UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Updatable and universal common reference strings with applications to zk-SNARKs

Groth, J; Kohlweiss, M; Maller, M; Meiklejohn, S; Miers, I; (2018) Updatable and universal common reference strings with applications to zk-SNARKs. In: Shacham, H and Boldyreva, A, (eds.) Advances in Cryptology – CRYPTO 2018. CRYPTO 2018. Lecture Notes in Computer Science, vol 10993. (pp. pp. 698-728). Springer: Cham. Green open access

[thumbnail of main.pdf]
Preview
Text
main.pdf - Published Version

Download (553kB) | Preview

Abstract

By design, existing (pre-processing) zk-SNARKs embed a secret trapdoor in a relation-dependent common reference strings (CRS). The trapdoor is exploited by a (hypothetical) simulator to prove the scheme is zero knowledge, and the secret-dependent structure facilitates a linear-size CRS and linear-time prover computation. If known by a real party, however, the trapdoor can be used to subvert the security of the system. The structured CRS that makes zk-SNARKs practical also makes deploying zk-SNARKS problematic, as it is difficult to argue why the trapdoor would not be available to the entity responsible for generating the CRS. Moreover, for pre-processing zk-SNARKs a new trusted CRS needs to be computed every time the relation is changed. In this paper, we address both issues by proposing a model where a number of users can update a universal CRS. The updatable CRS model guarantees security if at least one of the users updating the CRS is honest. We provide both a negative result, by showing that zk-SNARKs with private secret-dependent polynomials in the CRS cannot be updatable, and a positive result by constructing a zk-SNARK based on a CRS consisting only of secret-dependent monomials. The CRS is of quadratic size, is updatable, and is universal in the sense that it can be specialized into one or more relation-dependent CRS of linear size with linear-time prover computation.

Type: Proceedings paper
Title: Updatable and universal common reference strings with applications to zk-SNARKs
Event: Annual International Cryptology Conference 2018
ISBN-13: 9783319968773
Open access status: An open access version is available from UCL Discovery
DOI: 10.1007/978-3-319-96878-0_24
Publisher version: https://doi.org/10.1007/978-3-319-96878-0_24
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/10055889
Downloads since deposit
282Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item