Paper 2018/475

Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures

Jonathan Katz, Vladimir Kolesnikov, and Xiao Wang


Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for arbitrary Boolean circuits based on symmetric- key primitives alone using the “MPC-in-the-head” paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300–100,000 AND gates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to move most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with “post-quantum” security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (with comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

Note: Fix a bug in Figure 2, thanks to Claudio Orlandi, Akira Takahashi, and Greg Zaverucha.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
zero-knowledge proofssignatures
Contact author(s)
wangxiao @ cs northwestern edu
2021-01-14: last of 4 revisions
2018-05-23: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jonathan Katz and Vladimir Kolesnikov and Xiao Wang},
      title = {Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures},
      howpublished = {Cryptology ePrint Archive, Paper 2018/475},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.