A More Efficient Computationally Sound Non-Interactive Zero-Knowledge Shuffle Argument

  • Helger Lipmaa
  • Bingsheng Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7485)


We propose a new non-interactive (perfect) zero-knowledge (NIZK) shuffle argument that, when compared the only previously known efficient NIZK shuffle argument by Groth and Lu, has a small constant factor times smaller computation and communication, and is based on more standard computational assumptions. Differently from Groth and Lu who only prove the co-soundness of their argument under purely computational assumptions, we prove computational soundness under a necessary knowledge assumption. We also present a general transformation that results in a shuffle argument that has a quadratically smaller common reference string (CRS) and a small constant factor times times longer argument than the original shuffle.


Bilinear pairings cryptographic shuffle non-interactive zero-knowledge progression-free sets 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abe, M., Fehr, S.: Perfect NIZK with Adaptive Soundness. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 118–136. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Bayer, S., Groth, J.: Efficient Zero-Knowledge Argument for Correctness of a Shuffle. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 263–280. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Boyen, X., Shacham, H.: Short Group Signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  4. 4.
    Chaabouni, R., Lipmaa, H., Zhang, B.: A Non-Interactive Range Proof with Constant Communication. In: Keromytis, A. (ed.) FC 2012, February 27-March 2. LNCS. Springer, Heidelberg (2012)Google Scholar
  5. 5.
    Clos, C.: A Study of Non-Blocking Switching Networks. Bell System Technical Journal 32(2), 406–424 (1953)Google Scholar
  6. 6.
    Damgård, I.: Towards Practical Public Key Systems Secure against Chosen Ciphertext Attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445–456. Springer, Heidelberg (1992)Google Scholar
  7. 7.
    Elkin, M.: An Improved Construction of Progression-Free Sets. Israeli Journal of Mathematics 184, 93–128 (2011)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Erdős, P., Turán, P.: On Some Sequences of Integers. Journal of the London Mathematical Society 11(4), 261–263 (1936)CrossRefGoogle Scholar
  9. 9.
    Furukawa, J., Sako, K.: An Efficient Scheme for Proving a Shuffle. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 368–387. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Golle, P., Jarecki, S., Mironov, I.: Cryptographic Primitives Enforcing Communication and Storage Complexity. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 120–135. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Groth, J.: Linear Algebra with Sub-linear Zero-Knowledge Arguments. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 192–208. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Groth, J.: Short Pairing-Based Non-interactive Zero-Knowledge Arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  13. 13.
    Groth, J., Ishai, Y.: Sub-linear Zero-Knowledge Argument for Correctness of a Shuffle. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 379–396. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Groth, J., Lu, S.: A Non-interactive Shuffle with Pairing Based Verifiability. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 51–67. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Groth, J., Ostrovsky, R., Sahai, A.: Perfect Non-interactive Zero Knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Groth, J., Ostrovsky, R., Sahai, A.: New Techniques for Non-interactive Zero Knowledge (March 7, 2011), full version of [15]. Draft, available from the authorsGoogle Scholar
  17. 17.
    Groth, J., Sahai, A.: Efficient Non-interactive Proof Systems for Bilinear Groups. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Lipmaa, H.: Progression-Free Sets and Sublinear Pairing-Based Non-Interactive Zero-Knowledge Arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169–189. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  19. 19.
    Lipmaa, H., Zhang, B.: A More Efficient Computationally Sound Non-Interactive Zero-Knowledge Shuffle Argument. Tech. Rep. 2011/394, International Association for Cryptologic Research (July 21, 2011), http://eprint.iacr.org/2011/394
  20. 20.
    Rial, A., Kohlweiss, M., Preneel, B.: Universally Composable Adaptive Priced Oblivious Transfer. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 231–247. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Sanders, T.: On Roth’s Theorem on Progressions. Annals of Mathematics 174(1), 619–636 (2011)MathSciNetMATHCrossRefGoogle Scholar
  22. 22.
    Tao, T., Vu, V.: Additive Combinatorics. Cambridge Studies in Advanced Mathematics. Cambridge University Press (2006)Google Scholar
  23. 23.
    Terelius, B., Wikström, D.: Proofs of Restricted Shuffles. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 100–113. Springer, Heidelberg (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Helger Lipmaa
    • 1
  • Bingsheng Zhang
    • 2
  1. 1.University of TartuEstonia
  2. 2.State University of New York at BuffaloUSA

Personalised recommendations