Cryptology ePrint Archive: Report 2021/1090

Towards Accountability in CRS Generation

Prabhanjan Ananth and Gilad Asharov and Hila Dahari and Vipul Goyal

Abstract: It is well known that several cryptographic primitives cannot be achieved without a common reference string (CRS). Those include, for instance, non-interactive zero-knowledge for NP, or maliciously secure computation in fewer than four rounds. The security of those primitives heavily relies upon on the assumption that the trusted authority, who generates the CRS, does not misuse the randomness used in the CRS generation. However, we argue that there is no such thing as an unconditionally trusted authority and every authority must be held accountable for any trust to be well-founded. Indeed, a malicious authority can, for instance, recover private inputs of honest parties given transcripts of the protocols executed with respect to the CRS it has generated.

While eliminating trust in the trusted authority may not be entirely feasible, can we at least move towards achieving some notion of accountability? We propose a new notion in which, if the CRS authority releases the private inputs of protocol executions to others, we can then provide a publicly-verifiable proof that certifies that the authority misbehaved. We study the feasibility of this notion in the context of non-interactive zero knowledge and two-round secure two-party computation.

Category / Keywords: cryptographic protocols / common reference string, zero knowledge, oblivious transfer, secure two-party computation

Original Publication (with major differences): IACR-EUROCRYPT-2021

Date: received 24 Aug 2021

Contact author: Gilad Asharov at biu ac il

Available format(s): PDF | BibTeX Citation

Version: 20210825:064146 (All versions of this report)

Short URL: ia.cr/2021/1090


[ Cryptology ePrint archive ]