{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T00:35:15Z","timestamp":1775262915179,"version":"3.50.1"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030038069","type":"print"},{"value":"9783030038076","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-03807-6_9","type":"book-chapter","created":{"date-parts":[[2018,11,3]],"date-time":"2018-11-03T23:42:46Z","timestamp":1541288566000},"page":"235-262","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["Smooth NIZK Arguments"],"prefix":"10.1007","author":[{"given":"Charanjit S.","family":"Jutla","sequence":"first","affiliation":[]},{"given":"Arnab","family":"Roy","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,11,4]]},"reference":[{"key":"9_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"449","DOI":"10.1007\/978-3-642-40041-4_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"F Benhamouda","year":"2013","unstructured":"Benhamouda, F., Blazy, O., Chevalier, C., Pointcheval, D., Vergnaud, D.: New techniques for SPHFs and efficient one-round PAKE protocols. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 449\u2013475. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_25"},{"key":"9_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-540-28628-8_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"D Boneh","year":"2004","unstructured":"Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41\u201355. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-28628-8_3"},{"key":"9_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"339","DOI":"10.1007\/978-3-662-53890-6_12","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"O Blazy","year":"2016","unstructured":"Blazy, O., Chevalier, C.: Structure-preserving smooth projective hashing. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 339\u2013369. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53890-6_12"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: 20th ACM STOC, pp. 103\u2013112. ACM Press, May 1988","DOI":"10.1145\/62212.62222"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: 1992 IEEE Symposium on Security and Privacy, pp. 72\u201384. IEEE Computer Society Press, May 1992","DOI":"10.1109\/RISP.1992.213269"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: Ashby, V. (ed.) ACM CCS 93, pp. 244\u2013250. ACM Press, November 1993","DOI":"10.1145\/168588.168618"},{"key":"9_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/3-540-45539-6_12","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"V Boyko","year":"2000","unstructured":"Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156\u2013171. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_12"},{"key":"9_CR8","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/978-3-642-10433-6_19","volume-title":"CANS 09","author":"X Boyen","year":"2009","unstructured":"Boyen, X.: HPAKE: password authentication secure against cross-site user impersonation. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 09. LNCS, vol. 5888, pp. 279\u2013298. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10433-6_19"},{"key":"9_CR9","unstructured":"Benhamouda, F., Pointcheval, D.: Verifier-based password-authenticated key exchange: new models and constructions. Cryptology ePrint Archive, Report 2013\/833 (2013). http:\/\/eprint.iacr.org\/2013\/833"},{"key":"9_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-45539-6_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139\u2013155. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_11"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Ashby, V. (ed.) ACM CCS 93, pp. 62\u201373. ACM Press, November 1993","DOI":"10.1145\/168588.168596"},{"key":"9_CR12","doi-asserted-by":"crossref","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, pp. 136\u2013145. IEEE Computer Society Press, October 2001","DOI":"10.1109\/SFCS.2001.959888"},{"key":"9_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"404","DOI":"10.1007\/11426639_24","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"R Canetti","year":"2005","unstructured":"Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404\u2013421. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_24"},{"key":"9_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/978-3-540-45146-4_16","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"R Canetti","year":"2003","unstructured":"Canetti, R., Rabin, T.: Universal composition with joint state. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265\u2013281. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_16"},{"key":"9_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/3-540-46035-7_4","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"R Cramer","year":"2002","unstructured":"Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45\u201364. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_4"},{"key":"9_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-642-40084-1_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"A Escala","year":"2013","unstructured":"Escala, A., Herold, G., Kiltz, E., R\u00e0fols, C., Villar, J.: An algebraic framework for diffie-hellman assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 129\u2013147. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40084-1_8"},{"key":"9_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-642-17373-8_18","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"M Fischlin","year":"2010","unstructured":"Fischlin, M., Lehmann, A., Ristenpart, T., Shrimpton, T., Stam, M., Tessaro, S.: Random oracles with(out) programmability. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 303\u2013320. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_18"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/11818175_9","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"C Gentry","year":"2006","unstructured":"Gentry, C., MacKenzie, P., Ramzan, Z.: A method for making password-based key exchange resilient to server compromise. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 142\u2013159. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11818175_9"},{"issue":"5","key":"9_CR19","doi-asserted-by":"publisher","first-page":"1193","DOI":"10.1137\/080725386","volume":"41","author":"J Groth","year":"2012","unstructured":"Groth, J., Sahai, A.: Efficient non-interactive proof systems for bilinear groups. SIAM J. Comput. 41(5), 1193\u20131232 (2012)","journal-title":"SIAM J. Comput."},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Halevi, S., Krawczyk, H.: Public-key cryptography and password protocols. In: ACM CCS 98, pp. 122\u2013131. ACM Press, November 1998","DOI":"10.1145\/288090.288118"},{"key":"9_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/978-3-540-30564-4_19","volume-title":"Selected Areas in Cryptography","author":"S Jiang","year":"2004","unstructured":"Jiang, S., Gong, G.: Password Based key exchange with mutual authentication. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 267\u2013279. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30564-4_19"},{"key":"9_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"456","DOI":"10.1007\/978-3-319-78372-7_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"S Jarecki","year":"2018","unstructured":"Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric pake protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 456\u2013486. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_15"},{"key":"9_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"485","DOI":"10.1007\/978-3-642-30057-8_29","volume-title":"Public Key Cryptography \u2013 PKC 2012","author":"C Jutla","year":"2012","unstructured":"Jutla, C., Roy, A.: Relatively-sound NIZKs and password-based key-exchange. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 485\u2013503. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-30057-8_29"},{"key":"9_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-42033-7_1","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"CS Jutla","year":"2013","unstructured":"Jutla, C.S., Roy, A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 1\u201320. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-42033-7_1"},{"key":"9_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1007\/978-3-662-44381-1_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"CS Jutla","year":"2014","unstructured":"Jutla, C.S., Roy, A.: Switching lemma for bilinear tests and constant-size NIZK proofs for linear subspaces. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 295\u2013312. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44381-1_17"},{"key":"9_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"630","DOI":"10.1007\/978-3-662-48797-6_26","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"CS Jutla","year":"2015","unstructured":"Jutla, C.S., Roy, A.: Dual-system simulation-soundness with applications to UC-PAKE and more. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 630\u2013655. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48797-6_26"},{"key":"9_CR27","unstructured":"Jutla, C., Roy, A.: Smooth NIZK arguments with applications to asymmetric UC-PAKE. Cryptology ePrint Archive, Report 2016\/233 (2016). http:\/\/eprint.iacr.org\/2016\/233"},{"key":"9_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-642-19571-6_18","volume-title":"Theory of Cryptography","author":"J Katz","year":"2011","unstructured":"Katz, J., Vaikuntanathan, V.: Round-optimal password-based authenticated key exchange. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 293\u2013310. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19571-6_18"},{"key":"9_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/978-3-662-46803-6_4","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"E Kiltz","year":"2015","unstructured":"Kiltz, E., Wee, H.: Quasi-adaptive NIZK for linear subspaces revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 101\u2013128. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46803-6_4"},{"key":"9_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"514","DOI":"10.1007\/978-3-642-55220-5_29","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"B Libert","year":"2014","unstructured":"Libert, B., Peters, T., Joye, M., Yung, M.: Non-malleability from malleability: simulation-sound quasi-adaptive NIZK proofs and CCA2-secure encryption from homomorphic signatures. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 514\u2013532. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-55220-5_29"},{"key":"9_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/3-540-45353-9_27","volume-title":"Topics in Cryptology \u2014 CT-RSA 2001","author":"P MacKenzie","year":"2001","unstructured":"MacKenzie, P.: More efficient password-authenticated key exchange. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 361\u2013377. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45353-9_27"},{"key":"9_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"619","DOI":"10.1007\/978-3-642-03356-8_36","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"B Waters","year":"2009","unstructured":"Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619\u2013636. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-03356-8_36"}],"container-title":["Lecture Notes in Computer Science","Theory of Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-03807-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,3]],"date-time":"2026-04-03T23:23:57Z","timestamp":1775258637000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-03807-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030038069","9783030038076"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-03807-6_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"4 November 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"TCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Theory of Cryptography Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Panaji","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"tcc2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/tcc.iacr.org\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}