Another Look at Extraction and Randomization of Groth's zk-SNARK

Karim Baghery, Markulf Kohlweiss, Janno Siim, Mikhail Volkhov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

Due to the simplicity and performance of zk-SNARKs they are widely used in real-world cryptographic protocols, including blockchain and smart contract systems. Simulation Extractability (SE) is a necessary security property for a NIZK argument to achieve Universal Composability (UC), a common requirement for such protocols. Most of the works that investigate SE focus on its strong variant which implies proof non-malleability. In this work we investigate a relaxed weaker notion, that allows proof randomization, while guaranteeing statement non-malleability, which we argue to be a more natural security property. First, we show that it is already achievable by Groth16, arguably the most efficient and widely deployed SNARK nowadays. Second, we show that because of this, Groth16 can be efficiently transformed into a black-box weakly SE NIZK, which is sufficient for UC protocols.
Original languageEnglish
Title of host publicationFinancial Cryptography and Data Security
EditorsNikita Borisov, Claudia Diaz
Place of PublicationBerlin, Heidelberg
PublisherSpringer
Pages457-475
Number of pages19
ISBN (Electronic)978-3-662-64322-8
ISBN (Print)978-3-662-64321-1
DOIs
Publication statusPublished - 23 Oct 2021
EventFinancial Cryptography and Data Security 2021 Twenty-Fifth International Conference - Virtual Conference
Duration: 1 Mar 20215 Mar 2021
Conference number: 25
https://fc21.ifca.ai/index.php

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume12674
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceFinancial Cryptography and Data Security 2021 Twenty-Fifth International Conference
Period1/03/215/03/21
Internet address

Keywords / Materials (for Non-textual outputs)

  • zk-SNARKs
  • Simulation extractability
  • UC security

Fingerprint

Dive into the research topics of 'Another Look at Extraction and Randomization of Groth's zk-SNARK'. Together they form a unique fingerprint.

Cite this