Paper 2016/112

On the (In)security of SNARKs in the Presence of Oracles

Dario Fiore and Anca Nitulescu

Abstract

In this work we study the feasibility of knowledge extraction for succinct non-interactive arguments of knowledge (SNARKs) in a scenario that, to the best of our knowledge, has not been analyzed before. While prior work focuses on the case of adversarial provers that may receive (statically generated) {\em auxiliary information}, here we consider the scenario where adversarial provers are given {\em access to an oracle}. For this setting we study if and under what assumptions such provers can admit an extractor. Our contribution is mainly threefold. First, we formalize the question of extraction in the presence of oracles by proposing a suitable proof of knowledge definition for this setting. We call SNARKs satisfying this definition O-SNARKs. Second, we show how to use O-SNARKs to obtain formal and intuitive security proofs for three applications (homomorphic signatures, succinct functional signatures, and SNARKs on authenticated data) where we recognize an issue while doing the proof under the standard proof of knowledge definition of SNARKs. Third, we study whether O-SNARKs exist, providing both negative and positive results. On the negative side, we show that, assuming one way functions, there do not exist O-SNARKs in the standard model for every signing oracle family (and thus for general oracle families as well). On the positive side, we show that when considering signature schemes with appropriate restrictions on the message length O-SNARKs for the corresponding signing oracles exist, based on classical SNARKs and assuming extraction with respect to specific distributions of auxiliary input.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
A major revision of an IACR publication in TCC 2016
Keywords
succinct non-interactive argumentsknowledge extractiondigital signatures
Contact author(s)
dario fiore @ imdea org
History
2016-08-23: revised
2016-02-10: received
See all versions
Short URL
https://ia.cr/2016/112
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/112,
      author = {Dario Fiore and Anca Nitulescu},
      title = {On the (In)security of {SNARKs} in the Presence of Oracles},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/112},
      year = {2016},
      url = {https://eprint.iacr.org/2016/112}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.