Welcome to the resource topic for 2016/476
Title:
Groth-Sahai Proofs Revisited Again: A Bug in ``Optimized’’ Randomization
Authors: Keita Xagawa
Abstract:The Groth-Sahai proof system (EUROCRYPT 2008, SIAM Journal of Computing 41(5)) provides efficient non-interactive witness-indistinguishable (NIWI) and zero-knowledge (NIZK) proof systems for languages over bilinear groups and is a widely-used versatile tool to design efficient cryptographic schemes and protocols. We revisit randomization of the prover in the GS proof system. We find an unnoticed bug in the optimized'' randomization in the symmetric bilinear setting with several assumptions, say, the DLIN assumption or the matrix-DH assumption. This bug leads to security issues of the GS NIWI proof system with optimized’’ randomization for multi-scalar multiplication equations and the GS NIZK proof system with ``optimized’’ randomization for certain cases of pairing product equations and multi-scalar multiplication equations.
ePrint: https://eprint.iacr.org/2016/476
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .