The algebraic group model and its applications

Two-round trip Schnorr multi-signatures via delinearized witnesses ⋮ MuSig2: simple two-round Schnorr multi-signatures ⋮ Tighter security for Schnorr identification and signatures: a high-moment forking lemma for \({\varSigma }\)-protocols ⋮ \textsf{Halo Infinite}: proof-carrying data from additive polynomial commitments ⋮ An algebraic framework for universal and updatable SNARKs ⋮ Non-interactive half-aggregation of EdDSA and variants of Schnorr signatures ⋮ Updateable Inner Product Argument with Logarithmic Verifier and Applications ⋮ On QA-NIZK in the BPK Model ⋮ Tight state-restoration soundness in the algebraic group model ⋮ Non-malleable codes for bounded parallel-time tampering ⋮ Fine-grained secure attribute-based encryption ⋮ Composition with knowledge assumptions ⋮ Another look at extraction and randomization of Groth's zk-SNARK ⋮ Versatile and sustainable timed-release encryption and sequential time-lock puzzles (extended abstract) ⋮ One-more unforgeability of blind ECDSA ⋮ Subversion-resistant quasi-adaptive NIZK and applications to modular zk-SNARKs ⋮ The multi-base discrete logarithm problem: tight reductions and non-rewinding proofs for Schnorr identification and signatures ⋮ Guaranteed output in \(O(\sqrt{n})\) rounds for round-robin sampling protocols ⋮ Fiat-Shamir bulletproofs are non-malleable (in the algebraic group model) ⋮ Optimal tightness for chain-based unique signatures ⋮ A fast and simple partially oblivious PRF, with applications ⋮ Short pairing-free blind signatures with exponential security ⋮ A Unified Framework for Non-universal SNARKs ⋮ ECLIPSE: Enhanced Compiling Method for Pedersen-Committed zkSNARK Engines ⋮ The One-More Discrete Logarithm Assumption in the Generic Group Model ⋮ Chain Reductions for Multi-signatures and the HBMS Scheme ⋮ Plumo: an ultralight blockchain client ⋮ Witness-succinct universally-composable SNARKs ⋮ Spartan and bulletproofs are simulation-extractable (for free!) ⋮ Tracing a linear subspace: application to linearly-homomorphic group signatures ⋮ Generic models for group actions ⋮ Threshold and multi-signature schemes from linear hash functions ⋮ Revisiting BBS signatures ⋮ Rai-Choo! Evolving blind signatures to the next level ⋮ PI-Cut-Choo and friends: compact blind signatures via parallel instance cut-and-choose and more ⋮ Half-aggregation of Schnorr signatures with tight reductions ⋮ On pairing-free blind signature schemes in the algebraic group model ⋮ Counting vampires: from univariate sumcheck to updatable ZK-SNARK ⋮ Pointcheval-Sanders signature-based synchronized aggregate signature ⋮ NIWI and new notions of extraction for algebraic languages ⋮ What makes Fiat-Shamir zkSNARKs (updatable SRS) simulation extractable? ⋮ Non-interactive Mimblewimble transactions, revisited ⋮ Memory-tight multi-challenge security of public-key encryption ⋮ Fine-grained non-interactive key-exchange: constructions and lower bounds ⋮ On time-lock cryptographic assumptions in abelian hidden-order groups ⋮ \(\mathcal{Lunar}\): a toolbox for more efficient universal and updatable zkSNARKs and commit-and-prove extensions ⋮ Gentry-Wichs is tight: a falsifiable non-adaptively sound SNARG ⋮ Proofs for inner pairing products and applications ⋮ Snarky ceremonies ⋮ Algebraic adversaries in the universal composability framework ⋮ Smooth zero-knowledge hash functions ⋮ Succinct publicly-certifiable proofs. Or, can a blockchain verify a designated-verifier proof? ⋮ To label, or not to label (in generic groups) ⋮ Better than advertised security for non-interactive threshold signatures ⋮ The price of verifiability: lower bounds for verifiable random functions ⋮ CRS-updatable asymmetric quasi-adaptive NIZK arguments ⋮ Beyond Uber: instantiating generic groups via PGGs ⋮ Linear-map vector commitments and their practical applications ⋮ PointProofs, revisited ⋮ An analysis of the algebraic group model ⋮ \textsf{Bingo}: adaptivity and asynchrony in verifiable secret sharing and distributed key generation ⋮ Fully adaptive Schnorr threshold signatures ⋮ Snowblind: a threshold blind signature in pairing-free groups ⋮ Practical Schnorr threshold signatures without the algebraic group model ⋮ Algebraic reductions of knowledge ⋮ Succinct functional commitment for a large class of arithmetic circuits ⋮ Practical dynamic group signatures without knowledge extractors ⋮ Non-malleable time-lock puzzles and applications ⋮ Fine-grained secure attribute-based encryption ⋮ On subversion-resistant SNARKs ⋮ Marlin: preprocessing zkSNARKs with universal and updatable SRS ⋮ Everybody's a target: scalability in public-key encryption ⋮ A classification of computational assumptions in the algebraic group model ⋮ A non-PCP approach to succinct quantum-safe zero-knowledge ⋮ Generically speeding-up repeated squaring is equivalent to factoring: sharp thresholds for all generic-ring delay functions ⋮ Shorter non-interactive zero-knowledge arguments and ZAPs for algebraic languages ⋮ On the memory-tightness of hashed ElGamal ⋮ Blind Schnorr signatures and signed ElGamal encryption in the algebraic group model ⋮ On instantiating the algebraic group model from falsifiable assumptions