Simulatable VRFs with Applications to Multi-theorem NIZK
نویسندگان
چکیده
This paper introduces simulatable verifiable random functions (sVRF). VRFs are similar to pseudorandom functions, except that they are also verifiable: corresponding to each seed SK, there is a public key PK, and for y = FPK(x), it is possible to prove that y is indeed the value of the function seeded by SK. A simulatable VRF is a VRF for which this proof can be simulated, so a simulator can pretend that the value of FPK(x) is any y. Our contributions are as follows. We introduce the notion of sVRF. We give two constructions: one from general assumptions (based on NIZK), but inefficient, just as a proof of concept; the other construction is practical and based on a special assumption about composite-order groups with bilinear maps. We then use an sVRF to get a direct transformation from a single-theorem non-interactive zero-knowledge proof system for a language L to a multi-theorem non-interactive proof system for the same
منابع مشابه
"Metaproofs" (and their Cryptographic Applications)
We develop a non-interactive proof-system which we call “Metaproof” (μ-NIZK proof system); it provides a proof of “the existence of a proof to a statement”. This metamathematical notion indeed seems redundant when we deal with proving NP statements, but in the context of zero-knowledge theory and cryptography it has a large variety of applications. Combined with another tool we develop which we...
متن کاملVerifiable Random Permutations
Pseudorandom Functions (PRFs), introduced by Goldreich, Goldwasser and Micali [9], allow one to efficiently simulate the computation of a function which is indistinguishable from a truly random function. A seemingly stronger primitive is that of a (strong) pseudorandom permutation (PRP) [13], which allows one to efficiently simulate a truly random permutation (and its inverse). The celebrated r...
متن کاملCompact E-Cash and Simulatable VRFs Revisited
Efficient non-interactive zero-knowledge proofs are a powerful tool for solving many cryptographic problems. We apply the recent Groth-Sahai (GS) proof system for pairing product equations (Eurocrypt 2008) to two related cryptographic problems: compact e-cash (Eurocrypt 2005) and simulatable verifiable random functions (CRYPTO 2007). We present the first efficient compact e-cash scheme that doe...
متن کاملMulti-Theorem Preprocessing NIZKs from Lattices
Non-interactive zero-knowledge (NIZK) proofs are fundamental to modern cryptography. Numerous NIZK constructions are known in both the random oracle and the common reference string (CRS) models. In the CRS model, there exist constructions from several classes of cryptographic assumptions such as trapdoor permutations, pairings, and indistinguishability obfuscation. Notably absent from this list...
متن کاملRobust Non-interactive Zero Knowledge
Non-Interactive Zero Knowledge (NIZK), introduced by Blum, Feldman, and Micali in 1988, is a fundamental cryptographic primitive which has attracted considerable attention in the last decade and has been used throughout modern cryptography in several essential ways. For example, NIZK plays a central role in building provably secure public-key cryptosystems based on general complexity-theoretic ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007