Baum, C; Bootle, J; Cerulli, A; del Pino, R; Groth, J; Lyubashevsky, V; (2018) Sub-linear lattice-based zero-knowledge arguments for arithmetic circuits. In: Shacham, H and Boldyreva, A, (eds.) Advances in Cryptology – CRYPTO 2018: 38th Annual International Cryptology Conference, Proceedings, Part II. (pp. pp. 669-699). Springer: Cham, Switzerland.

Preview

Text latticeAC.pdf - Accepted Version Download (539kB) | Preview

Abstract

We propose the first zero-knowledge argument with sub-linear communication complexity for arithmetic circuit satisfiability over a prime p whose security is based on the hardness of the short integer solution (SIS) problem. For a circuit with N gates, the communication complexity of our protocol is O(Nλlog3N−−−−−−−−√) , where λ is the security parameter. A key component of our construction is a surprisingly simple zero-knowledge proof for pre-images of linear relations whose amortized communication complexity depends only logarithmically on the number of relations being proved. This latter protocol is a substantial improvement, both theoretically and in practice, over the previous results in this line of research of Damgård et al. (CRYPTO 2012), Baum et al. (CRYPTO 2016), Cramer et al. (EUROCRYPT 2017) and del Pino and Lyubashevsky (CRYPTO 2017), and we believe it to be of independent interest.

Download activity - last month

Export as JSONCSVXML

Download activity - last 12 months

Export as XMLCSVJSON

Downloads by country - last 12 months

Export as JSONCSVXML

Archive Staff Only

View Item