On the size of pairing-based non-interactive arguments

J Groth - Advances in Cryptology–EUROCRYPT 2016: 35th …, 2016 - Springer
Non-interactive arguments enable a prover to convince a verifier that a statement is true.
Recently there has been a lot of progress both in theory and practice on constructing highly …

Noninteractive zero knowledge for NP from (plain) learning with errors

C Peikert, S Shiehian - Annual International Cryptology Conference, 2019 - Springer
We finally close the long-standing problem of constructing a noninteractive zero-knowledge
(NIZK) proof system for any NP language with security based on the plain Learning With …

Quadratic span programs and succinct NIZKs without PCPs

R Gennaro, C Gentry, B Parno, M Raykova - Advances in Cryptology …, 2013 - Springer
We introduce a new characterization of the NP complexity class, called Quadratic Span
Programs (QSPs), which is a natural extension of span programs defined by Karchmer and …

On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption

A López-Alt, E Tromer, V Vaikuntanathan - Proceedings of the forty …, 2012 - dl.acm.org
We propose a new notion of secure multiparty computation aided by a computationally-
powerful but untrusted" cloud" server. In this notion that we call on-the-fly multiparty …

Candidate multilinear maps from ideal lattices

S Garg, C Gentry, S Halevi - … 32nd Annual International Conference on the …, 2013 - Springer
We describe plausible lattice-based constructions with properties that approximate the
sought-after multilinear maps in hard-discrete-logarithm groups, and show an example …

Fiat-Shamir: from practice to theory

R Canetti, Y Chen, J Holmgren, A Lombardi… - Proceedings of the 51st …, 2019 - dl.acm.org
We give new instantiations of the Fiat-Shamir transform using explicit, efficiently computable
hash functions. We improve over prior work by reducing the security of these protocols to …

Universally composable security: A new paradigm for cryptographic protocols

R Canetti - Proceedings 42nd IEEE Symposium on Foundations …, 2001 - ieeexplore.ieee.org
We propose a novel paradigm for defining security of cryptographic protocols, called
universally composable security. The salient property of universally composable definitions …

Snarky signatures: Minimal signatures of knowledge from simulation-extractable SNARKs

J Groth, M Maller - Annual International Cryptology Conference, 2017 - Springer
We construct a pairing based simulation-extractable SNARK (SE-SNARK) that consists of
only 3 group elements and has highly efficient verification. By formally linking SE-SNARKs to …

Updatable and universal common reference strings with applications to zk-SNARKs

J Groth, M Kohlweiss, M Maller, S Meiklejohn… - Annual International …, 2018 - Springer
By design, existing (pre-processing) zk-SNARKs embed a secret trapdoor in a relation-
dependent common reference strings (CRS). The trapdoor is exploited by a (hypothetical) …

LaBRADOR: compact proofs for R1CS from module-SIS

W Beullens, G Seiler - Annual International Cryptology Conference, 2023 - Springer
The most compact quantum-safe proof systems for large circuits are PCP-type systems such
as Ligero, Aurora, and Shockwave, that only use weak cryptographic assumptions, namely …