Lightnews — Scholar-powered news

Reposted by Janno Siim

Tjerand Silde @tjesi.bsky.social · Sep 9

The EU Parliament has published a new proposal for Chat Control to mass-surveil all digital communication in Europe. The proposal is ineffective, weakens secure communication, and violates basic human privacy. This must be stopped immediately. #ChatControl
csa-scientist-open-letter.org/Sep2025

csa-scientist-open-letter.org

1 14 23

Reposted by Janno Siim

Helger Lipmaa @helger.bsky.social · Aug 17

Really happy to have Jens Groth visiting us in Tartu and giving a seminar on ZK, zkVMs, and AI on Tuesday

1 1 8

Janno Siim @jannosiim.bsky.social · Jul 16

This is some mind-blowing stuff :o

ePrint Updates @eprint.ing.bot · Jul 16

Gödel in Cryptography: Effectively Zero-Knowledge Proofs for NP with No Interaction, No Setup, and Perfect Soundness (Rahul Ilango) ia.cr/2025/1296

Abstract. A zero-knowledge proof demonstrates that a fact (like that a Sudoku puzzle has a solution) is true while, counterintuitively, revealing nothing else (like what the solution actually is). This remarkable guarantee is extremely useful in cryptographic applications, but it comes at a cost. A classical impossibility result by Goldreich and Oren [J. Cryptol. ’94] shows that zero-knowledge proofs must necessarily sacrifice basic properties of traditional mathematical proofs — namely perfect soundness (that no proof of a false statement exists) and non-interactivity (that a proof can be transmitted in a single message).

Contrary to this impossibility, we show that zero-knowledge with perfect soundness and no interaction is effectively possible. We do so by defining and constructing a powerful new relaxation of zero-knowledge. Intuitively, while the classical zero-knowledge definition requires that an object called a simulator actually exists, our new definition only requires that one cannot rule out that a simulator exists (in a particular logical sense). Using this, we show that every falsifiable security property of (classical) zero-knowledge can be achieved with no interaction, no setup, and perfect soundness. This enables us to remove interaction and setup from (classical) zero-knowledge in essentially all of its applications in the literature, at the relatively mild cost that such applications now have security that is “game-based” instead of “simulation-based.”

Our construction builds on the work of Kuykendall and Zhandry [TCC ’20] and relies on two central, longstanding, and well-studied assumptions that we show are also necessary. The first is the existence of non-interactive witness indistinguishable proofs, which follows from standard assumptions in cryptography. The second is Krajícek and Pudlák’s 1989 conjecture that no optimal proof system exists. This is one of the main conjectures in the field of proof complexity and is the natural finitistic analogue of the impossibility of Hilbert’s second problem (and, hence, also Gödel’s incompleteness theorem). Our high-level idea is to use these assumptions to construct a prover and verifier where no simulator exists, but the non-existence of a simulator is independent (in the logical sense of unprovability) of an arbitrarily strong logical system. One such logical system is the standard axioms of mathematics: ZFC.

1

Janno Siim @jannosiim.bsky.social · Jul 16

No idea. Looking at the source, it should've been easy to figure out that these are intentional

1

Janno Siim @jannosiim.bsky.social · Jul 16

It took me a moment to understand what is the issue :D

1 1

Janno Siim @jannosiim.bsky.social · Jul 16

Springer just sent an "Urgent" email that many authors from Crypto 2025 (all from ZK community) have broken references provided as "?" in their camera-ready version:

2 2 4

Janno Siim @jannosiim.bsky.social · Jun 11

There are a few other results in the paper. Such as how to consider imperfect oracles etc.

Janno Siim @jannosiim.bsky.social · Jun 11

Our original intention was to show that Uber assumption reduces to n-PDL (just like in the algebraic group model, but now in the standard model.) However, this we show to be impossible with any generic reduction (such as den Boer-Maurer reduction).

1

Janno Siim @jannosiim.bsky.social · Jun 11

Our paper with Roberto Parisella and Maiara Bollauf was accepted to CiC. We extend DL <=> CDH reduction by den Boer and Maurer.

