Zerocash, Bitcoin, and transparent computational integrity

Eli Ben-Sasson


Decentralized crypto-currencies like Bitcoin rely on advanced cryptography to meet their design goals. Spectacular cryptographic breakthroughs dating back to the late 1980's, such as zero-knowledge (ZK) proofs, are ideal tools for achieving some of these goals. Zerocash, for example, harnesses universal (Turing complete) ZK techniques to enable privacy and fungibility but has been criticized for its protocol's reliance on an opaque (i.e., private, or trusted) setup process. In this talk we describe our efforts to build scalable zero-knowledge proof systems which can be verified efficiently and which are *transparent* : their setup requires only a short public random string.

Based on joint works with Iddo Ben-Tov, Alessandro Chiesa, Michael Forbes, Ariel Gabizon, Daniel Genkin, Matan Hamilis, Ynon Horesh, Evgenya Pergament, Michael Riabzev, Mark Siberstein, Nicholas Spooner, Eran Tromer and Madars Virza.

Time and Place

Tuesday, February 7, 4:15pm
Gates 463