Roberto Parisella defended his PhD thesis
Roberto Parisella defended his PhD thesis

Roberto Parisella defended his PhD thesis


On 09.06, Roberto Parisella defended his PhD thesis “On a New, Efficient Framework for Falsifiable Non-interactive Zero-Knowledge Arguments”. The defence took place in the Nash Auditorium at Vitensenteret.

Main research findings

A zero-knowledge proof is a protocol between a prover, and a verifier. The prover aims to convince the verifier of the truth of some statement, such as possessing credentials for a valid credit card, without revealing any private information, such as the credentials themselves. In many applications, it is desirable to use NIZKs (Non-Interactive Zero-Knowledge) proofs, where the prover sends outputs only a single message that can be verified by many verifiers.

As a drawback, secure NIZKs for non-trivial languages can only exist in the presence of a trusted third party that computes a common reference string and makes it available to both the prover and verifier. When no such party exists, one sometimes relies on non interactive witness indistinguishability (NIWI), a weaker notion of privacy. The study of efficient and secure NIZKs is a crucial part of cryptography that has been thriving recently due to blockchain applications.

In the first paper, we construct a new NIZK for the language of common zeros of a finite set of polynomials over a finite field. We demonstrate its usefulness by giving a large number of example applications. Notably, it is possible to go from a high-level language description to the definition of the NIZK almost automatically, lessening the need for dedicated cryptographic expertise. In the second paper, we construct a NIWI using a new compiler. We explore the notion of Knowledge Soundness (a security notion stronger than soundness) of some NIZK constructions. In the third paper, we extended the first paper’s work by constructing a new set (non-)membership NIZK that allows us to prove that an element belongs or does not belong to the given set.

Many new constructions have better efficiency compared to already-known constructions.

Adjudication committee:

  • Associate Professor Carla Ràfols, Pompeu Fabra University, Spain
  • Senior researcher Daniel Slamanig, Austrian Institute of Technology, Austria
  • Professor Sondre Rønjom, University of Bergen, Norway


  • Chief Research Scientist Helger Lipmaa, Department of Cryptography, Simula UiB
  • Research Director Øyvind Ytrehus, Simula UiB

Read more at this UiB page.

Associated contacts

Øyvind Ytrehus

Øyvind Ytrehus

ProfessorResearch Director

Roberto Parisella

Roberto Parisella

Postdoctoral Fellow