{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,7]],"date-time":"2025-12-07T13:09:50Z","timestamp":1765112990739,"version":"3.40.4"},"publisher-location":"Cham","reference-count":74,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031306167"},{"type":"electronic","value":"9783031306174"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-30617-4_11","type":"book-chapter","created":{"date-parts":[[2023,4,14]],"date-time":"2023-04-14T10:02:24Z","timestamp":1681466544000},"page":"315-346","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":19,"title":["Witness-Succinct Universally-Composable SNARKs"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2909-9177","authenticated-orcid":false,"given":"Chaya","family":"Ganesh","sequence":"first","affiliation":[]},{"given":"Yashvanth","family":"Kondi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4992-0249","authenticated-orcid":false,"given":"Claudio","family":"Orlandi","sequence":"additional","affiliation":[]},{"given":"Mahak","family":"Pancholi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8556-3053","authenticated-orcid":false,"given":"Akira","family":"Takahashi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6188-1049","authenticated-orcid":false,"given":"Daniel","family":"Tschudi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,4,15]]},"reference":[{"key":"11_CR1","doi-asserted-by":"publisher","unstructured":"Abdalla, M., Barbosa, M., Katz, J., Loss, J., Xu, J.: Algebraic adversaries in the universal composability framework. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021, Part III. LNCS, vol. 13092, pp. 311\u2013341. Springer, Heidelberg, December 2021. https:\/\/doi.org\/10.1007\/978-3-030-92078-4_11","DOI":"10.1007\/978-3-030-92078-4_11"},{"key":"11_CR2","doi-asserted-by":"publisher","unstructured":"Abdolmaleki, B., Ramacher, S., Slamanig, D.: Lift-and-shift: obtaining simulation extractable subversion and updatable SNARKs generically. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) ACM CCS 2020, pp. 1987\u20132005. ACM Press, November 2020. https:\/\/doi.org\/10.1145\/3372297.3417228","DOI":"10.1145\/3372297.3417228"},{"key":"11_CR3","doi-asserted-by":"publisher","unstructured":"Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: lightweight sublinear arguments without a trusted setup. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 2087\u20132104. ACM Press, Oct\/Nov 2017. https:\/\/doi.org\/10.1145\/3133956.3134104","DOI":"10.1145\/3133956.3134104"},{"key":"11_CR4","unstructured":"Arun, A., Ganesh, C., Lokam, S., Mopuri, T., Sridhar, S.: Dew: transparent constant-sized zkSNARKs. Cryptology ePrint Archive, Report 2022\/419 (2022). https:\/\/eprint.iacr.org\/2022\/419"},{"key":"11_CR5","unstructured":"Atapoor, S., Baghery, K.: Simulation extractability in groth\u2019s zk-SNARK. Cryptology ePrint Archive, Report 2019\/641 (2019). https:\/\/eprint.iacr.org\/2019\/641"},{"key":"11_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1007\/978-3-030-35199-1_3","volume-title":"Cryptography and Coding","author":"K Baghery","year":"2019","unstructured":"Baghery, K.: Subversion-resistant simulation (Knowledge) sound NIZKs. In: Albrecht, M. (ed.) IMACC 2019. LNCS, vol. 11929, pp. 42\u201363. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-35199-1_3"},{"key":"11_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"457","DOI":"10.1007\/978-3-662-64322-8_22","volume-title":"Financial Cryptography and Data Security","author":"K Baghery","year":"2021","unstructured":"Baghery, K., Kohlweiss, M., Siim, J., Volkhov, M.: Another look at extraction and\u00a0randomization of Groth\u2019s zk-SNARK. In: Borisov, N., Diaz, C. (eds.) FC 2021. LNCS, vol. 12674, pp. 457\u2013475. Springer, Heidelberg (2021). https:\/\/doi.org\/10.1007\/978-3-662-64322-8_22"},{"key":"11_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/978-3-030-65411-5_22","volume-title":"Cryptology and Network Security","author":"K Baghery","year":"2020","unstructured":"Baghery, K., Pindado, Z., R\u00e0fols, C.: Simulation extractable versions of groth\u2019s zk-SNARK revisited. In: Krenn, S., Shulman, H., Vaudenay, S. (eds.) CANS 2020. LNCS, vol. 12579, pp. 453\u2013461. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-65411-5_22"},{"key":"11_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/978-3-030-92548-2_28","volume-title":"Cryptology and Network Security","author":"K Baghery","year":"2021","unstructured":"Baghery, K., Sedaghat, M.: Tiramisu: black-box simulation extractable NIZKs in\u00a0the\u00a0updatable CRS model. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 531\u2013551. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92548-2_28"},{"key":"11_CR10","doi-asserted-by":"publisher","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Denning, D.E., Pyle, R., Ganesan, R., Sandhu, R.S., Ashby, V. (eds.) ACM CCS 93, pp. 62\u201373. ACM Press, November 1993. https:\/\/doi.org\/10.1145\/168588.168596","DOI":"10.1145\/168588.168596"},{"key":"11_CR11","unstructured":"Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, Paper 2018\/046 (2018). https:\/\/eprint.iacr.org\/2018\/046"},{"key":"11_CR12","unstructured":"Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, Report 2018\/046 (2018). https:\/\/eprint.iacr.org\/2018\/046"},{"key":"11_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-662-49099-0_2","volume-title":"Theory of Cryptography","author":"E Ben-Sasson","year":"2016","unstructured":"Ben-Sasson, E., Chiesa, A., Gabizon, A., Virza, M.: Quasi-linear size zero knowledge from linear-algebraic PCPs. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016, Part II. LNCS, vol. 9563, pp. 33\u201364. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49099-0_2"},{"key":"11_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/978-3-030-17653-2_4","volume-title":"Advances in Cryptology","author":"E Ben-Sasson","year":"2019","unstructured":"Ben-Sasson, E., Chiesa, A., Riabzev, M., Spooner, N., Virza, M., Ward, N.P.: Aurora: Transparent Succinct Arguments for R1CS. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019, Part I. LNCS, vol. 11476, pp. 103\u2013128. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17653-2_4"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-662-53644-5_2","volume-title":"Theory of Cryptography","author":"E Ben-Sasson","year":"2016","unstructured":"Ben-Sasson, E., Chiesa, A., Spooner, N.: Interactive oracle proofs. In: Hirt, M., Smith, A. (eds.) TCC 2016, Part II. LNCS, vol. 9986, pp. 31\u201360. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53644-5_2"},{"key":"11_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/0-387-34799-2_20","volume-title":"Advances in Cryptology","author":"M Blum","year":"1990","unstructured":"Blum, M., Feldman, P., Micali, S.: Proving security against chosen ciphertext attacks. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 256\u2013268. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34799-2_20"},{"key":"11_CR17","doi-asserted-by":"publisher","unstructured":"Blum, M., Santis, A.D., Micali, S., Persiano, G.: Noninteractive zero-knowledge. SIAM J. Comput. 20(6), 1084\u20131118 (1991) https:\/\/doi.org\/10.1137\/0220068","DOI":"10.1137\/0220068"},{"key":"11_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-540-24676-3_14","volume-title":"Advances in Cryptology","author":"D Boneh","year":"2004","unstructured":"Boneh, D., Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223\u2013238. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_14"},{"key":"11_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-662-49896-5_12","volume-title":"Advances in Cryptology","author":"J Bootle","year":"2016","unstructured":"Bootle, J., Cerulli, A., Chaidos, P., Groth, J., Petit, C.: Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 327\u2013357. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5_12"},{"key":"11_CR20","unstructured":"Bowe, S., Gabizon, A.: Making groth\u2019s zk-snark simulation extractable in the random oracle model. Cryptology ePrint Archive, Paper 2018\/187 (2018). https:\/\/eprint.iacr.org\/2018\/187"},{"key":"11_CR21","doi-asserted-by":"publisher","unstructured":"Bowe, S., Gabizon, A., Green, M.D.: A multi-party protocol for constructing the public parameters of the pinocchio zk-SNARK. In: Zohar, A., Eyal, I., Teague, V., Clark, J., Bracciali, A., Pintore, F., Sala, M. (eds.) FC 2018. LNCS, vol. 10958, pp. 64\u201377. Springer, Heidelberg (2019). https:\/\/doi.org\/10.1007\/978-3-662-58820-8_5","DOI":"10.1007\/978-3-662-58820-8_5"},{"key":"11_CR22","doi-asserted-by":"publisher","unstructured":"B\u00fcnz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: 2018 IEEE Symposium on Security and Privacy, pp. 315\u2013334. IEEE Computer Society Press, May 2018. https:\/\/doi.org\/10.1109\/SP.2018.00020","DOI":"10.1109\/SP.2018.00020"},{"key":"11_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-030-64378-2_1","volume-title":"Theory of Cryptography","author":"B B\u00fcnz","year":"2020","unstructured":"B\u00fcnz, B., Chiesa, A., Mishra, P., Spooner, N.: Recursive proof composition from accumulation schemes. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part II. LNCS, vol. 12551, pp. 1\u201318. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64378-2_1"},{"key":"11_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1007\/3-540-44448-3_25","volume-title":"Advances in Cryptology","author":"J Camenisch","year":"2000","unstructured":"Camenisch, J., Damg\u00e5rd, I.: Verifiable encryption, group encryption, and their applications to separable group signatures and signature sharing schemes. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 331\u2013345. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44448-3_25"},{"key":"11_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/978-3-319-78381-9_11","volume-title":"Advances in Cryptology","author":"J Camenisch","year":"2018","unstructured":"Camenisch, J., Drijvers, M., Gagliardoni, T., Lehmann, A., Neven, G.: The wonderful world of global random oracles. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 280\u2013312. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_11"},{"key":"11_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-92078-4_1","volume-title":"Advances in Cryptology","author":"M Campanelli","year":"2021","unstructured":"Campanelli, M., Faonio, A., Fiore, D., Querol, A., Rodr\u00edguez, H.: Lunar: a\u00a0toolbox for\u00a0more efficient universal and\u00a0updatable zkSNARKs and\u00a0commit-and-prove extensions. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021, Part III. LNCS, vol. 13092, pp. 3\u201333. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92078-4_1"},{"key":"11_CR27","unstructured":"Campanelli, M., Ganesh, C., Khoshakhlagh, H., Siim, J.: Impossibilities in succinct arguments: Black-box extraction and more. Cryptology ePrint Archive, Report 2022\/638 (2022). https:\/\/eprint.iacr.org\/2022\/638"},{"key":"11_CR28","doi-asserted-by":"publisher","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, pp. 136\u2013145. IEEE Computer Society Press, October 2001. https:\/\/doi.org\/10.1109\/SFCS.2001.959888","DOI":"10.1109\/SFCS.2001.959888"},{"key":"11_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/978-3-540-70936-7_4","volume-title":"Theory of Cryptography","author":"R Canetti","year":"2007","unstructured":"Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61\u201385. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-70936-7_4"},{"key":"11_CR30","doi-asserted-by":"publisher","unstructured":"Canetti, R., Jain, A., Scafuro, A.: Practical UC security with a global random oracle. In: Ahn, G.J., Yung, M., Li, N. (eds.) ACM CCS 2014. pp. 597\u2013608. ACM Press, November 2014. https:\/\/doi.org\/10.1145\/2660267.2660374","DOI":"10.1145\/2660267.2660374"},{"key":"11_CR31","doi-asserted-by":"publisher","unstructured":"Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: 34th ACM STOC, pp. 494\u2013503. ACM Press, May 2002. https:\/\/doi.org\/10.1145\/509907.509980","DOI":"10.1145\/509907.509980"},{"key":"11_CR32","unstructured":"Canetti, R., Sarkar, P., Wang, X.: Triply adaptive UC NIZK. Cryptology ePrint Archive, Report 2020\/1212 (2020). https:\/\/eprint.iacr.org\/2020\/1212"},{"key":"11_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"738","DOI":"10.1007\/978-3-030-45721-1_26","volume-title":"Advances in Cryptology","author":"A Chiesa","year":"2020","unstructured":"Chiesa, A., Hu, Y., Maller, M., Mishra, P., Vesely, N., Ward, N.: Marlin: preprocessing zkSNARKs with universal and updatable SRS. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part I. LNCS, vol. 12105, pp. 738\u2013768. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45721-1_26"},{"key":"11_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"769","DOI":"10.1007\/978-3-030-45721-1_27","volume-title":"Advances in Cryptology","author":"A Chiesa","year":"2020","unstructured":"Chiesa, A., Ojha, D., Spooner, N.: Fractal: post-quantum and transparent recursive proofs from holography. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part I. LNCS, vol. 12105, pp. 769\u2013793. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45721-1_27"},{"key":"11_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/3-540-44647-8_33","volume-title":"Advances in Cryptology","author":"A De Santis","year":"2001","unstructured":"De Santis, A., Di Crescenzo, G., Ostrovsky, R., Persiano, G., Sahai, A.: Robust non-interactive zero knowledge. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 566\u2013598. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44647-8_33"},{"key":"11_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1007\/978-3-540-85174-5_29","volume-title":"Advances in Cryptology","author":"Y Dodis","year":"2008","unstructured":"Dodis, Y., Shoup, V., Walfish, S.: Efficient constructions of composable commitments and zero-knowledge proofs. