Why “fiat-shamir for proofs” lacks a proof
IACR Cryptology ePrint Archive, pp. 182-201, 2013.
falsifiable assumptionsound proof3-message public-coin proofstandard assumptionblack-box reductionMore(5+)
The Fiat-Shamir heuristic [CRYPTO '86] is used to convert any 3-message public-coin proof or argument system into a non-interactive argument, by hashing the prover's first message to select the verifier's challenge. It is known that this heuristic is sound when the hash function is modeled as a random oracle. On the other hand, the surpri...More
Full Text (Upload PDF)