{"id":"https://openalex.org/W3207075287","doi":"https://doi.org/10.1007/978-3-031-07085-3_14","title":"Fiat\u2013Shamir Bulletproofs are Non-Malleable (in the\u00a0Algebraic Group Model)","display_name":"Fiat\u2013Shamir Bulletproofs are Non-Malleable (in the\u00a0Algebraic Group Model)","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W3207075287","doi":"https://doi.org/10.1007/978-3-031-07085-3_14","mag":"3207075287"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-031-07085-3_14","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-031-07085-3_14","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://pure.au.dk/portal/en/publications/f93b233b-780e-4a4a-b37b-e65b5dd1336c","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5067115934","display_name":"Chaya Ganesh","orcid":"https://orcid.org/0000-0002-2909-9177"},"institutions":[{"id":"https://openalex.org/I59270414","display_name":"Indian Institute of Science Bangalore","ror":"https://ror.org/04dese585","country_code":"IN","type":"education","lineage":["https://openalex.org/I59270414"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Chaya Ganesh","raw_affiliation_strings":["Indian Institute of Science, Bengaluru, India"],"affiliations":[{"raw_affiliation_string":"Indian Institute of Science, Bengaluru, India","institution_ids":["https://openalex.org/I59270414"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028570693","display_name":"Claudio Orlandi","orcid":"https://orcid.org/0000-0003-4992-0249"},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Claudio Orlandi","raw_affiliation_strings":["Aarhus University, Aarhus, Denmark"],"affiliations":[{"raw_affiliation_string":"Aarhus University, Aarhus, Denmark","institution_ids":["https://openalex.org/I204337017"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064734346","display_name":"Mahak Pancholi","orcid":"https://orcid.org/0009-0006-5317-5535"},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Mahak Pancholi","raw_affiliation_strings":["Aarhus University, Aarhus, Denmark"],"affiliations":[{"raw_affiliation_string":"Aarhus University, Aarhus, Denmark","institution_ids":["https://openalex.org/I204337017"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062998951","display_name":"Akira Takahashi","orcid":"https://orcid.org/0000-0001-8556-3053"},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Akira Takahashi","raw_affiliation_strings":["Aarhus University, Aarhus, Denmark"],"affiliations":[{"raw_affiliation_string":"Aarhus University, Aarhus, Denmark","institution_ids":["https://openalex.org/I204337017"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019867191","display_name":"Daniel Tschudi","orcid":"https://orcid.org/0000-0001-6188-1049"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Daniel Tschudi","raw_affiliation_strings":["Concordium, Z\u00fcrich, Switzerland"],"affiliations":[{"raw_affiliation_string":"Concordium, Z\u00fcrich, Switzerland","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5067115934"],"corresponding_institution_ids":["https://openalex.org/I59270414"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":{"value":5000,"currency":"EUR","value_usd":5392},"fwci":9.2423,"has_fulltext":true,"cited_by_count":27,"citation_normalized_percentile":{"value":0.98383517,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"397","last_page":"426"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10304","display_name":"Geometric and Algebraic Topology","score":0.9943000078201294,"subfield":{"id":"https://openalex.org/subfields/2608","display_name":"Geometry and Topology"},"field":{"id":"https://openalex.org/fields/26","display_name":"Mathematics"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.989300012588501,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.9103974103927612},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7091566324234009},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.5140646696090698},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.5085090398788452},{"id":"https://openalex.org/keywords/group","display_name":"Group (periodic table)","score":0.4904625117778778},{"id":"https://openalex.org/keywords/malleability","display_name":"Malleability","score":0.4746181070804596},{"id":"https://openalex.org/keywords/formal-proof","display_name":"Formal