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 515\u2013535. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_29"},{"key":"11_CR37","doi-asserted-by":"publisher","unstructured":"Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography (extended abstract). In: 23rd ACM STOC, pp. 542\u2013552. ACM Press, May 1991. https:\/\/doi.org\/10.1145\/103418.103474","DOI":"10.1145\/103418.103474"},{"key":"11_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"60","DOI":"10.1007\/978-3-642-34931-7_5","volume-title":"Progress in Cryptology","author":"S Faust","year":"2012","unstructured":"Faust, S., Kohlweiss, M., Marson, G.A., Venturi, D.: On the non-malleability of the fiat-shamir transform. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 60\u201379. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34931-7_5"},{"key":"11_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1007\/11535218_10","volume-title":"Advances in Cryptology","author":"M Fischlin","year":"2005","unstructured":"Fischlin, M.: Communication-efficient non-interactive proofs of knowledge with online extractors. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 152\u2013168. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11535218_10"},{"key":"11_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-319-96881-0_2","volume-title":"Advances in Cryptology","author":"G Fuchsbauer","year":"2018","unstructured":"Fuchsbauer, G., Kiltz, E., Loss, J.: The Algebraic Group Model and its Applications. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 33\u201362. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_2"},{"key":"11_CR41","unstructured":"Gabizon, A., Williamson, Z.J., Ciobotaru, O.: PLONK: permutations over lagrange-bases for oecumenical noninteractive arguments of knowledge. Cryptology ePrint Archive, Report 2019\/953 (2019). https:\/\/eprint.iacr.org\/2019\/953"},{"key":"11_CR42","doi-asserted-by":"publisher","unstructured":"Ganesh, C., Khoshakhlagh, H., Kohlweiss, M., Nitulescu, A., Zajac, M.: What makes fiat-shamir zksnarks (updatable SRS) simulation extractable? In: Galdi, C., Jarecki, S. (eds.) SCN 2022. Lecture Notes in Computer Science, vol. 13409, pp. 735\u2013760. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-14791-3_32","DOI":"10.1007\/978-3-031-14791-3_32"},{"key":"11_CR43","unstructured":"Ganesh, C., Kondi, Y., Orlandi, C., Pancholi, M., Takahashi, A., Tschudi, D.: Witness-succinct universally-composable snarks. Cryptology ePrint Archive, Paper 2022\/1618 (2022). https:\/\/eprint.iacr.org\/2022\/1618"},{"key":"11_CR44","doi-asserted-by":"publisher","unstructured":"Ganesh, C., Orlandi, C., Pancholi, M., Takahashi, A., Tschudi, D.: Fiat-shamir bulletproofs are non-malleable (in the algebraic group model). In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part II. LNCS, vol. 13276, pp. 397\u2013426. Springer, Heidelberg, May\/June 2022. https:\/\/doi.org\/10.1007\/978-3-031-07085-3_14","DOI":"10.1007\/978-3-031-07085-3_14"},{"key":"11_CR45","unstructured":"Ganesh, C., Orlandi, C., Pancholi, M., Takahashi, A., Tschudi, D.: Fiat-shamir bulletproofs are non-malleable (in the random oracle model). Cryptology ePrint Archive, Paper 2023\/147 (2023). https:\/\/eprint.iacr.org\/2023\/147"},{"issue":"2","key":"11_CR46","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/s00145-005-0307-3","volume":"19","author":"JA Garay","year":"2005","unstructured":"Garay, J.A., MacKenzie, P., Yang, K.: Strengthening Zero-Knowledge Protocols Using Signatures. J. Cryptology 19(2), 169\u2013209 (2005). https:\/\/doi.org\/10.1007\/s00145-005-0307-3","journal-title":"J. Cryptology"},{"key":"11_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-38348-9_37","volume-title":"Advances in Cryptology","author":"R Gennaro","year":"2013","unstructured":"Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626\u2013645. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_37"},{"issue":"4","key":"11_CR48","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1016\/S0020-0190(98)00116-1","volume":"67","author":"O Goldreich","year":"1998","unstructured":"Goldreich, O., H\u00e5stad, J.: On the complexity of interactive proofs with bounded communication. Inf. Process. Lett. 67(4), 205\u2013214 (1998)","journal-title":"Inf. Process. Lett."