IACR News item: 10 November 2015
Ahmed Kosba, Zhichao Zhao, Andrew Miller, Hubert Chan, Charalampos Papamanthou, Rafael Pass, abhi shelat, Elaine Shi
ePrint Report(e.g., written in C) to arithmetic circuits, the native representation used by SNARK constructions. However, while we would like to use these primitives in UC-secure protocols --- which are provably-secure even when composed with other arbitrary concurrently-executing protocols --- the SNARK definition is not directly compatible with this framework, due to its use of non black-box knowledge extraction. We show several constructions to transform SNARKs into UC-secure NIZKs, along with benchmarks and an end-to-end application example showing that the
added overhead is tolerable. Our constructions rely on embedding cryptographic algorithms into the SNARK proof system. Ordinarily, cryptographic constructions are chosen and tuned for implementation on CPUs or in hardware, not as arithmetic circuits. We therefore also initiate the study of SNARK-friendly cryptography, describing several protocol parameterizations, implementations, and performance comparisons for encryption, commitments, and other tasks. This is also of independent interest for use in other SNARK-based applications.
Additional news items may be found on the IACR news page.