Cryptology ePrint Archive: Report 2018/228

Non-interactive zaps of knowledge

Georg Fuchsbauer and Michele Orrù

Abstract: While non-interactive zero-knowledge (NIZK) proofs require trusted parameters, Groth, Ostrovsky and Sahai constructed non-interactive witness-indistinguishable (NIWI) proofs without any setup; they called their scheme a non-interactive zap. More recently, Bellare, Fuchsbauer and Scafuro investigated the security of NIZK in the face of parameter subversion and observe that NI zaps provide subversion-resistant soundness and WI. Arguments of knowledge prove that not only the statement is true, but also that the prover knows a witness for it, which is essential for anonymous identification. We present the first NIWI argument of knowledge without parameters, i.e., a NI zap of knowledge. Consequently, our scheme is also the first subversion-resistant knowledge-sound proof system, a notion recently proposed by Fuchsbauer.

Category / Keywords: cryptographic protocols / Non-interactive proofs, argument of knowledge, subversion resistance

Original Publication (in the same form): ACNS 2018

Date: received 26 Feb 2018, last revised 1 Apr 2018

Contact author: michele orru at ens fr

Available format(s): PDF | BibTeX Citation

Version: 20180401:213219 (All versions of this report)

Short URL: ia.cr/2018/228