2019 | OriginalPaper | Buchkapitel
On the (In)security of Kilian-Based SNARGs
verfasst von : James Bartusek, Liron Bronfman, Justin Holmgren, Fermi Ma, Ron D. Rothblum
Erschienen in: Theory of Cryptography
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Abstract
-
We construct a (contrived) \(\mathsf {CRHF}\) for which \(\mathsf {FSKM}\) is unsound for a very large class of \(\mathsf {PCP}\)s and for any Fiat-Shamir hash function. The collision-resistance of our \(\mathsf {CRHF}\) relies on very strong but plausible cryptographic assumptions. The statement is “tight” in the following sense: any \(\mathsf {PCP}\) outside the scope of our result trivially implies a \(\mathsf {SNARK}\), eliminating the need for \(\mathsf {FSKM}\) in the first place.
-
Second, we consider a known extension of Kilian’s protocol to an interactive variant of \(\mathsf {PCP}\)s called probabilistically checkable interactive proofs (\(\mathsf {PCIP})\) (also known as interactive oracle proofs or \(\mathsf {IOP}\)s). We construct a particular (contrived) \(\mathsf {PCIP}\) for \(\mathsf {NP}\) for which the \(\mathsf {FSKM}\) protocol is unsound no matter what \(\mathsf {CRHF}\) and Fiat-Shamir hash function is used. This result is unconditional (i.e., does not rely on any cryptographic assumptions).