We study a new Fiat-Shamir transformation based on an ideal permutation that minimizes permutation calls and aligns more closely with deployed systems. We show concrete bounds for soundness, knowledge soundness, and zero knowledge, revealing that indifferentiability -- the standard notion used in this context for 20 years -- falls short for providing security of Fiat–Shamir-based proofs. We fill this gap by introducing a stronger indifferentiability notion that captures the security requirements of modern proof systems.
Based on the work of Alessandro Chiesa, Michele Orrù - appeared at TCC 2025
Link: //eprint.iacr.org/2025/536.pdf