In particular, we show that in BLS12-381 n-PDL (Power DL) is equivalent to n-Diffie-Hellman exponent assumption.

ePrint Updates @eprint.ing.bot · Jun 10

Revisiting Discrete Logarithm Reductions (Maiara F. Bollauf, Roberto Parisella, Janno Siim) ia.cr/2025/1079

Abstract. A reduction showing that the hardness of the discrete logarithm (DL) assumption implies the hardness of the computational Diffie-Hellman (CDH) assumption in groups of order p, where p − 1 is smooth, was first presented by den Boer [Crypto, 88].} We also consider groups of prime order p, where p − 1 is somewhat smooth (say, every prime q that divides p − 1 is less than 2¹⁰⁰). Several practically relevant groups satisfy this condition. 1. We present a concretely efficient version of the reduction for such groups. In particular, among practically relevant groups, we obtain the most efficient and tightest reduction in the literature for BLS12-381, showing that DL = CDH. 2. By generalizing the reduction, we show that in these groups the n-Power DL (n-PDL) assumption implies n-Diffie-Hellman Exponent (n-DHE) assumption, where n is polynomial in the security parameter. On the negative side, we show there is no generic reduction, which could demonstrate that n-PDL implies the n-Generalized Diffie-Hellman Exponent (n-GDHE) assumption. This is in stark contrast with the algebraic group model, where this implication holds.

1 6

Reposted by Janno Siim

Joseph Lorenzo Hall, PhD @josephhall.org · Jun 7

"Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order" by @ericjgeller.com www.cybersecuritydive.com/news/trump-c... (updated EO 14144 text using Gemini 2.5 Pro here: docs.google.com/document/d/1... )

Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order

The White House accused the Biden administration of trying to “sneak problematic and distracting issues into cybersecurity policy.”

www.cybersecuritydive.com

4 3

Janno Siim @jannosiim.bsky.social · May 30

"By the national bibliometry rules, conference papers are not counted in the most important reporting processes. Thus, we are strongly incentivised with money to publish research in venues where the impact is lower."

That was surprising to read. I hope it will change.

1 1

Reposted by Janno Siim

Helger Lipmaa @helger.bsky.social · May 5

New accepted paper at Crypto 2025:
"On Knowledge-Soundness of Plonk in ROM from Falsifiable Assumptions" (Helger Lipmaa, Roberto Parisella, Janno Siim), with ex-students Roberto and @jannosiim.bsky.social (Janno is also now a colleague)

2 7

Reposted by Janno Siim

Matthew Green @matthewdgreen.bsky.social · May 1

In other news, Google is deploying age/ID verification based on ZK proofs. blog.google/products/goo...

It’s now easier to prove age and identity with Google Wallet

Learn more about new Google Wallet updates, including new ways to use your digital ID for age and identity verification.

blog.google

2 16 58

Janno Siim @jannosiim.bsky.social · Apr 16

Thank you 🙂

Reposted by Janno Siim

POLITICO Europe @politico.eu · Apr 3

Europe's most famous technology law, the GDPR, is next on the hit list as the EU pushes ahead with its regulatory killing spree to slash laws it reckons are weighing down its businesses.

Europe’s GDPR privacy law is headed for red tape bonfire within ‘weeks’

Long seen as untouchable in Brussels, the GDPR is next on the list of the EU’s crusade against overregulation.

www.politico.eu

12 17 58

Janno Siim @jannosiim.bsky.social · Mar 28

Join us in Tartu to work on SNARKs and ZK proofs. 👇

We intend to build a strong ZK research group here + I think it's a really cool place to live and work: virtualtour.ut.ee/en/84-univer...

1 4

Reposted by Janno Siim

John VanEnk @sw17.ch · Mar 25

Just doing some reading about the design of cryptographic protocols.

A screenshot of the Wikipedia page for Alice and Bob, but with all occurrences of "Alice and Bob" replaced with "Hegseth and Waltz".

10 110 440

Reposted by Janno Siim

Helger Lipmaa @helger.bsky.social · Mar 23

Our group in Tartu (me and
@jannosiim.bsky.social
and some PhD students) have additional openings for a postdoc and a PhD student; see crypto.cs.ut.ee/Main/OpenPos... (iacr.org/jobs link will hopefully be up in a few days). Apply by email to me

Cryptography Research Group

crypto.cs.ut.ee

3 8

Janno Siim @jannosiim.bsky.social · Mar 23

In Sofia

3

Reposted by Janno Siim

Sabine Oechsner 🟥 @proofnerd.bsky.social · Mar 21

The list of accepted talks for ProTeCS 2025 is now online.
We are looking forward to exciting talks about cryptographic proofs and proof techniques. Thanks to everyone who submitted a proposal!

protecs-workshop.gitlab.io/accepted

List of ProTeCS accepted talks - Part 1:

