Fine-Tuning Groth-Sahai Proofs
Groth-Sahai proofs are efficient non-interactive zero-knowledge proofs that have found widespread use in pairing-based cryptography. We propose efficiency improvements of Groth-Sahai proofs in the SXDH setting, which is the one that yields the most efficient non-interactive zero-knowledge proofs.
We replace some of the commitments with ElGamal encryptions, which reduces the prover’s computation and for some types of equations reduces the proof size.
Groth-Sahai proofs are zero-knowledge when no public elements are paired to each other. We observe that they are also zero-knowledge when base elements for the groups are paired to public constants.
The prover’s computation can be reduced by letting her pick her own common reference string. By giving a proof she has picked a valid common reference string this does not compromise soundness.
We define a type-based commit-and-prove scheme, which allows commitments to be reused in many different proofs.
KeywordsNon-interactive zero-knowledge proofs commit-and-prove schemes Groth-Sahai proofs type-based commitments
- [CLOS02]Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: 34th ACM STOC, pp. 494–503. ACM Press (2002)Google Scholar
- [EG13]Alex Escala and Jens Groth. Fine-Tuning Groth-Sahai Proofs. Cryptology ePrint Archive, Report 2013/662Google Scholar
- [Kil90]Kilian, J.: Uses of randomness in algorithms and protocols. MIT Press (1990)Google Scholar
- [Mei09]Meiklejohn, S.: An Extension of the Groth-Sahai Proof System. Master’s thesis, Brown University, Providence, RI (2009)Google Scholar