Paper 2021/1090

Towards Accountability in CRS Generation

Prabhanjan Ananth, Gilad Asharov, Hila Dahari, and Vipul Goyal


It is well known that several cryptographic primitives cannot be achieved without a common reference string (CRS). Those include, for instance, non-interactive zero-knowledge for NP, or maliciously secure computation in fewer than four rounds. The security of those primitives heavily relies upon on the assumption that the trusted authority, who generates the CRS, does not misuse the randomness used in the CRS generation. However, we argue that there is no such thing as an unconditionally trusted authority and every authority must be held accountable for any trust to be well-founded. Indeed, a malicious authority can, for instance, recover private inputs of honest parties given transcripts of the protocols executed with respect to the CRS it has generated. While eliminating trust in the trusted authority may not be entirely feasible, can we at least move towards achieving some notion of accountability? We propose a new notion in which, if the CRS authority releases the private inputs of protocol executions to others, we can then provide a publicly-verifiable proof that certifies that the authority misbehaved. We study the feasibility of this notion in the context of non-interactive zero knowledge and two-round secure two-party computation.

Available format(s)
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2021
common reference stringzero knowledgeoblivious transfersecure two-party computation
Contact author(s)
Gilad Asharov @ biu ac il
2021-08-25: received
Short URL
Creative Commons Attribution


      author = {Prabhanjan Ananth and Gilad Asharov and Hila Dahari and Vipul Goyal},
      title = {Towards Accountability in {CRS} Generation},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1090},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.