zkDaily - 2026-05-26

零知识证明 zkDaily

ZKP Frontier Tracker 🎯

Tue

05.26

2026

Resettable Non-Interactive Zero-Knowledge: Attacks and Defenses

Paper

https://eprint.iacr.org/2026/1036

Behzad Abdolmaleki Fiat-Shamir NIZK

Abdolmaleki et al. present the first systematic study of resettable security for NIZKs in their paper, formalizing strong resettable ZK, demonstrating attacks on Fiat-Shamir PIOP SNARKs, and proposing a PRF-based generic compiler defense.

Notes

First systematic study of resettable security for NIZK
Formalized strong resettable ZK (srZK) covering partial randomness reset attacks
Demonstrated attacks on Fiat-Shamir compiled Σ-protocols, PIOP SNARKs like PlonK
Proposed generic compiler: derive all randomness via PRF from pp, statement, witness, and secret seed
Defense has negligible overhead and proof size unchanged
Practical relevance: prevents randomness manipulation via side-channel/fault injection

Collected by @icerdesign

零知识证明 zkDaily

Q&A Deep Dive 💬

Tue

05.26

2026

What is strong resettable zero-knowledge (srZK)?

srZK is a new security definition introduced in the paper. It models attackers who can reset only parts of the prover’s randomness instead of the full state, matching realistic hardware fault and partial corruption scenarios.

Which protocols are vulnerable to resetting attacks?

The paper shows that Fiat-Shamir compiled Σ-protocols, PIOP-based SNARKs such as PlonK, and salted Fiat-Shamir protocols can all suffer from witness-recovery attacks under resetting conditions.

How does the proposed defense work?

The defense derives prover randomness using a PRF over the public parameters, statement, and witness, keyed by a short secret seed. This prevents attackers from manipulating randomness through resets.

Prompted by @icerdesign