{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T15:44:25Z","timestamp":1780069465482,"version":"3.54.0"},"publisher-location":"Cham","reference-count":69,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030269531","type":"print"},{"value":"9783030269548","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-26954-8_21","type":"book-chapter","created":{"date-parts":[[2019,8,8]],"date-time":"2019-08-08T23:02:47Z","timestamp":1565305367000},"page":"639-669","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["Exploring Constructions of Compact NIZKs from Various Assumptions"],"prefix":"10.1007","author":[{"given":"Shuichi","family":"Katsumata","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ryo","family":"Nishimaki","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Shota","family":"Yamada","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Takashi","family":"Yamakawa","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2019,8,1]]},"reference":[{"key":"21_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"733","DOI":"10.1007\/978-3-662-46447-2_33","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"M Abdalla","year":"2015","unstructured":"Abdalla, M., Bourse, F., De Caro, A., Pointcheval, D.: Simple functional encryption schemes for inner products. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 733\u2013751. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46447-2_33"},{"issue":"2","key":"21_CR2","doi-asserted-by":"publisher","first-page":"363","DOI":"10.1007\/s00145-014-9196-7","volume":"29","author":"M Abe","year":"2016","unstructured":"Abe, M., Fuchsbauer, G., Groth, J., Haralambiev, K., Ohkubo, M.: Structure-preserving signatures and commitments to group elements. J. Cryptol. 29(2), 363\u2013421 (2016)","journal-title":"J. Cryptol."},{"key":"21_CR3","unstructured":"Abusalah, H.: Generic instantiations of the hidden bits model for non-interactive zero-knowledge proofs for NP. Master\u2019s thesis, RWTH-Aachen University (2013)"},{"key":"21_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1007\/978-3-662-53015-3_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"S Agrawal","year":"2016","unstructured":"Agrawal, S., Libert, B., Stehl\u00e9, D.: Fully secure functional encryption for inner products, from standard assumptions. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 333\u2013362. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53015-3_12"},{"key":"21_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"614","DOI":"10.1007\/3-540-39200-9_38","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2003","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614\u2013629. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-39200-9_38"},{"issue":"3","key":"21_CR6","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s001459900009","volume":"9","author":"Mihir Bellare","year":"1996","unstructured":"Bellare, M., Yung, M.: Certifying permutations: noninteractive zero-knowledge based on any trapdoor permutation. J. Cryptol. 9(3), 149\u2013166 (1996)","journal-title":"Journal of Cryptology"},{"key":"21_CR7","doi-asserted-by":"crossref","unstructured":"Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: ITCS 2012, pp. 326\u2013349 (2012)","DOI":"10.1145\/2090236.2090263"},{"key":"21_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1007\/978-3-662-46497-7_16","volume-title":"Theory of Cryptography","author":"N Bitansky","year":"2015","unstructured":"Bitansky, N., Paneth, O.: ZAPs and non-interactive witness indistinguishability from indistinguishability obfuscation. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 401\u2013427. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46497-7_16"},{"key":"21_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-662-49096-9_20","volume-title":"Theory of Cryptography","author":"N Bitansky","year":"2016","unstructured":"Bitansky, N., Paneth, O., Wichs, D.: Perfect structure on the edge of chaos. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 474\u2013502. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49096-9_20"},{"key":"21_CR10","doi-asserted-by":"crossref","unstructured":"Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: 20th ACM STOC, pp. 103\u2013112 (1988)","DOI":"10.1145\/62212.62222"},{"key":"21_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"509","DOI":"10.1007\/978-3-662-53018-4_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"E Boyle","year":"2016","unstructured":"Boyle, E., Gilboa, N., Ishai, Y.: Breaking the circuit size barrier for secure computation under DDH. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 509\u2013539. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_19"},{"key":"21_CR12","doi-asserted-by":"crossref","unstructured":"Canetti, R., et al.: Fiat-Shamir: from practice to theory. In: STOC 2019 (2019, to appear)","DOI":"10.1145\/3313276.3316380"},{"key":"21_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/978-3-319-78381-9_4","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"R Canetti","year":"2018","unstructured":"Canetti, R., Chen, Y., Reyzin, L., Rothblum, R.D.: Fiat-Shamir and correlation intractability from strong KDM-secure encryption. