Paper 2013/662

Fine-Tuning Groth-Sahai Proofs

Alex Escala and Jens Groth


Groth-Sahai proofs are efficient non-interactive zero-knowledge proofs that have found widespread use in pairing-based cryptography. We propose efficiency improvements of Groth-Sahai proofs in the SXDH setting, which is the one that yields the most efficient non-interactive zero-knowledge proofs. - We replace some of the commitments with ElGamal encryptions, which reduces the prover's computation and for some types of equations reduces the proof size. - Groth-Sahai proofs are zero-knowledge when no public elements are paired to each other. We observe that they are also zero-knowledge when base elements for the groups are paired to public constants. - The prover's computation can be reduced by letting her pick her own common reference string. By giving a proof she has picked a valid common reference string this does not compromise soundness. - We define a type-based commit-and-prove scheme, which allows commitments to be reused in many different proofs.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Non-interactive zero-knowledge proofscommit-and-prove schemesGroth-Sahai proofstype-based commitments
Contact author(s)
Alexandre Escala @ uab cat
2013-10-24: received
Short URL
Creative Commons Attribution


      author = {Alex Escala and Jens Groth},
      title = {Fine-Tuning Groth-Sahai Proofs},
      howpublished = {Cryptology ePrint Archive, Paper 2013/662},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.