Authors
Jens Groth, Markulf Kohlweiss, Mary Maller, Sarah Meiklejohn, Ian Miers
Publication date
2018/7/24
Book
Annual International Cryptology Conference
Pages
698-728
Publisher
Springer International Publishing
Description
By design, existing (pre-processing) zk-SNARKs embed a secret trapdoor in a relation-dependent common reference strings (CRS). The trapdoor is exploited by a (hypothetical) simulator to prove the scheme is zero knowledge, and the secret-dependent structure facilitates a linear-size CRS and linear-time prover computation. If known by a real party, however, the trapdoor can be used to subvert the security of the system. The structured CRS that makes zk-SNARKs practical also makes deploying zk-SNARKS problematic, as it is difficult to argue why the trapdoor would not be available to the entity responsible for generating the CRS. Moreover, for pre-processing zk-SNARKs a new trusted CRS needs to be computed every time the relation is changed.
In this paper, we address both issues by proposing a model where a number of users can update a universal CRS. The updatable CRS model …
Total citations
20192020202120222023202422414039487
Scholar articles
J Groth, M Kohlweiss, M Maller, S Meiklejohn, I Miers - Annual International Cryptology Conference, 2018