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 91\u2013122. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_4"},{"issue":"3","key":"21_CR14","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/s00145-006-0442-5","volume":"20","author":"R Canetti","year":"2007","unstructured":"Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. J. Cryptol. 20(3), 265\u2013294 (2007)","journal-title":"J. Cryptol."},{"key":"21_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"476","DOI":"10.1007\/978-3-030-03807-6_18","volume-title":"Theory of Cryptography","author":"R Canetti","year":"2018","unstructured":"Canetti, R., Lichtenberg, A.: Certifying trapdoor permutations, revisited. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11239, pp. 476\u2013506. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03807-6_18"},{"issue":"1","key":"21_CR16","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1007\/s00145-016-9249-1","volume":"31","author":"D Catalano","year":"2018","unstructured":"Catalano, D., Fiore, D.: Practical homomorphic message authenticators for arithmetic circuits. J. Cryptol. 31(1), 23\u201359 (2018)","journal-title":"J. Cryptol."},{"key":"21_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1007\/978-3-319-78372-7_7","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"P Chaidos","year":"2018","unstructured":"Chaidos, P., Couteau, G.: Efficient designated-verifier non-interactive zero-knowledge proofs of knowledge. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part III. LNCS, vol. 10822, pp. 193\u2013221. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_7"},{"key":"21_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"650","DOI":"10.1007\/978-3-662-46447-2_29","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"P Chaidos","year":"2015","unstructured":"Chaidos, P., Groth, J.: Making sigma-protocols non-interactive without random oracles. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 650\u2013670. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46447-2_29"},{"key":"21_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/3-540-46416-6_22","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1991","author":"D Chaum","year":"1991","unstructured":"Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257\u2013265. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-46416-6_22"},{"key":"21_CR20","doi-asserted-by":"crossref","unstructured":"Cohen, R., Shelat, A., Wichs, D.: Adaptively secure MPC with sublinear communication complexity. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, LNCS, vol. 11693, pp. 30\u201360. Springer, Cham (2019)","DOI":"10.1007\/978-3-030-26951-7_2"},{"key":"21_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"562","DOI":"10.1007\/978-3-030-17656-3_20","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"G Couteau","year":"2019","unstructured":"Couteau, G., Hofheinz, D.: Designated-verifier pseudorandom generators, and their applications. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 562\u2013592. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17656-3_20"},{"key":"21_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-540-24638-1_13","volume-title":"Theory of Cryptography","author":"R Cramer","year":"2004","unstructured":"Cramer, R., Damg\u00e5rd, I.: Secret-key zero-knowlegde and non-interactive verifiable exponentiation. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 223\u2013237. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24638-1_13"},{"key":"21_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/3-540-47555-9_28","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1992","author":"I Damg\u00e5rd","year":"1993","unstructured":"Damg\u00e5rd, I.: Non-interactive circuit based proofs and non-interactive perfect zero-knowledge with preprocessing. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 341\u2013355. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-47555-9_28"},{"key":"21_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/11681878_3","volume-title":"Theory of Cryptography","author":"I Damg\u00e5rd","year":"2006","unstructured":"Damg\u00e5rd, I., Fazio, N., Nicolosi, A.: Non-interactive zero-knowledge from homomorphic encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 41\u201359. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11681878_3"},{"key":"21_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"532","DOI":"10.1007\/978-3-662-45611-8_28","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"G Danezis","year":"2014","unstructured":"Danezis, G., Fournet, C., Groth, J., Kohlweiss, M.: Square span programs with applications to succinct NIZK arguments. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 532\u2013550. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_28"},{"key":"21_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1007\/0-387-34799-2_21","volume-title":"Advances in Cryptology \u2014 CRYPTO 1988","author":"A De Santis","year":"1990","unstructured":"De Santis, A., Micali, S., Persiano, G.: Non-interactive zero-knowledge with preprocessing. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 269\u2013282. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34799-2_21"},{"issue":"2","key":"21_CR27","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1137\/S0097539795291562","volume":"30","author":"D Dolev","year":"2000","unstructured":"Dolev, D., Dwork, C., Naor, M.: Nonmalleable cryptography. SIAM J. Comput. 30(2), 391\u2013437 (2000)","journal-title":"SIAM J. Comput."},{"issue":"1","key":"21_CR28","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1137\/S0097539792230010","volume":"29","author":"U Feige","year":"1999","unstructured":"Feige, U., Lapidot, D., Shamir, A.: Multiple noninteractive zero knowledge proofs under general assumptions. SIAM J. Comput. 29(1), 1\u201328 (1999)","journal-title":"SIAM J. Comput."},{"issue":"3","key":"21_CR29","doi-asserted-by":"publisher","first-page":"882","DOI":"10.1137\/14095772X","volume":"45","author":"S Garg","year":"2016","unstructured":"Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM J. Comput. 45(3), 882\u2013929 (2016)","journal-title":"SIAM J. Comput."},{"key":"21_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-38348-9_37","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"R Gennaro","year":"2013","unstructured":"Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626\u2013645. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_37"},{"key":"21_CR31","doi-asserted-by":"crossref","unstructured":"Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009)","DOI":"10.1145\/1536414.1536440"},{"issue":"4","key":"21_CR32","doi-asserted-by":"publisher","first-page":"820","DOI":"10.1007\/s00145-014-9184-y","volume":"28","author":"C Gentry","year":"2015","unstructured":"Gentry, C., Groth, J., Ishai, Y., Peikert, C., Sahai, A., Smith, A.D.: Using fully homomorphic hybrid encryption to minimize non-interative zero-knowledge proofs. J. Cryptol. 28(4), 820\u2013843 (2015)","journal-title":"J. Cryptol."},{"key":"21_CR33","doi-asserted-by":"crossref","unstructured":"Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: 43rd ACM STOC, pp. 99\u2013108, June 2011","DOI":"10.1145\/1993636.1993651"},{"key":"21_CR34","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511721656","volume-title":"Foundations of Cryptography: Volume 2, Basic Applications","author":"O Goldreich","year":"2004","unstructured":"Goldreich, O.: Foundations of Cryptography: Volume 2, Basic Applications. Cambridge, New York (2004)"},{"key":"21_CR35","doi-asserted-by":"crossref","unstructured":"Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: 19th ACM STOC, pp. 218\u2013229 (1987)","DOI":"10.1145\/28395.28420"},{"issue":"1","key":"21_CR36","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BF00195207","volume":"7","author":"O Goldreich","year":"1994","unstructured":"Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof systems. J. Cryptol. 7(1), 1\u201332 (1994)","journal-title":"J. Cryptol."},{"issue":"1","key":"21_CR37","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1137\/0218012","volume":"18","author":"S Goldwasser","year":"1989","unstructured":"Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186\u2013208 (1989)","journal-title":"SIAM J. Comput."},{"key":"21_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-642-32009-5_11","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"S Gorbunov","year":"2012","unstructured":"Gorbunov, S., Vaikuntanathan, V., Wee, H.: Functional encryption with bounded collusions via multi-party computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 162\u2013179. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_11"},{"key":"21_CR39","doi-asserted-by":"crossref","unstructured":"Gorbunov, S., Vaikuntanathan, V., Wichs, D.: Leveled fully homomorphic signatures from standard lattices. In: STOC 2015, pp. 469\u2013477 (2015)","DOI":"10.1145\/2746539.2746576"},{"key":"21_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-642-17373-8_20","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Groth","year":"2010","unstructured":"Groth, J.: Short non-interactive zero-knowledge proofs. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 341\u2013358. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_20"},{"key":"21_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-642-17373-8_19","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Groth","year":"2010","unstructured":"Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321\u2013340. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_19"},{"key":"21_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-662-49896-5_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"J Groth","year":"2016","unstructured":"Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 305\u2013326. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5_11"},{"issue":"3","key":"21_CR43","doi-asserted-by":"publisher","first-page":"11:1","DOI":"10.1145\/2220357.2220358","volume":"59","author":"J Groth","year":"2012","unstructured":"Groth, J., Ostrovsky, R., Sahai, A.: New techniques for noninteractive zero-knowledge. J. ACM 59(3), 11:1\u201311:35 (2012)","journal-title":"J. ACM"},{"issue":"5","key":"21_CR44","doi-asserted-by":"publisher","first-page":"1193","DOI":"10.1137\/080725386","volume":"41","author":"J Groth","year":"2012","unstructured":"Groth, J., Sahai, A.: Efficient noninteractive proof systems for bilinear groups. SIAM J. Comput. 41(5), 1193\u20131232 (2012)","journal-title":"SIAM J. Comput."},{"issue":"3","key":"21_CR45","doi-asserted-by":"publisher","first-page":"1121","DOI":"10.1137\/080725398","volume":"39","author":"Yuval Ishai","year":"2009","unstructured":"Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge proofs from secure multiparty computation. SIAM J. Comput. 39(3), 1121\u20131152 (2009)","journal-title":"SIAM Journal on Computing"},{"key":"21_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1007\/978-3-319-63715-0_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"YT Kalai","year":"2017","unstructured":"Kalai, Y.T., Rothblum, G.N., Rothblum, R.D.: From obfuscation to the security of Fiat-Shamir for proofs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 224\u2013251. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63715-0_8"},{"key":"21_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"622","DOI":"10.1007\/978-3-030-17656-3_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"S Katsumata","year":"2019","unstructured":"Katsumata, S., Nishimaki, R., Yamada, S., Yamakawa, T.: Designated verifier\/prover and preprocessing NIZKs from Diffie-Hellman assumptions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 622\u2013651. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17656-3_22"},{"key":"21_CR48","unstructured":"Kilian, J.: On the complexity of bounded-interaction and noninteractive zero-knowledge proofs. In: 35th FOCS, pp. 466\u2013477 (1994)"},{"key":"21_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"545","DOI":"10.1007\/0-387-34805-0_47","volume-title":"Advances in Cryptology \u2014 CRYPTO 1989 Proceedings","author":"J Kilian","year":"1990","unstructured":"Kilian, J., Micali, S., Ostrovsky, R.: Minimum resource zero-knowledge proofs (extended abstract). In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 545\u2013546. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_47"},{"issue":"1","key":"21_CR50","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s001459900032","volume":"11","author":"J Kilian","year":"1998","unstructured":"Kilian, J., Petrank, E.: An efficient noninteractive zero-knowledge proof system for NP with general assumptions. J. Cryptol. 11(1), 1\u201327 (1998)","journal-title":"J. Cryptol."},{"key":"21_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"733","DOI":"10.1007\/978-3-319-96881-0_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"S Kim","year":"2018","unstructured":"Kim, S., Wu, D.J.: Multi-theorem preprocessing NIZKs from lattices. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 733\u2013765. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_25"},{"key":"21_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"353","DOI":"10.1007\/3-540-38424-3_26","volume-title":"Advances in Cryptology-CRYPT0 1990","author":"D Lapidot","year":"1991","unstructured":"Lapidot, D., Shamir, A.: Publicly verifiable non-interactive zero-knowledge proofs. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 353\u2013365. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-38424-3_26"},{"key":"21_CR53","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-642-28914-9_10","volume-title":"Theory of Cryptography","author":"H Lipmaa","year":"2012","unstructured":"Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169\u2013189. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-28914-9_10"},{"key":"21_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-42033-7_3","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"H Lipmaa","year":"2013","unstructured":"Lipmaa, H.: Succinct non-interactive zero knowledge arguments from span programs and linear error-correcting codes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 41\u201360. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-42033-7_3"},{"key":"21_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1007\/978-3-319-70972-7_10","volume-title":"Financial Cryptography and Data Security","author":"H Lipmaa","year":"2017","unstructured":"Lipmaa, H.: Optimally sound sigma protocols under DCRA. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 182\u2013203. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70972-7_10"},{"issue":"2","key":"21_CR56","first-page":"481","volume":"E85\u2013A","author":"S Mitsunari","year":"2002","unstructured":"Mitsunari, S., Saka, R., Kasahara, M.: A new traitor tracing. IEICE Trans. E85\u2013A(2), 481\u2013484 (2002)","journal-title":"A new traitor tracing. IEICE Trans."},{"key":"21_CR57","doi-asserted-by":"crossref","unstructured":"Naccache, D., Stern, J.: A new public key cryptosystem based on higher residues. In: ACM CCS 1998, pp. 59\u201366 (1998)","DOI":"10.1145\/288090.288106"},{"key":"21_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1007\/978-3-540-45146-4_6","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"M Naor","year":"2003","unstructured":"Naor, M.: On cryptographic assumptions and challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96\u2013109. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_6"},{"key":"21_CR59","doi-asserted-by":"crossref","unstructured":"Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: 22nd ACM STOC, pp. 427\u2013437 (1990)","DOI":"10.1145\/100216.100273"},{"issue":"2","key":"21_CR60","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1145\/2856449","volume":"59","author":"B Parno","year":"2016","unstructured":"Parno, B., Howell, J., Gentry, C., Raykova, M.: Pinocchio: nearly practical verifiable computation. Commun. ACM 59(2), 103\u2013112 (2016)","journal-title":"Commun. ACM"},{"key":"21_CR61","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1007\/11818175_16","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"R Pass","year":"2006","unstructured":"Pass, R., Shelat, A., Vaikuntanathan, V.: Construction of a non-malleable encryption scheme from any semantically secure one. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 271\u2013289. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11818175_16"},{"key":"21_CR62","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/3-540-46766-1_9","volume-title":"Advances in Cryptology \u2014 CRYPTO 1991","author":"TP Pedersen","year":"1992","unstructured":"Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129\u2013140. Springer, Heidelberg (1992). https:\/\/doi.org\/10.1007\/3-540-46766-1_9"},{"key":"21_CR63","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"593","DOI":"10.1007\/978-3-030-17656-3_21","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"W Quach","year":"2019","unstructured":"Quach, W., Rothblum, R.D., Wichs, D.: Reusable designated-verifier NIZKs for all NP from CDH. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 593\u2013621. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17656-3_21"},{"key":"21_CR64","doi-asserted-by":"crossref","unstructured":"Quach, W., Wee, H., Wichs, D.: Laconic function evaluation and applications. In: 59th FOCS, pp. 859\u2013870 (2018)","DOI":"10.1109\/FOCS.2018.00086"},{"key":"21_CR65","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"552","DOI":"10.1007\/3-540-45682-1_32","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"RL Rivest","year":"2001","unstructured":"Rivest, R.L., Shamir, A., Tauman, Y.: How to leak a secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552\u2013565. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45682-1_32"},{"key":"21_CR66","unstructured":"Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In: 40th FOCS, pp. 543\u2013553 (1999)"},{"key":"21_CR67","doi-asserted-by":"crossref","unstructured":"Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: 46th ACM STOC, pp. 475\u2013484 (2014)","DOI":"10.1145\/2591796.2591825"},{"key":"21_CR68","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_18"},{"key":"21_CR69","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1007\/978-3-642-02384-2_18","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2009","author":"C Ventre","year":"2009","unstructured":"Ventre, C., Visconti, I.: Co-sound zero-knowledge with public keys. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 287\u2013304. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-02384-2_18"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-26954-8_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T17:21:07Z","timestamp":1710350467000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-26954-8_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030269531","9783030269548"],"references-count":69,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-26954-8_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"1 August 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 August 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"39","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"IACR websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"378","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"81","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}