Cryptology ePrint Archive: Report 2018/187

Making Groth's zk-SNARK Simulation Extractable in the Random Oracle Model

Sean Bowe and Ariel Gabizon

Abstract: We describe a variant of Groth's zk-SNARK [Groth, Eurocrypt 2016] that satisfies simulation extractability, which is a strong form of adaptive non-malleability. The proving time is almost identical to [Groth] and requires only two additional group operations. Our proof consists of 5 group elements rather than 3 as in [Groth], and the security proof requires the random oracle model.

Category / Keywords: zk-snarks, generic group model, non-malleability, simulation-extractability

Date: received 15 Feb 2018, last revised 21 Feb 2018

Contact author: ariel at z cash

Available format(s): PDF | BibTeX Citation

Version: 20180221:192432 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]