},{"issue":"1","key":"11_CR49","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s00037-002-0169-0","volume":"11","author":"O Goldreich","year":"2002","unstructured":"Goldreich, O., Vadhan, S., Wigderson, A.: On interactive proofs with a laconic prover. Comput. Complexity 11(1), 1\u201353 (2002)","journal-title":"Comput. Complexity"},{"key":"11_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"444","DOI":"10.1007\/11935230_29","volume-title":"Advances in Cryptology","author":"J Groth","year":"2006","unstructured":"Groth, J.: Simulation-sound NIZK proofs for a practical language and constant size group signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444\u2013459. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11935230_29"},{"key":"11_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-662-49896-5_11","volume-title":"Advances in Cryptology","author":"J Groth","year":"2016","unstructured":"Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 305\u2013326. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5_11"},{"key":"11_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"698","DOI":"10.1007\/978-3-319-96878-0_24","volume-title":"Advances in Cryptology","author":"J Groth","year":"2018","unstructured":"Groth, J., Kohlweiss, M., Maller, M., Meiklejohn, S., Miers, I.: Updatable and universal common reference strings with applications to\u00a0zk-SNARKs. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part III. LNCS, vol. 10993, pp. 698\u2013728. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96878-0_24"},{"key":"11_CR53","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"581","DOI":"10.1007\/978-3-319-63715-0_20","volume-title":"Advances in Cryptology","author":"J Groth","year":"2017","unstructured":"Groth, J., Maller, M.: Snarky signatures: minimal signatures of knowledge from simulation-extractable SNARKs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 581\u2013612. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63715-0_20"},{"key":"11_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"339","DOI":"10.1007\/11761679_21","volume-title":"Advances in Cryptology","author":"J Groth","year":"2006","unstructured":"Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339\u2013358. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11761679_21"},{"key":"11_CR55","doi-asserted-by":"publisher","unstructured":"Groth, J., Ostrovsky, R., Sahai, A.: New techniques for noninteractive zero-knowledge. J. ACM 59(3), 11:1\u201311:35 (2012). https:\/\/doi.org\/10.1145\/2220357.2220358","DOI":"10.1145\/2220357.2220358"},{"key":"11_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1007\/978-3-319-10879-7_25","volume-title":"Security and Cryptography for Networks","author":"A Jain","year":"2014","unstructured":"Jain, A., Pandey, O.: Non-malleable zero knowledge: black-box constructions and definitional relationships. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 435\u2013454. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-10879-7_25"},{"key":"11_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1007\/978-3-642-17373-8_11","volume-title":"Advances in Cryptology","author":"A Kate","year":"2010","unstructured":"Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 177\u2013194. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_11"},{"key":"11_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"580","DOI":"10.1007\/978-3-030-84245-1_20","volume-title":"Advances in Cryptology","author":"S Katsumata","year":"2021","unstructured":"Katsumata, S.: A new simple technique to bootstrap various lattice zero-knowledge proofs to\u00a0QROM secure NIZKs. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part II. LNCS, vol. 12826, pp. 580\u2013610. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84245-1_20"},{"key":"11_CR59","unstructured":"Kattis, A., Panarin, K., Vlasov, A.: RedShift: transparent SNARKs from list polynomial commitment IOPs. Cryptology ePrint Archive, Report 2019\/1400 (2019). https:\/\/eprint.iacr.org\/2019\/1400"},{"key":"11_CR60","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"364","DOI":"10.1007\/978-3-030-84259-8_13","volume-title":"Advances in Cryptology","author":"T Kerber","year":"2021","unstructured":"Kerber, T., Kiayias, A., Kohlweiss, M.: Composition with knowledge assumptions. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part IV. LNCS, vol. 12828, pp. 364\u2013393. