Paper 2024/1153

Designated-Verifier zk-SNARKs Made Easy

Chen Li, Sun Yat-sen University
Fangguo Zhang, Sun Yat-sen University
Abstract

Zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) is a kind of proof system that enables a prover to convince a verifier that an NP statement is true efficiently. In the last decade, various studies made a lot of progress in constructing more efficient and secure zk-SNARKs. Our research focuses on designated-verifier zk-SNARKs, where only the verifier knowing some secret verification state can be convinced by the proof. A natural idea of getting a designated-verifier zk-SNARK is encrypting a publicly-verifiable zk-SNARK's proof via public-key encryption. This is also the core idea behind the well-known transformation proposed by Bitansky et al. in TCC 2013 to obtain designated-verifier zk-SNARKs. However, the transformation only applies to zk-SNARKs which requires the complicated trusted setup phase and sticks on storage-expensive common reference strings. The loss of the secret verification state also makes the proof immediately lose the designated-verifier property. To address these issues, we first define "strong designated-verifier" considering the case where the adversary has access to the secret verification state, then propose a construction of strong designated-verifier zk-SNARKs. The construction inspired by designated verifier signatures based on two-party ring signatures does not use encryption and can be applied on any public-verifiable zk-SNARKs to yield a designated-verifiable variant. We introduce our construction under the circuit satisfiability problem and implement it in Circom, then test it on different zk-SNARKs, showing the validity of our construction.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
zero-knowledge proofSNARKsdesignated verifiercircuit satisfiability
Contact author(s)
lich368 @ mail2 sysu edu cn
isszhfg @ mail sysu edu cn
History
2024-07-19: approved
2024-07-16: received
See all versions
Short URL
https://ia.cr/2024/1153
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1153,
      author = {Chen Li and Fangguo Zhang},
      title = {Designated-Verifier zk-{SNARKs} Made Easy},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1153},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1153}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.