Ganesh, C and Orlandi, C and Pancholi, M and Takahashi, A and Tschudi, D (2022) Fiat–Shamir Bulletproofs are Non-Malleable (in the Algebraic Group Model). In: 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022, 30 May - 3 June 2022, Trondheim, pp. 397-426.
Full text not available from this repository.Abstract
Bulletproofs (Bünz et al. IEEE S&P 2018) are a celebrated ZK proof system that allows for short and efficient proofs, and have been implemented and deployed in several real-world systems. In practice, they are most often implemented in their non-interactive version obtained using the Fiat-Shamir transform, despite the lack of a formal proof of security for this setting. Prior to this work, there was no evidence that malleability attacks were not possible against Fiat-Shamir Bulletproofs. Malleability attacks can lead to very severe vulnerabilities, as they allow an adversary to forge proofs re-using or modifying parts of the proofs provided by the honest parties. In this paper, we show for the first time that Bulletproofs (or any other similar multi-round proof system satisfying some form of weak unique response property) achieve simulation-extractability in the algebraic group model. This implies that Fiat-Shamir Bulletproofs are non-malleable.
Item Type: | Conference Poster |
---|---|
Publication: | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
Publisher: | Springer Science and Business Media Deutschland GmbH |
Additional Information: | The copyright for this article belongs to the Springer Science and Business Media Deutschland GmbH. |
Keywords: | Fiat-Shamir; Non-interactive zero-knowledge; Simulation-extractability |
Department/Centre: | Division of Electrical Sciences > Computer Science & Automation |
Date Deposited: | 05 Jul 2022 11:41 |
Last Modified: | 05 Jul 2022 11:41 |
URI: | https://eprints.iisc.ac.in/id/eprint/74144 |
Actions (login required)
View Item |