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84259-8_13"},{"key":"11_CR61","doi-asserted-by":"publisher","unstructured":"Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: 24th ACM STOC, pp. 723\u2013732. ACM Press, May 1992. https:\/\/doi.org\/10.1145\/129712.129782","DOI":"10.1145\/129712.129782"},{"key":"11_CR62","unstructured":"Kondi, Y., shelat, a.: Improved straight-line extraction in the random oracle model with applications to signature aggregation. Cryptology ePrint Archive, Report 2022\/393 (2022). https:\/\/eprint.iacr.org\/2022\/393"},{"key":"11_CR63","unstructured":"Kosba, A., et al.: C$$\\emptyset $$c$$\\emptyset $$: a framework for building composable zero-knowledge proofs. Cryptology ePrint Archive, Report 2015\/1093 (2015), https:\/\/eprint.iacr.org\/2015\/1093"},{"key":"11_CR64","unstructured":"Lipmaa, H.: Simulation-extractable SNARKs revisited. Cryptology ePrint Archive, Report 2019\/612 (2019). https:\/\/eprint.iacr.org\/2019\/612"},{"key":"11_CR65","unstructured":"Lysyanskaya, A., Rosenbloom, L.N.: Efficient and universally composable non-interactive zero-knowledge proofs of knowledge with security against adaptive corruptions. Cryptology ePrint Archive, Paper 2022\/1484 (2022). https:\/\/eprint.iacr.org\/2022\/1484"},{"key":"11_CR66","unstructured":"Lysyanskaya, A., Rosenbloom, L.N.: Universally composable sigma-protocols in the global random-oracle model. Cryptology ePrint Archive, Report 2022\/290 (2022). https:\/\/eprint.iacr.org\/2022\/290"},{"key":"11_CR67","doi-asserted-by":"publisher","unstructured":"Maller, M., Bowe, S., Kohlweiss, M., Meiklejohn, S.: Sonic: zero-knowledge SNARKs from linear-size universal and updatable structured reference strings. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019. pp. 2111\u20132128. ACM Press, November 2019. https:\/\/doi.org\/10.1145\/3319535.3339817","DOI":"10.1145\/3319535.3339817"},{"key":"11_CR68","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-642-27375-9_3","volume-title":"Theory of Security and Applications","author":"U Maurer","year":"2012","unstructured":"Maurer, U.: Constructive cryptography \u2013 a new paradigm for security definitions and proofs. In: M\u00f6dersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 33\u201356. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-27375-9_3"},{"key":"11_CR69","doi-asserted-by":"publisher","unstructured":"Micali, S.: Computationally sound proofs. SIAM J. Comput. 30(4), 1253\u20131298 (2000) https:\/\/doi.org\/10.1137\/S0097539795284959","DOI":"10.1137\/S0097539795284959"},{"key":"11_CR70","doi-asserted-by":"publisher","unstructured":"Parno, B., Howell, J., Gentry, C., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: 2013 IEEE Symposium on Security and Privacy. pp. 238\u2013252. IEEE Computer Society Press, May 2013. https:\/\/doi.org\/10.1109\/SP.2013.47","DOI":"10.1109\/SP.2013.47"},{"key":"11_CR71","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"316","DOI":"10.1007\/978-3-540-45146-4_19","volume-title":"Advances in Cryptology","author":"R Pass","year":"2003","unstructured":"Pass, R.: On deniability in the common reference string and random oracle model. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 316\u2013337. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_19"},{"key":"11_CR72","doi-asserted-by":"publisher","unstructured":"Pass, R., Rosen, A.: New and improved constructions of non-malleable cryptographic protocols. In: Gabow, H.N., Fagin, R. (eds.) 37th ACM STOC, pp. 533\u2013542. ACM Press, May 2005. https:\/\/doi.org\/10.1145\/1060590.1060670","DOI":"10.1145\/1060590.1060670"},{"key":"11_CR73","doi-asserted-by":"publisher","unstructured":"Sahai, A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In: 40th FOCS, pp. 543\u2013553. IEEE Computer Society Press, October 1999. https:\/\/doi.org\/10.1109\/SFFCS.1999.814628","DOI":"10.1109\/SFFCS.1999.814628"},{"key":"11_CR74","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"755","DOI":"10.1007\/978-3-662-46803-6_25","volume-title":"Advances in Cryptology","author":"D Unruh","year":"2015","unstructured":"Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part II. LNCS, vol. 9057, pp. 755\u2013784. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46803-6_25"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-30617-4_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,15]],"date-time":"2025-04-15T22:03:07Z","timestamp":1744754587000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-30617-4_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031306167","9783031306174"],"references-count":74,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-30617-4_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"15 April 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Lyon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 April 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 April 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"42","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"415","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"109","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}