IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Charlas Invitadas > 2018 > Subversion-resistant zero knowledge
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Georg Fuchsbauer

jueves 24 de mayo de 2018

2:45pm Meeting room 302 (Mountain View), level 3

Georg Fuchsbauer, Associate Research Professor, INRIA

Subversion-resistant zero knowledge

Abstract:

Zero-knowledge proofs allow a prover to convince a verifier of the validity of a statement without revealing anything else. Non-interactive zero-knowledge (NIZK) proofs are a central concept in cryptography, which relies on parameters that must be set up in a trusted way. Motivated by the subversion of “trusted” public parameters in mass-surveillance activities, we study the security of NIZK proofs in the face of parameter subversion. We investigate which security properties of NIZK proofs can be salvaged when the parameters are set up maliciously.

We then turn to SNARKs, which are proof systems with short and efficiently verifiable proofs. Motivated by outsourcing of computation, they let an untrusted server attach a short proof that the result was computed correctly. Zero-knowledge SNARKs are today used e.g. in anonymous cryptocurrencies such as Zcash. We prove that many ZK-SNARK schemes proposed in the literature are in fact subversion-ZK or can be made at little cost and show that Zcash is anonymous even if the parameter setup was subverted.