Show simple item record

dc.contributor.advisorRonald L. Rivest.en_US
dc.contributor.authorVirza, Madarsen_US
dc.contributor.otherMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.en_US
dc.date.accessioned2018-03-02T22:21:48Z
dc.date.available2018-03-02T22:21:48Z
dc.date.copyright2017en_US
dc.date.issued2017en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/113986
dc.descriptionThesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2017.en_US
dc.descriptionCataloged from PDF version of thesis.en_US
dc.descriptionIncludes bibliographical references (pages 120-131).en_US
dc.description.abstractZero-knowledge proofs, introduced by Goldwasser, Micali, and Rackoff, are a fundamental building block in theoretical cryptography with numerous applications. Still, the impact of zero-knowledge proofs for building secure systems in practice has been modest at best. Part of this can be explained by the economics of deploying new technology in the wild: often introducing a trusted third party in lieu of a proof system achieves users' security goals with lower anticipated cost. The goal of this thesis is to lower the cost of using zero-knowledge proofs in real-world systems. This cost has two major components: the cost incurred by the proof system itself, and the price paid to instantiate the security model the proof system relies on. Working with my collaborators, I have contributed to reducing both of these costs: -- Cost of the security model. For many practical scenarios it is crucial that proofs be non-interactive and succinct. In the standard model, non-interactive zero-knowledge (NIZK) proofs do not exist for languages outside BPP (even with just computational soundness). However, if the security model includes a trusted party, available for a one-time setup phase, then NIZKs exist for all languages in N P. Soundness of the NIZK depends on this trusted setup: if public parameters are not correctly generated, or if the trusted party's secret internal randomness is revealed, an attacker could convince the verifier of false N P statements without being detected. We show how public parameters for a class of NIZKs can be generated by a concretely-efficient multi-party protocol, such that if at least one of the parties is honest, then the result is secure and can be subsequently used for generating and verifying numerous proofs without any further trust. -- Cost of the proof system. We have designed and built an open-source cryptographic library, called libsnark, that provides efficient implementations of state-of-the-art zero-knowledge proof constructions. Our library is the fastest and most comprehensive suite of zero-knowledge proofs currently available. Working in tandem, these contributions have achieved industrial impact, and are the main efficiency enablers for Zerocash, a privacy-preserving payment system.en_US
dc.description.statementofresponsibilityby Madars Virza.en_US
dc.format.extent131 pagesen_US
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsMIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582en_US
dc.subjectElectrical Engineering and Computer Science.en_US
dc.titleOn deploying succinct zero-knowledge proofsen_US
dc.typeThesisen_US
dc.description.degreePh. D.en_US
dc.contributor.departmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
dc.identifier.oclc1023629916en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record