Article · Wikipedia archive · Last revised Jul 14, 2026

Common reference string model

In cryptography, the common reference string (CRS) model captures the assumption that a trusted setup in which all involved parties get access to the same string crs taken from some distribution D exists. Schemes proven secure in the CRS model are secure given that the setup was performed correctly. The common reference string model is a generalization of the common random string model, in which D is the uniform distribution of bit strings. As stated in, the CRS model is equivalent to the reference string model and the public parameters model.

Last revised
Jul 14, 2026
Read time
≈ 1 min
Length
148 w
Citations
3
Source

In cryptography, the common reference string (CRS) model captures the assumption that a trusted setup in which all involved parties get access to the same string crs taken from some distribution D exists. Schemes proven secure in the CRS model are secure given that the setup was performed correctly. The common reference string model is a generalization of the common random string model, in which D is the uniform distribution of bit strings. As stated in,1 the CRS model is equivalent to the reference string model 2 and the public parameters model.3

The CRS model has applications in the study of non-interactive zero-knowledge proofs and universal composability.

References

References

  1. Ran Canetti and Marc Fischlin; Universally Composable Commitments; Cryptology ePrint Archive: Report 2001/055 (link)
  2. Marc Fischlin, Roger Fischlin: Efficient Non-malleable Commitment Schemes. CRYPTO 2000: 413–431 (link)
  3. Ivan Damgård: Efficient Concurrent Zero-Knowledge in the Auxiliary String Model. EUROCRYPT 2000: 418–430 (link)