[Resource Topic] 2020/1306: Simulation Extractable Versions of Groth’s zk-SNARK Revisited

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2020/1306

Title:
Simulation Extractable Versions of Groth’s zk-SNARK Revisited

Authors: Oussama Amine, Karim Baghery, Zaira Pindado, Carla Ràfols

Abstract:

Zero-knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARKs) are the most efficient proof systems in terms of proof size and verification. Currently, Groth’s construction from EUROCRYPT 2016, \mathsf{Groth16}, is the state-of-the-art and is widely deployed in practice. \mathsf{Groth16} is originally proven to achieve knowledge soundness, which does not guarantee the non-malleability of proofs. There has been considerable progress in presenting new zk-SNARKs or modifying \mathsf{Groth16} to efficiently achieve \textit{strong} Simulation Extractability (SE), which is shown to be a necessary requirement in some applications. In this paper, we revise the Random Oracle (RO) based variant of \mathsf{Groth16} proposed by Bowe and Gabizon, BG18, the most efficient one in terms of prover efficiency and CRS size among the candidates, and present two efficient variants. In the first variant, we show that one can save 1 pairing in the verification and also relax the RO to a collision-resistant hash function. This is achieved at the cost of a single new element in the common reference string, and one exponentiation in G_T in the verification. In the second variant, we focus on the efficiency and present an SE zk-SNARK that has a minimal overhead on \mathsf{Groth16}. Namely, it adds only 1 element to the proof and 1 exponentiation in G_2 to the verification of \mathsf{Groth16}. We implement our proposed SE zk-SNARKs along with BG18 in the Arkworks library, and compare the efficiency of our schemes with some related works. Our empirical experiences confirm that our second SE zk-SNARK is more efficient than all previous SE schemes in most dimensions and it has very close efficiency to the original \mathsf{Groth16}.

ePrint: https://eprint.iacr.org/2020/1306

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .