{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T11:46:39Z","timestamp":1777376799802,"version":"3.51.4"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030351984","type":"print"},{"value":"9783030351991","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-35199-1_3","type":"book-chapter","created":{"date-parts":[[2019,12,8]],"date-time":"2019-12-08T19:02:46Z","timestamp":1575831766000},"page":"42-63","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Subversion-Resistant Simulation (Knowledge) Sound NIZKs"],"prefix":"10.1007","author":[{"given":"Karim","family":"Baghery","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,11,18]]},"reference":[{"key":"3_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/978-3-030-31500-9_22","volume-title":"Data Privacy Management, Cryptocurrencies and Blockchain Technology","author":"S Atapoor","year":"2019","unstructured":"Atapoor, S., Baghery, K.: Simulation extractability in groth\u2019s zk-SNARK. In: P\u00e9rez-Sol\u00e1, C., Navarro-Arribas, G., Biryukov, A., Garcia-Alfaro, J. (eds.) DPM\/CBT-2019. LNCS, vol. 11737, pp. 336\u2013354. Springer, Cham (2019). \nhttps:\/\/doi.org\/10.1007\/978-3-030-31500-9_22"},{"key":"3_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"348","DOI":"10.1007\/978-3-319-76578-5_12","volume-title":"Public-Key Cryptography \u2013 PKC 2018","author":"B Auerbach","year":"2018","unstructured":"Auerbach, B., Bellare, M., Kiltz, E.: Public-key encryption resistant to parameter subversion and its realization from efficiently-embeddable groups. In: Abdalla, M., Dahab, R. (eds.) PKC 2018, Part I. LNCS, vol. 10769, pp. 348\u2013377. Springer, Cham (2018). \nhttps:\/\/doi.org\/10.1007\/978-3-319-76578-5_12"},{"key":"3_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1007\/978-3-030-23696-0_6","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2019","author":"B Abdolmaleki","year":"2019","unstructured":"Abdolmaleki, B., Baghery, K., Lipmaa, H., Siim, J., Zaj\u0105c, M.: UC-secure CRS generation for SNARKs. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2019. LNCS, vol. 11627, pp. 99\u2013117. Springer, Cham (2019). \nhttps:\/\/doi.org\/10.1007\/978-3-030-23696-0_6"},{"key":"3_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-70700-6_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"B Abdolmaleki","year":"2017","unstructured":"Abdolmaleki, B., Baghery, K., Lipmaa, H., Zaj\u0105c, M.: A subversion-resistant SNARK. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part III. LNCS, vol. 10626, pp. 3\u201333. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-70700-6_1"},{"key":"3_CR5","unstructured":"Abdolmaleki, B., Lipmaa, H., Siim, J. and Zajac, M.: On QA-NIZK in the BPK model. IACR Cryptology ePrint Archive, 2018:877 (2018). \nhttp:\/\/eprint.iacr.org\/2018\/877"},{"key":"3_CR6","unstructured":"Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signatures: definitions, constructions and applications. Cryptology ePrint Archive, Report 2015\/517 (2015). \nhttp:\/\/eprint.iacr.org\/2015\/517"},{"key":"3_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1007\/978-3-030-23696-0_7","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2019","author":"K Baghery","year":"2019","unstructured":"Baghery, K.: On the efficiency of privacy-preserving smart contract systems. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2019. LNCS, vol. 11627, pp. 118\u2013136. Springer, Cham (2019). \nhttps:\/\/doi.org\/10.1007\/978-3-030-23696-0_7"},{"key":"3_CR8","unstructured":"Baghery, K.: Subversion-resistant commitment schemes: definitions and constructions. Cryptology ePrint Archive, Report 2019\/1065 (2019). \nhttp:\/\/eprint.iacr.org\/2019\/1065"},{"issue":"2","key":"3_CR9","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/s00145-007-9005-7","volume":"21","author":"D Boneh","year":"2008","unstructured":"Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptol. 21(2), 149\u2013177 (2008)","journal-title":"J. Cryptol."},{"key":"3_CR10","first-page":"2","volume":"6","author":"J Ball","year":"2013","unstructured":"Ball, J., Borger, J., Greenwald, G., et al.: Revealed: how us and uk spy agencies defeat internet privacy and security. The Guardian 6, 2\u20138 (2013)","journal-title":"The Guardian"},{"key":"3_CR11","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., Chiesa, A., Green, M., Tromer, E., Virza, M.: Secure sampling of public parameters for succinct zero knowledge proofs. In: 2015 IEEE Symposium on Security and Privacy, pp. 287\u2013304. IEEE Computer Society Press (2015)","DOI":"10.1109\/SP.2015.25"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Bitansky, N., Canetti, R., Paneth, O., Rosen, A.: On the existence of extractable one-way functions. In: Shmoys, D.B. (ed.) 46th ACM STOC, pp. 505\u2013514. ACM Press, May\/June 2014","DOI":"10.1145\/2591796.2591859"},{"key":"3_CR13","unstructured":"Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Succinct non-interactive arguments for a von neumann architecture. Cryptology ePrint Archive, Report 2013\/879 (2013). \nhttp:\/\/eprint.iacr.org\/2013\/879"},{"key":"3_CR14","doi-asserted-by":"crossref","unstructured":"Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: 20th ACM STOC, pp. 103\u2013112. ACM Press, May 1988","DOI":"10.1145\/62212.62222"},{"key":"3_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"777","DOI":"10.1007\/978-3-662-53890-6_26","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Fuchsbauer, G., Scafuro, A.: NIZKs with an untrusted CRS: security in the face of parameter subversion. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part II. LNCS, vol. 10032, pp. 777\u2013804. Springer, Heidelberg (2016). \nhttps:\/\/doi.org\/10.1007\/978-3-662-53890-6_26"},{"key":"3_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1007\/0-387-34805-0_19","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"M Bellare","year":"1990","unstructured":"Bellare, M., Goldwasser, S.: New paradigms for digital signatures and message authentication based on non-interactive zero knowledge proofs. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 194\u2013211. Springer, New York (1990). \nhttps:\/\/doi.org\/10.1007\/0-387-34805-0_19"},{"key":"3_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-662-44371-2_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"M Bellare","year":"2014","unstructured":"Bellare, M., Paterson, K.G., Rogaway, P.: Security of symmetric encryption against mass surveillance. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 1\u201319. Springer, Heidelberg (2014). \nhttps:\/\/doi.org\/10.1007\/978-3-662-44371-2_1"},{"key":"3_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"445","DOI":"10.1007\/3-540-46766-1_36","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201991","author":"I Damg\u00e5rd","year":"1992","unstructured":"Damg\u00e5rd, I.: Towards practical public key systems secure against chosen ciphertext attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445\u2013456. Springer, Heidelberg (1992). \nhttps:\/\/doi.org\/10.1007\/3-540-46766-1_36"},{"key":"3_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/3-540-44647-8_33","volume-title":"Advances in Cryptology \u2014 CRYPTO 2001","author":"A Santis De","year":"2001","unstructured":"De Santis, A., Di Crescenzo, G., Ostrovsky, R., Persiano, G., Sahai, A.: Robust non-interactive zero knowledge. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 566\u2013598. Springer, Heidelberg (2001). \nhttps:\/\/doi.org\/10.1007\/3-540-44647-8_33"},{"key":"3_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1007\/978-3-319-93387-0_3","volume-title":"Applied Cryptography and Network Security","author":"G Fuchsbauer","year":"2018","unstructured":"Fuchsbauer, G., Orr\u00f9, M.: Non-interactive zaps of knowledge. In: Preneel, B., Vercauteren, F. (eds.) ACNS 2018. LNCS, vol. 10892, pp. 44\u201362. Springer, Cham (2018). \nhttps:\/\/doi.org\/10.1007\/978-3-319-93387-0_3"},{"key":"3_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/978-3-319-76578-5_11","volume-title":"Public-Key Cryptography \u2013 PKC 2018","author":"G Fuchsbauer","year":"2018","unstructured":"Fuchsbauer, G.: Subversion-zero-knowledge SNARKs. In: Abdalla, M., Dahab, R. (eds.) PKC 2018, Part I. LNCS, vol. 10769, pp. 315\u2013347. Springer, Cham (2018). \nhttps:\/\/doi.org\/10.1007\/978-3-319-76578-5_11"},{"key":"3_CR22","unstructured":"Gabizon, A.: On the security of the BCTV pinocchio zk-SNARK variant. IACR Cryptology ePrint Archive, 2019:119 (2019)"},{"key":"3_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-38348-9_37","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"R Gennaro","year":"2013","unstructured":"Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626\u2013645. Springer, Heidelberg (2013). \nhttps:\/\/doi.org\/10.1007\/978-3-642-38348-9_37"},{"key":"3_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"581","DOI":"10.1007\/978-3-319-63715-0_20","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"J Groth","year":"2017","unstructured":"Groth, J., Maller, M.: Snarky Signatures: minimal signatures of knowledge from simulation-extractable SNARKs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 581\u2013612. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-63715-0_20"},{"key":"3_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/11818175_6","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"J Groth","year":"2006","unstructured":"Groth, J., Ostrovsky, R., Sahai, A.: Non-interactive zaps and new techniques for NIZK. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 97\u2013111. Springer, Heidelberg (2006). \nhttps:\/\/doi.org\/10.1007\/11818175_6"},{"key":"3_CR26","volume-title":"No Place to Hide: Edward Snowden, the NSA, and the US Surveillance State","author":"G Greenwald","year":"2014","unstructured":"Greenwald, G.: No Place to Hide: Edward Snowden, the NSA, and the US Surveillance State. Macmillan, London (2014)"},{"key":"3_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-642-17373-8_19","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Groth","year":"2010","unstructured":"Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321\u2013340. Springer, Heidelberg (2010). \nhttps:\/\/doi.org\/10.1007\/978-3-642-17373-8_19"},{"key":"3_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-662-49896-5_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"J Groth","year":"2016","unstructured":"Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 305\u2013326. Springer, Heidelberg (2016). \nhttps:\/\/doi.org\/10.1007\/978-3-662-49896-5_11"},{"key":"3_CR29","unstructured":"Haenni, R.: Swiss post public intrusion test: undetectable attack against vote integrity and secrecy (2019). \nhttps:\/\/e-voting.bfh.ch\/app\/download\/7833162361\/PIT2.pdf?t=1552395691"},{"key":"3_CR30","doi-asserted-by":"crossref","unstructured":"Kosba, A., Miller, A.: The blockchain model of cryptography and privacy-preserving smart contracts. In: 2016 IEEE Symposium on Security and Privacy, pp. 839\u2013858. IEEE Computer Society Press, May 2016","DOI":"10.1109\/SP.2016.55"},{"key":"3_CR31","unstructured":"Kosba, A.E., et al.: A framework for building composable zero-knowledge proofs. Technical report 2015\/1093, 10 November 2015. \nhttp:\/\/eprint.iacr.org\/2015\/1093\n\n. Accessed 9 Apr 2017"},{"key":"3_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-642-28914-9_10","volume-title":"Theory of Cryptography","author":"H Lipmaa","year":"2012","unstructured":"Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169\u2013189. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-28914-9_10"},{"key":"3_CR33","unstructured":"Lipmaa, H.: Simulation-extractable SNARKs revisited. Cryptology ePrint Archive, Report 2019\/612 (2019). \nhttp:\/\/eprint.iacr.org\/2019\/612"},{"key":"3_CR34","unstructured":"Lewis, S.J., Pereira, O., Teague, V.: Trapdoor commitments in the swisspost e-voting shuffle proof (2019). \nhttps:\/\/people.eng.unimelb.edu.au\/vjteague\/SwissVote"},{"key":"3_CR35","doi-asserted-by":"crossref","unstructured":"Parno, B., Howell, J., Gentry, C., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: 2013 IEEE Symposium on Security and Privacy, pp. 238\u2013252. IEEE Computer Society Press, May 2013","DOI":"10.1109\/SP.2013.47"},{"key":"3_CR36","unstructured":"Perlroth, N., Larson, J., Shane, S.: NSA able to foil basic safeguards of privacy on web. The New York Times, 5 (2013)"}],"container-title":["Lecture Notes in Computer Science","Cryptography and Coding"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-35199-1_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,8]],"date-time":"2019-12-08T19:07:42Z","timestamp":1575832062000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-35199-1_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030351984","9783030351991"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-35199-1_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"18 November 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"IMACC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IMA International Conference on Cryptography and Coding","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Oxford","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Kingdom","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ima2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ima.org.uk\/11167\/17th-ima-international-conference-on-cryptography-and-coding\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"17","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"55% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}