### Towards Accountability in CRS Generation

Prabhanjan Ananth, Gilad Asharov, Hila Dahari, and Vipul Goyal

##### Abstract

It is well known that several cryptographic primitives cannot be achieved without a common reference string (CRS). Those include, for instance, non-interactive zero-knowledge for NP, or maliciously secure computation in fewer than four rounds. The security of those primitives heavily relies upon on the assumption that the trusted authority, who generates the CRS, does not misuse the randomness used in the CRS generation. However, we argue that there is no such thing as an unconditionally trusted authority and every authority must be held accountable for any trust to be well-founded. Indeed, a malicious authority can, for instance, recover private inputs of honest parties given transcripts of the protocols executed with respect to the CRS it has generated. While eliminating trust in the trusted authority may not be entirely feasible, can we at least move towards achieving some notion of accountability? We propose a new notion in which, if the CRS authority releases the private inputs of protocol executions to others, we can then provide a publicly-verifiable proof that certifies that the authority misbehaved. We study the feasibility of this notion in the context of non-interactive zero knowledge and two-round secure two-party computation.

Available format(s)
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2021
Keywords
common reference stringzero knowledgeoblivious transfersecure two-party computation
Contact author(s)
Gilad Asharov @ biu ac il
History
Short URL
https://ia.cr/2021/1090

CC BY

BibTeX

@misc{cryptoeprint:2021/1090,
author = {Prabhanjan Ananth and Gilad Asharov and Hila Dahari and Vipul Goyal},
title = {Towards Accountability in CRS Generation},
howpublished = {Cryptology ePrint Archive, Paper 2021/1090},
year = {2021},
note = {\url{https://eprint.iacr.org/2021/1090}},
url = {https://eprint.iacr.org/2021/1090}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.