasing deployment of advanced zero-knowledge proof systems, especially zkSNARKs,
has raised critical questions about their security against real-world attacks. Two classes of …
has raised critical questions about their security against real-world attacks. Two classes of …
From polynomial IOP and commitments to non-malleable zkSNARKs
We study sufficient conditions to compile simulation-extractable zkSNARKs from information-
theoretic interactive oracle proofs (IOP) using a simulation-extractable commit-and-prove …
theoretic interactive oracle proofs (IOP) using a simulation-extractable commit-and-prove …
Lift-and-shift: obtaining simulation extractable subversion and updatable SNARKs generically
Zero-knowledge proofs and in particular succinct non-interactive zero-knowledge proofs (so
called zk-SNARKs) are getting increasingly used in real-world applications, with …
called zk-SNARKs) are getting increasingly used in real-world applications, with …
Witness-succinct universally-composable snarks
Abstract Zero-knowledge Succinct Non-interactive ARguments of Knowledge (zkSNARKs)
are becoming an increasingly fundamental tool in many real-world applications where the …
are becoming an increasingly fundamental tool in many real-world applications where the …
Fiat-shamir bulletproofs are non-malleable (in the random oracle model)
Bulletproofs (Bünz et al. IEEE S&P 2018) are a celebrated ZK proof system that allows for
short and efficient proofs, and have been implemented and deployed in several real-world …
short and efficient proofs, and have been implemented and deployed in several real-world …
Non-black-box simulation from one-way functions and applications to resettable security
The simulation paradigm, introduced by Goldwasser, Micali and Rackoff, is of fundamental
importance to modern cryptography. In a breakthrough work from 2001, Barak (FOCS'01) …
importance to modern cryptography. In a breakthrough work from 2001, Barak (FOCS'01) …
Subversion-resistant simulation (knowledge) sound NIZKs
K Baghery - Cryptography and Coding: 17th IMA International …, 2019 - Springer
Abstract In ASIACRYPT 2016, Bellare, Fuchsbauer and Scafuro studied security of non-
interactive zero-knowledge (NIZK) arguments in the face of parameter subversion. They …
interactive zero-knowledge (NIZK) arguments in the face of parameter subversion. They …
{MIRAGE}: Succinct arguments for randomized algorithms with applications to universal {zk-SNARKs}
The last few years have witnessed increasing interest in the deployment of zero-knowledge
proof systems, in particular ones with succinct proofs and efficient verification (zk-SNARKs) …
proof systems, in particular ones with succinct proofs and efficient verification (zk-SNARKs) …
How to compile polynomial IOP into simulation-extractable SNARKs: a modular approach
Most succinct arguments (SNARKs) are initially only proven knowledge sound (KS). We
show that the commonly employed compilation strategy from polynomial interactive oracle …
show that the commonly employed compilation strategy from polynomial interactive oracle …
Legosnark: Modular design and composition of succinct zero-knowledge proofs
We study the problem of building non-interactive proof systems modularly by linking small
specialized" gadget" SNARKs in a lightweight manner. Our motivation is both theoretical and …
specialized" gadget" SNARKs in a lightweight manner. Our motivation is both theoretical and …