Cryptology ePrint Archive: Report 2021/165

Composition with Knowledge Assumptions

Thomas Kerber and Aggelos Kiayias and Markulf Kohlweiss

Abstract: Zero-knowledge succinct non-interactive arguments (zk-SNARKs) rely on knowledge assumptions for their security. Meanwhile, as the complexity and scale of cryptographic systems continues to grow, the composition of secure protocols is of vital importance. The current gold standards of composable security, the Universal Composability and Constructive Cryptography frameworks cannot capture knowledge assumptions, as their core proofs of composition prohibit white-box extraction. In this paper, we present a formal model allowing the composition of knowledge assumptions. Despite showing impossibility for the general case, we demonstrate the modelís usefulness when limiting knowledge assumptions to few instances of protocols at a time. We finish by providing the first instance of a simultaneously succinct and composable zk-SNARK, by using existing results within our framework.

Category / Keywords: foundations / zero knowledge, composition, knowledge assumptions

Date: received 14 Feb 2021

Contact author: papers at tkerber org

Available format(s): PDF | BibTeX Citation

Version: 20210217:125108 (All versions of this report)

Short URL: ia.cr/2021/165


[ Cryptology ePrint archive ]