Paper 2024/1153
Designated-Verifier zk-SNARKs Made Easy
Abstract
Zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) is a kind of proof system that enables a prover to convince a verifier that an NP statement is true efficiently. In the last decade, various studies made a lot of progress in constructing more efficient and secure zk-SNARKs. Our research focuses on designated-verifier zk-SNARKs, where only the verifier knowing some secret verification state can be convinced by the proof. A natural idea of getting a designated-verifier zk-SNARK is encrypting a publicly-verifiable zk-SNARK's proof via public-key encryption. This is also the core idea behind the well-known transformation proposed by Bitansky et al. in TCC 2013 to obtain designated-verifier zk-SNARKs. However, the transformation only applies to zk-SNARKs which requires the complicated trusted setup phase and sticks on storage-expensive common reference strings. The loss of the secret verification state also makes the proof immediately lose the designated-verifier property. To address these issues, we first define "strong designated-verifier" considering the case where the adversary has access to the secret verification state, then propose a construction of strong designated-verifier zk-SNARKs. The construction inspired by designated verifier signatures based on two-party ring signatures does not use encryption and can be applied on any public-verifiable zk-SNARKs to yield a designated-verifiable variant. We introduce our construction under the circuit satisfiability problem and implement it in Circom, then test it on different zk-SNARKs, showing the validity of our construction.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- zero-knowledge proofSNARKsdesignated verifiercircuit satisfiability
- Contact author(s)
-
lich368 @ mail2 sysu edu cn
isszhfg @ mail sysu edu cn - History
- 2024-07-19: approved
- 2024-07-16: received
- See all versions
- Short URL
- https://ia.cr/2024/1153
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1153, author = {Chen Li and Fangguo Zhang}, title = {Designated-Verifier zk-{SNARKs} Made Easy}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1153}, year = {2024}, url = {https://eprint.iacr.org/2024/1153} }