Paper 2022/290

Universally Composable Sigma-protocols in the Global Random-Oracle Model

Anna Lysyanskaya
Leah Namisa Rosenbloom

Numerous cryptographic applications require efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoK) as a building block. Typically they rely on the Fiat-Shamir heuristic to do so, as security in the random-oracle model is considered good enough in practice. However, there is a troubling disconnect between the stand-alone security of such a protocol and its security as part of a larger, more complex system where several protocols may be running at the same time. Provable security in the general universal composition model (GUC model) of Canetti et al. is the best guarantee that nothing will go wrong when a system is part of a larger whole, even when all parties share a common random oracle. In this paper, we prove the minimal necessary properties of generally universally composable (GUC) NIZKPoK in any global random-oracle model, and show how to achieve efficient and GUC NIZKPoK in both the restricted programmable and restricted observable (non-programmable) global random-oracle models.

Note: Minor revisions

Available format(s)
Publication info
Published by the IACR in TCC 2022
zero knowledge proofs of knowledge NIZK universal composability GUC model global random oracle model
Contact author(s)
anna_lysyanskaya @ brown edu
leah_rosenbloom @ brown edu
2022-10-28: last of 3 revisions
2022-03-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Anna Lysyanskaya and Leah Namisa Rosenbloom},
      title = {Universally Composable Sigma-protocols in the Global Random-Oracle Model},
      howpublished = {Cryptology ePrint Archive, Paper 2022/290},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.