A Transform for NIZK Almost as Efficient and General as the Fiat-Shamir Transform Without Programmable Random Oracles

Michele Ciampi, Giuseppe Persiano, Luisa Siniscalchi, Ivan Visconti

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

The Fiat-Shamir (FS) transform is a popular technique for obtaining practical zero-knowledge argument systems. The FS transform uses a hash function to generate, without any further overhead, non-interactive zero-knowledge (NIZK) argument systems from public-coin honest-verifier zero-knowledge (public-coin HVZK) proof systems. In the proof of zero knowledge, the hash function is modeled as a programmable random oracle (PRO).

In TCC 2015, Lindell embarked on the challenging task of obtaining a similar transform with improved heuristic security. Lindell showed that, for several interesting and practical languages, there exists an efficient transform in the non-programmable random oracle (NPRO) model that also uses a common reference string (CRS). A major contribution of Lindell’s transform is that zero knowledge is proved without random oracles and this is an important step towards achieving efficient NIZK arguments in the CRS model without random oracles.

In this work, we analyze the efficiency and generality of Lindell’s transform and notice a significant gap when compared with the FS transform. We then propose a new transform that aims at filling this gap. Indeed our transform is almost as efficient as the FS transform and can be applied to a broad class of public-coin HVZK proof systems. Our transform requires a CRS and an NPRO in the proof of soundness, similarly to Lindell’s transform.
Original languageEnglish
Title of host publicationTheory of Cryptography
EditorsEyal Kushilevitz, Tal Malkin
Place of PublicationBerlin, Heidelberg
PublisherSpringer Berlin Heidelberg
Number of pages29
ISBN (Electronic)978-3-662-49099-0
ISBN (Print)978-3-662-49098-3
Publication statusPublished - 2016
Event13th Theory of Cryptography Conference - Tel Aviv, Israel
Duration: 10 Jan 201613 Jan 2016


Conference13th Theory of Cryptography Conference
Abbreviated titleTCC 2016-A
CityTel Aviv
Internet address


Dive into the research topics of 'A Transform for NIZK Almost as Efficient and General as the Fiat-Shamir Transform Without Programmable Random Oracles'. Together they form a unique fingerprint.

Cite this