The goal of this paper is to spread the use of non-interactive cryptographic proofs from mainly theoretical purposes to the large class of practical cryptographic protocols based on bilinear groups.Expand

It is shown that linear interactive proofs cannot have a linear decision procedure, and it follows that SNARGs where the prover and verifier use generic asymmetric bilinear group operations cannot consist of a single group element.Expand

This work gets the first group signature scheme satisfying the strong security definition of Bellare, Shi and Zhang in the standard model without random oracles where each group signature consists only of a constant number of group elements.Expand

A 3-move public coin special honest verifier zero-knowledge proof for a list of commitments having at least one commitment that opens to 0, in particular in terms of communication requiring only the transmission of a logarithmic number of commitments.Expand

This work constructs non-interactive zero-knowledge arguments for circuit satisfiability with perfect completeness, perfect zero- knowledge and computational soundness and security is based on two new cryptographic assumptions.Expand

This work focuses on schemes in bilinear groups that preserve parts of the group structure, which makes it easy to combine them with other primitives such as non-interactive zero-knowledge proofs for bilinears groups.Expand

A new group signature scheme is constructed using bilinear groups that satisfies strong security requirements, in particular providing protection against key exposures and not relying on random oracles in the security proof.Expand

This paper improves the state-of-the-art scheme by Ateniese et al. by an order of magnitude and satisfies the recent security definition by Bellare et al, showing that their notion of full-anonymity may require stronger assumptions than what is needed to achieve a relaxed but reasonable notion of anonymity.Expand

An honest verifier zero-knowledge argument is suggested for the correctness of a shuffle of homomorphic encryptions based on ElGamal encryption, which is more efficient than previous schemes both in terms of communication and computation.Expand

An honest verifier zero-knowledge argument for the correctness of a shuffle of homomorphic encryptions that has the lowest computation cost for the verifier compared to previous work and also has an efficient prover.Expand