[Resource Topic] 2025/2086: On Composing AGM-Secure Functionalities with Cryptographic Proofs: Applications to Unbounded-Depth IVC and More

Resource Cryptographic protocols
1

Welcome to the resource topic for 2025/2086

Title:
On Composing AGM-Secure Functionalities with Cryptographic Proofs: Applications to Unbounded-Depth IVC and More

Authors: Matteo Campanelli, Dario Fiore, Mahak Pancholi

Abstract:

Cryptographic proofs are a versatile primitive. They are useful in practice not only when used as a standalone tool (for example in verifiable computation), but also when applied \textit{on top} of other cryptographic functionalities — hash functions, signature schemes, and even proofs themselves — to \textit{enhance} their security guarantees (for example to provide succinctness). However, when the security of the other primitive is established in the Algebraic Group Model (AGM), the security of the resulting construction does not follow automatically.
We introduce a general methodology of \textit{provable security} for this setting. Our approach guarantees the security of \Pi \circ X, the composition of a cryptographic proof \Pi with a functionality X, whenever the security of X is analysed in the AGM. Our methodology has general applicability, with immediate relevance to IVC, proof aggregation, and aggregate signatures. We obtain:

  • \textbf{IVC for unbounded depth from AGM-secure proofs.} Incrementally Verifiable Computation (IVC) is a canonical example of composing cryptographic proofs with one another. Achieving provable security for IVC beyond constant-depth computations has remained a central open challenge. Using our methodology, we obtain new IVC instantiations that remain secure for unbounded-depth computations, when built from proofs analysed in the AGM. This broadens the class of proofs systems usable in the canonical IVC constructions to include prominent systems such as Groth16 and Marlin – proof systems not covered by prior analyses (e.g., Chiesa et al., TCC 2024).
  • \textbf{Succinct aggregation of AGM-secure signatures.} Applying our framework, we give the first provable security for the folklore proof-based construction of aggregate signatures from AGM-secure signatures. Prior analyses either exclude AGM-secure signatures or rely on heuristic assumptions. Establishing this result required resolving additional technical challenges beyond applying our framework – for example, reasoning about the security of proof systems in the presence of signing oracles.

ePrint: https://eprint.iacr.org/2025/2086

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .