Simulatable VRFs with applications to multi-theorem NIZK

Authors:
Melissa Chase;Anna Lysyanskaya
Affiliations:
Computer Science Department, Brown University, Providence, RI;Computer Science Department, Brown University, Providence, RI
Venue:
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Year:
2007

Citing 19
Cited 10

How to construct random functions

Journal of the ACM (JACM)
How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
Non-interactive zero-knowledge and its applications

STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Noninteractive zero-knowledge

SIAM Journal on Computing
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A Pseudorandom Generator from any One-way Function

SIAM Journal on Computing
Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions

SIAM Journal on Computing
Randomness-Efficient Non-Interactive Zero-Knowledge (Extended Abstract)

ICALP '97 Proceedings of the 24th International Colloquium on Automata, Languages and Programming
Unique Signatures and Verifiable Random Functions from the DH-DDH Separation

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof Systems

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Invariant Signatures and Non-Interactive Zero-Knowledge Proofs are Equivalent (Extended Abstract)

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Efficient Construction of (Distributed) Verifiable Random Functions

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Verifiable Random Functions

FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Zaps and their applications

FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
On the (In)security of the Fiat-Shamir Paradigm

FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
A verifiable random function with short proofs and keys

PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Evaluating 2-DNF formulas on ciphertexts

TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Perfect non-interactive zero knowledge for NP

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

The Uber-Assumption Family

Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Weak Verifiable Random Functions

TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Verifiable Random Functions from Identity-Based Key Encapsulation

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Compact E-Cash and Simulatable VRFs Revisited

Pairing '09 Proceedings of the 3rd International Conference Palo Alto on Pairing-Based Cryptography
Batch pairing delegation

IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Improved algebraic cryptanalysis of QUAD, Bivium and Trivium via graph partitioning on equation systems

ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Sub-linear size traceable ring signatures without random oracles

CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Efficiency preserving transformations for concurrent non-malleable zero knowledge

TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Constructing verifiable random functions with large input spaces

EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Divisible e-cash in the standard model

Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper introduces simulatable verifiable random functions (sVRF). VRFs are similar to pseudorandom functions, except that they are also verifiable: corresponding to each seed SK, there is a public key PK, and for y = FPK(x), it is possible to prove that y is indeed the value of the function seeded by SK. A simulatable VRF is a VRF for which this proof can be simulated, so a simulator can pretend that the value of FPK(x) is any y. Our contributions are as follows. We introduce the notion of sVRF. We give two constructions: one from general assumptions (based on NIZK), but inefficient, just as a proof of concept; the other construction is practical and based on a special assumption about composite-order groups with bilinear maps. We then use an sVRF to get a direct transformation from a single-theorem non-interactive zero-knowledge proof system for a language L to a multi-theorem non-interactive proof system for the same language L.