Tight Security Bounds for Micali’s SNARGs

Alessandro Chiesa, Eylon Yogev

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

Succinct non-interactive arguments (SNARGs) in the random oracle model (ROM) have several attractive features: they are plausibly post-quantum; they can be heuristically instantiated via lightweight cryptography; and they have a transparent (public-coin) parameter setup. The canonical construction of a SNARG in the ROM is due to Micali (FOCS 1994), who showed how to use a random oracle to compile any probabilistically checkable proof (PCP) with sufficiently-small soundness error into a corresponding SNARG. Yet, while Micali’s construction is a seminal result, it has received little attention in terms of analysis in the past 25 years. In this paper, we observe that prior analyses of the Micali construction are not tight and then present a new analysis that achieves tight security bounds. Our result enables reducing the random oracle’s output size, and obtain corresponding savings in concrete argument size. Departing from prior work, our approach relies on precisely quantifying the cost for an attacker to find several collisions and inversions in the random oracle, and proving that any PCP with small soundness error withstands attackers that succeed in finding a small number of collisions and inversions in a certain tree-based information-theoretic game.

Original languageEnglish
Title of host publicationTheory of Cryptography - 19th International Conference, TCC 2021, Proceedings
EditorsKobbi Nissim, Brent Waters, Brent Waters
PublisherSpringer Science and Business Media Deutschland GmbH
Pages401-434
Number of pages34
ISBN (Print)9783030904586
DOIs
StatePublished - 2021
Event19th International Conference on Theory of Cryptography, TCC 2021 - Raleigh, United States
Duration: 8 Nov 202111 Nov 2021

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13042 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference19th International Conference on Theory of Cryptography, TCC 2021
Country/TerritoryUnited States
CityRaleigh
Period8/11/2111/11/21

Bibliographical note

Publisher Copyright:
© 2021, International Association for Cryptologic Research.

Funding

Acknowledgments. We thank Adi Neuman for designing the figures in this paper. Alessandro Chiesa is funded by the Ethereum Foundation and Eylon Yogev is funded by the ISF grants 484/18, 1789/19, Len Blavatnik and the Blavatnik Foundation, The Blavatnik Interdisciplinary Cyber Research Center at Tel Aviv University, and The Raymond and Beverly Sackler Post-Doctoral Scholarship. This work was done (in part) while the second author was visiting the Simons Institute for the Theory of Computing.

FundersFunder number
Blavatnik Foundation
Israel Science Foundation1789/19, 484/18
Tel Aviv University
Ethereum Foundation

    Keywords

    • Probabilistically checkable proofs
    • Random oracle
    • Succinct arguments

    Fingerprint

    Dive into the research topics of 'Tight Security Bounds for Micali’s SNARGs'. Together they form a unique fingerprint.

    Cite this