- Lazy “Twenty Questions” as a Proof Principle — How a pen-and-paper one-liner becomes an EasyCrypt library (François Dupressoir, University of Bristol)
- Is it better or worse (UC-wise) (Saskia Bayreuther, KASTEL Security Research Labs, Karlsruhe Institute of Technology)
- Special Soundness of Non-Interactive Polynomial Commitment Schemes (Janno Siim, University of Tartu)
- Towards formally verifying the security reductions of the TLS 1.3 key schedule in SSBee (Amirhosein Rajabi, Aalto University)
- What can the Algebraic Group Model tell us about proof techniques in the Generic Group Model? (Jake Januzelli, Oregon State University)

List of ProTeCS accepted talks - Part 2:

- Privacy Proofs for Anonymous Communication Networks (Christoph Coijanovic, Karlsruhe Institute of Technology (KIT))
- Expected (polynomial) time in cryptography (Michael Klooß, Karlsruhe Institute of Technology)
- Commit-and-Prove System for Vectors and Applications to Threshold Signing (Cavit Özbay, Hasso Plattner Institute, University of Potsdam)
- The Power of Halting in Security Games (Igors Stepanovs)
- The Humble Power of the T-tranformation (Hans Heum, Norwegian University of Science and Technology)

1 2 11

Janno Siim @jannosiim.bsky.social · Mar 21

Excited to read this :)

ePrint Updates @eprint.ing.bot · Mar 21

On Extractability of the KZG Family of Polynomial Commitment Schemes (Juraj Belohorec, Pavel Dvořák, Charlotte Hoffmann, Pavel Hubáček, Kristýna Mašková, Martin Pastyřík) ia.cr/2025/514

Abstract. We present a unifying framework for proving the knowledge-soundness of KZG-like polynomial commitment schemes, encompassing both univariate and multivariate variants. By conceptualizing the proof technique of Lipmaa, Parisella, and Siim for the univariate KZG scheme (EUROCRYPT 2024), we present tools and falsifiable hardness assumptions that permit black-box extraction of the multivariate KZG scheme. Central to our approach is the notion of a canonical Proof-of-Knowledge of a Polynomial (PoKoP) of a polynomial commitment scheme, which we use to capture the extractability notion required in constructions of practical zk-SNARKs. We further present an explicit polynomial decomposition lemma for multivariate polynomials, enabling a more direct analysis of interpolating extractors and bridging the gap between univariate and multivariate commitments. Our results provide the first standard-model proofs of extractability for the multivariate KZG scheme and many of its variants under falsifiable assumptions.

1

Reposted by Janno Siim

Daniel Slamanig @drl3c7er.bsky.social · Mar 20

We have extended the submission deadline for the International Workshop on Foundations and Applications of Privacy-Enhancing Cryptography (PrivCrypt) by two weeks to April 4, 2025, AoE. Please help spread the word and consider submitting your work to join us in Munich in Summer 😎

Daniel Slamanig @drl3c7er.bsky.social · Jan 24

We are organising the International Workshop on Foundations and Applications of Privacy-Enhancing Cryptography (PrivCrypt) - co-located with ACNS 2025 end of June in beautiful Munich.

Submission deadline is March 21, 2025 (AoE).

Please help spread the word! 🙏

privcryptworkshop.github.io

PrivCrypt 2025

privcryptworkshop.github.io

5 3

Janno Siim @jannosiim.bsky.social · Mar 12

www.sesame.com/research/cro...

I forgot after one minute that I'm not talking to a human. I guess the movie "Her" is the reality now

Reposted by Janno Siim

Martin R. Albrecht @malb.bsky.social · Mar 11

Together with @kennyog.bsky.social we're organising a meeting at Eurocrypt to discuss how the, let's say, "dramatically changing political landscape" affects cryptography and our community, both domestically in some countries but also internationally eurocrypt.iacr.org/2025/communi...

Wednesday, May 7, 14:30-16:00 (Room TBD): Cryptography in a Changing World: Navigating Geopolitical Uncertainty and Security Risks

Join us to discuss what we as a community can and should do in light of a dramatically changing political landscape, both domestically for some of us and internationally for all of us. We don't have ideas to pitch to you, but we think it will be useful to meet and to start a discussion.
For more information: Martin Albrecht and Kenny Paterson.

3 14 38

Janno Siim @jannosiim.bsky.social · Mar 6

I hope Google Chrome will use less memory now

1