Abstract
The famous zero-knowledge succinct non-interactive arguments of knowledge(zk-SNARK)was proposed by Groth in 2016.Typically,the construction is based on quadratic arithmetic programs which are highly efficient concerning the proof length and the verification complexity.Since then,there has been much progress in designing zk-SNARKs,achieving stronger security,and simulated extractability,which is analogous to non-malleability and has broad applications.In this study,following Groth's pairing-based zk-SNARK,a simulation extractability zk-SNARK under the random oracle model is constructed.Our construction relies on a newly proposed property named target linearly collision-resistant,which is satisfied by random oracles under discrete logarithm assumptions.Compared to the original Groth 16 zk-SNARK,in our construction,both parties are allowed to use such a random oracle,aiming to get the same random number.The resulting proof consists of 3 group elements and only 1 pairing equation needs to be verified.Compared to other related works,our construction is shorter in proof length and simpler in verification while preserving simulation extractability.The results also extend to achieve subversion zero-knowledge SNARKs.
基金项目
National Key R&D Program of China(2019YFB2101703)
National Natural Science Foundation of China(62272107)
National Natural Science Foundation of China(U19A2066)
Innovation Action Plan of Shanghai Science and Technology(21511102200)
Key R&D Program of Guangdong Province(2020B0101090001)
万方数据