Security of Fiat-Shamir transformation
11-13, 14:20–14:50 (Asia/Bangkok), Classroom A

Fiat-Shamir transformation underlies virtually every SNARK used in the Ethereum ecosystem as it makes interactive proofs non-interactive. In this talk, we discuss the security issues if the transformation is used incorrectly (e.g., parallel repetition of a ZKP defined over a small field; such protocols became very popular thanks to their efficiency), provide examples, show the security loss that the transformation brings, and the concrete security of ZKP. Finally, we discuss best practices for k

Michal Zajac leads the research team at Nethermind.
His background is in zero-knowledge proofs: SNARKs, STARKs and shuffle arguments -- making them more efficient and secure.