Paper 2016/866

A Shuffle Argument Secure in the Generic Model

Prastudy Fauzi, Helger Lipmaa, and Michał Zając


We propose a new random oracle-less NIZK shuffle argument. It has a simple structure, where the first verification equation ascertains that the prover has committed to a permutation matrix, the second verification equation ascertains that the same permutation was used to permute the ciphertexts, and the third verification equation ascertains that input ciphertexts were ``correctly'' formed. The new argument has $3.5$ times more efficient verification than the up-to-now most efficient shuffle argument by Fauzi and Lipmaa (CT-RSA 2016). Compared to the Fauzi-Lipmaa shuffle argument, we (i) remove the use of knowledge assumptions and prove our scheme is sound in the generic bilinear group model, and (ii) prove standard soundness, instead of culpable soundness.

Available format(s)
Publication info
Published by the IACR in ASIACRYPT 2016
Common reference stringgeneric bilinear group modelmix-netshuffle argumentzero knowledge.
Contact author(s)
prastudy fauzi @ gmail com
helger lipmaa @ gmail com
m zajac @ mimuw edu pl
2016-09-10: received
Short URL
Creative Commons Attribution


      author = {Prastudy Fauzi and Helger Lipmaa and Michał Zając},
      title = {A Shuffle Argument Secure in the Generic Model},
      howpublished = {Cryptology ePrint Archive, Paper 2016/866},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.