proof","score":0.46873435378074646},{"id":"https://openalex.org/keywords/algebraic-number","display_name":"Algebraic number","score":0.4602230191230774},{"id":"https://openalex.org/keywords/property","display_name":"Property (philosophy)","score":0.44796329736709595},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4027540683746338},{"id":"https://openalex.org/keywords/algebra-over-a-field","display_name":"Algebra over a field","score":0.3609693646430969},{"id":"https://openalex.org/keywords/discrete-mathematics","display_name":"Discrete mathematics","score":0.35607701539993286},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.3212316632270813},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.23470956087112427},{"id":"https://openalex.org/keywords/pure-mathematics","display_name":"Pure mathematics","score":0.13656431436538696},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.07788288593292236},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.07538586854934692}],"concepts":[{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.9103974103927612},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7091566324234009},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.5140646696090698},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.5085090398788452},{"id":"https://openalex.org/C2781311116","wikidata":"https://www.wikidata.org/wiki/Q83306","display_name":"Group (periodic table)","level":2,"score":0.4904625117778778},{"id":"https://openalex.org/C100980136","wikidata":"https://www.wikidata.org/wiki/Q4668956","display_name":"Malleability","level":4,"score":0.4746181070804596},{"id":"https://openalex.org/C94461902","wikidata":"https://www.wikidata.org/wiki/Q2762418","display_name":"Formal proof","level":3,"score":0.46873435378074646},{"id":"https://openalex.org/C9376300","wikidata":"https://www.wikidata.org/wiki/Q168817","display_name":"Algebraic number","level":2,"score":0.4602230191230774},{"id":"https://openalex.org/C189950617","wikidata":"https://www.wikidata.org/wiki/Q937228","display_name":"Property (philosophy)","level":2,"score":0.44796329736709595},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4027540683746338},{"id":"https://openalex.org/C136119220","wikidata":"https://www.wikidata.org/wiki/Q1000660","display_name":"Algebra over a field","level":2,"score":0.3609693646430969},{"id":"https://openalex.org/C118615104","wikidata":"https://www.wikidata.org/wiki/Q121416","display_name":"Discrete mathematics","level":1,"score":0.35607701539993286},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.3212316632270813},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.23470956087112427},{"id":"https://openalex.org/C202444582","wikidata":"https://www.wikidata.org/wiki/Q837863","display_name":"Pure mathematics","level":1,"score":0.13656431436538696},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.07788288593292236},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.07538586854934692},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C178790620","wikidata":"https://www.wikidata.org/wiki/Q11351","display_name":"Organic chemistry","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1007/978-3-031-07085-3_14","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-031-07085-3_14","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},{"id":"pmh:oai:pure.atira.dk:publications/f93b233b-780e-4a4a-b37b-e65b5dd1336c","is_oa":true,"landing_page_url":"https://pure.au.dk/portal/en/publications/f93b233b-780e-4a4a-b37b-e65b5dd1336c","pdf_url":null,"source":null,"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Ganesh, C, Orlandi, C, Pancholi, M R, Takahashi, A & Tschudi, D 2022, Fiat-Shamir Bulletproofs are Non-Malleable (in the Algebraic Group Model). in O Dunkelman & S Dziembowski (eds), Advances in Cryptology \u2013 EUROCRYPT 2022. Springer, Cham, Lecture Notes in Computer Science (LNCS), vol. 13276, pp. 397-426. https://doi.org/10.1007/978-3-031-07085-3_14","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai::74144","is_oa":true,"landing_page_url":"https://eprints.iisc.ac.in/74144/","pdf_url":"https://mpra.ub.uni-muenchen.de/74144/1/MPRA_paper_74144.pdf","source":{"id":"https://openalex.org/S4306401429","display_name":"ePrints@IISc (Indian Institute of Science)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I59270414","host_organization_name":"Indian Institute of Science Bangalore","host_organization_lineage":["https://openalex.org/I59270414"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Poster"}],"best_oa_location":{"id":"pmh:oai:pure.atira.dk:publications/f93b233b-780e-4a4a-b37b-e65b5dd1336c","is_oa":true,"landing_page_url":"https://pure.au.dk/portal/en/publications/f93b233b-780e-4a4a-b37b-e65b5dd1336c","pdf_url":null,"source":null,"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Ganesh, C, Orlandi, C, Pancholi, M R, Takahashi, A & Tschudi, D 2022, Fiat-Shamir Bulletproofs are Non-Malleable (in the Algebraic Group Model). in O Dunkelman & S Dziembowski (eds), Advances in Cryptology \u2013 EUROCRYPT 2022. Springer, Cham, Lecture Notes in Computer Science (LNCS), vol. 13276, pp. 397-426. https://doi.org/10.1007/978-3-031-07085-3_14","raw_type":"info:eu-repo/semantics/publishedVersion"},"sustainable_development_goals":[{"score":0.6800000071525574,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W159162986","https://openalex.org/W1505345253","https://openalex.org/W1508362310","https://openalex.org/W1532874975","https://openalex.org/W1548963432","https://openalex.org/W1589034595","https://openalex.org/W2090903439","https://openalex.org/W2102632861","https://openalex.org/W2120154759","https://openalex.org/W2144752539","https://openalex.org/W2151460988","https://openalex.org/W2159339434","https://openalex.org/W2163257790","https://openalex.org/W2164736940","https://openalex.org/W2189468733","https://openalex.org/W2496543269","https://openalex.org/W2536319456","https://openalex.org/W2620662521","https://openalex.org/W2726052863","https://openalex.org/W2883748642","https://openalex.org/W2884510571","https://openalex.org/W2952604022","https://openalex.org/W2984674716","https://openalex.org/W3012492834","https://openalex.org/W3013339691","https://openalex.org/W3109521544","https://openalex.org/W3109568238"],"related_works":["https://openalex.org/W3168779796","https://openalex.org/W3037184231","https://openalex.org/W4295798319","https://openalex.org/W1819460135","https://openalex.org/W1515562936","https://openalex.org/W2044402378","https://openalex.org/W47204537","https://openalex.org/W187835144","https://openalex.org/W84189497","https://openalex.org/W2508333642"],"abstract_inverted_index":{"Bulletproofs":[0,113,140],"(B\u00fcnz":[1],"et":[2],"al.":[3],"IEEE":[4],"S&P":[5],"2018)":[6],"are":[7,33,141],"a":[8,50],"celebrated":[9],"ZK":[10],"proof":[11,52,119],"system":[12,120],"that":[13,66,112,138],"allows":[14],"for":[15,55,108],"short":[16],"and":[17,20,24],"efficient":[18],"proofs,":[19],"have":[21],"been":[22],"implemented":[23,36],"deployed":[25],"in":[26,37,131],"several":[27],"real-world":[28],"systems.":[29],"In":[30,103],"practice,":[31],"they":[32,84],"most":[34],"often":[35],"their":[38],"non-interactive":[39],"version":[40],"obtained":[41],"using":[42],"the":[43,47,96,100,109,132],"Fiat-Shamir":[44,73,139],"transform,":[45],"despite":[46],"lack":[48],"of":[49,53,95,124],"formal":[51],"security":[54],"this":[56,60,104],"setting.":[57],"Prior":[58],"to":[59,79,88],"work,":[61],"there":[62],"was":[63],"no":[64],"evidence":[65],"malleability":[67],"attacks":[68,76],"were":[69],"not":[70],"possible":[71],"against":[72],"Bulletproofs.":[74],"Malleability":[75],"can":[77],"lead":[78],"very":[80],"severe":[81],"vulnerabilities,":[82],"as":[83],"allow":[85],"an":[86],"adversary":[87],"forge":[89],"proofs":[90,97],"re-using":[91],"or":[92],"modifying":[93],"parts":[94],"provided":[98],"by":[99],"honest":[101],"parties.":[102],"paper,":[105],"we":[106],"show":[107],"first":[110],"time":[111],"(or":[114],"any":[115],"other":[116],"similar":[117],"multi-round":[118],"satisfying":[121],"some":[122],"form":[123],"weak":[125],"unique":[126],"response":[127],"property)":[128],"achieve":[129],"simulation-extractability":[130],"algebraic":[133],"group":[134],"model.":[135],"This":[136],"implies":[137],"non-malleable.":[142]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":11},{"year":2022,"cited_by_count":3}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}