Subversion-resistant zero knowledge (Georg Fuchsbauer, ENS Paris)
Date:
Thursday, October 12, 2017 14:00 - 15:30
Speaker:
Georg Fuchsbauer (ENS Paris)
Location:
Meeting room 2nd floor / Central Bldg. (I01.2OG.)
Series:
Mathematics and CS Seminar
Host:
Krzysztof Pietrzak
Contact:
Pietrzak Krzysztof
Motivated by the subversion of trusted public parameters in mass-surveillance activities, we study the security of non-interactive zero-knowledge (NIZK) proofs in the presence of a maliciously chosen common reference string. We provide definitions for subversion-resistant soundness and zero knowledge. After showing that subversion-soundness is impossible for NIZKs, we construct a subversion-ZK proof system.We then turn to ZK-SNARKs (succinct non-interactive arguments of knowledge), which are NIZK systems with short and efficiently verifiable proofs, used e.g. in cryptocurrencies such as Zcash. We show that under plausible hardness assumptions, many SNARK schemes proposed in the literature are subversion-ZK or can be made at very little cost.