Compact E-Cash and Simulatable VRFs Revisited
- Cite this paper as:
- Belenkiy M., Chase M., Kohlweiss M., Lysyanskaya A. (2009) Compact E-Cash and Simulatable VRFs Revisited. In: Shacham H., Waters B. (eds) Pairing-Based Cryptography – Pairing 2009. Pairing 2009. Lecture Notes in Computer Science, vol 5671. Springer, Berlin, Heidelberg
Efficient non-interactive zero-knowledge proofs are a powerful tool for solving many cryptographic problems. We apply the recent Groth-Sahai (GS) proof system for pairing product equations (Eurocrypt 2008) to two related cryptographic problems: compact e-cash (Eurocrypt 2005) and simulatable verifiable random functions (CRYPTO 2007). We present the first efficient compact e-cash scheme that does not rely on a random oracle. To this end we construct efficient GS proofs for signature possession, pseudo randomness and set membership. The GS proofs for pseudorandom functions give rise to a much cleaner and substantially faster construction of simulatable verifiable random functions (sVRF) under a weaker number theoretic assumption. We obtain the first efficient fully simulatable sVRF with a polynomial sized output domain (in the security parameter).
Unable to display preview. Download preview PDF.