CryptoDB
Zero-knowledge Proofs for Legacy Signatures
| Authors: | |
|---|---|
| Download: | |
| Presentation: | Slides |
| Abstract: | Digital signatures underpin identity, authenticity, and trust in modern systems. Advanced variants of signatures—such as proofs of possession, ring signatures, and threshold signatures—offer security, privacy, and anonymity benefits but are rarely deployed due to incompatibility with widely used legacy schemes. This talk explores how to transform these legacy signatures— concretely, RSA, ECDSA, Ed25519, and the new NIST standards Falcon and Dilithium— into advanced variants using zkSNARKs. Making our zkSNARK-based schemes practical requires closing a huge efficiency gap that stems from, roughly, the cost of proving signature verification using the zkSNARK. We will present optimized protocols for expensive parts of signature verification, such as hashing and elliptic curve scalar multiplication. Using our techniques, we can generate a 240-byte proof of possession of an RSA signature over a message the size of a typical TLS certificate—two kilobytes—in only three seconds; the proof takes only 28 milliseconds to verify. |
| Video: | https://youtu.be/1rkECgAfKCo |
BibTeX
@misc{rwc-2025-35866,
title={Zero-knowledge Proofs for Legacy Signatures},
note={Video at \url{https://youtu.be/1rkECgAfKCo}},
howpublished={Talk given at RWC 2025},
author={Pui Yung Anna Woo and Chad Sharp and Paul Grubbs and Chris Peikert},
year=2025
}