Skip to main content
SpringerLink
Log in

Correlation Intractability and SNARGs from Sub-exponential DDH

  • Conference paper
  • First Online:
Advances in Cryptology – CRYPTO 2023 (CRYPTO 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14084))

Included in the following conference series:

Abstract

We provide the first constructions of SNARGs for Batch-\(\textsf{NP}\) and \(\textsf{P}\) based solely on the sub-exponential Decisional Diffie Hellman (DDH) assumption. Our schemes achieve poly-logarithmic proof sizes.

We obtain our results by following the correlation-intractability framework for secure instantiation of the Fiat-Shamir paradigm. The centerpiece of our results and of independent interest is a new construction of correlation-intractable hash functions for “small input” product relations verifiable in \(\textsf{TC}^0\), based on sub-exponential DDH.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    SNARGs for Batch-\(\textsf{NP}\) are also referred to as non-interactive batch arguments (BARGs).

  2. 2.

    Their transformations rely on the existence of somewhere extractable hash functions [32], which are known based on many standard assumptions, including the ones considered in this work.

  3. 3.

    Our assumption is slightly stronger than the sub-exponential DDH assumption defined in [34] (and used in [16, 33]) that only considers polynomial-time adversaries.

  4. 4.

    The transformation of [42] also works for \(\textsf{NTISP}\), i.e., bounded-space \(\textsf{NP}\).

  5. 5.

    When x is clear from the context, we simply say that y is bad.

  6. 6.

    An SEH implies somewhere binding at the same index.

  7. 7.

    We refer the reader to the technical sections for discussion on the extension of the somewhere extraction property to multiple bits.

  8. 8.

    Statistically sound interactive protocol.

References

  1. Ben-Sasson, E., et al.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474. IEEE Computer Society Press (May 2014)

    Google Scholar 

  2. Bitansky, N., et al.: The hunting of the SNARK. J. Cryptol. 30(4), 989–1066 (2017)

    Article  MathSciNet  MATH  Google Scholar 

  3. Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: Recursive composition and bootstrapping for SNARKS and proof-carrying data. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) 45th ACM STOC, pp. 111–120. ACM Press (Jun 2013)

    Google Scholar 

  4. Bitansky, N., Chiesa, A., Ishai, Y., Ostrovsky, R., Paneth, O.: Succinct non-interactive arguments via linear interactive proofs. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 315–333. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36594-2_18

    Chapter  Google Scholar 

  5. Bootle, J., Cerulli, A., Chaidos, P., Groth, J., Petit, C.: Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Fischlin, M., Coron, J.S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 327–357. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_12

    Chapter  Google Scholar 

  6. Boyle, E., Gilboa, N., Ishai, Y.: Breaking the circuit size barrier for secure computation under DDH. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 509–539. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_19

    Chapter  Google Scholar 

  7. Brakerski, Z., Koppula, V., Mour, T.: NIZK from LPN and trapdoor hash via correlation intractability for approximable relations. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part III. LNCS, vol. 12172, pp. 738–767. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-56877-1_26

    Chapter  Google Scholar 

  8. Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: 2018 IEEE Symposium on Security and Privacy, pp. 315–334. IEEE Computer Society Press (May 2018)

    Google Scholar 

  9. Canetti, R., et al.: Fiat-Shamir: from practice to theory. In: Charikar, M., Cohen, E. (eds.) 51st ACM STOC, pp. 1082–1090. ACM Press (Jun 2019)

    Google Scholar 

  10. Canetti, R., Chen, Y., Reyzin, L.: On the correlation intractability of obfuscated pseudorandom functions. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016-A, Part I. LNCS, vol. 9562, pp. 389–415. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49096-9_17

    Chapter  Google Scholar 

  11. Canetti, R., Chen, Y., Reyzin, L., Rothblum, R.D.: Fiat-Shamir and correlation intractability from strong KDM-secure encryption. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 91–122. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-319-78381-9_4

    Chapter  Google Scholar 

  12. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. J. ACM 51(4), 557–594 (Jul 2004). https://doi.org/10.1145/1008731.1008734

  13. Chen, Y., Lombardi, A., Ma, F., Quach, W.: Does fiat-shamir require a cryptographic hash function? In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part IV. LNCS, vol. 12828, pp. 334–363. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-030-84259-8_12

    Chapter  Google Scholar 

  14. Choudhuri, A.R., Garg, S., Jain, A., Jin, Z., Zhang, J.: Correlation intractability and SNARGs from sub-exponential DDH. Cryptology ePrint Archive, Report 2022/1486 (2022). https://eprint.iacr.org/2022/1486

  15. Choudhuri, A.R., Hubácek, P., Kamath, C., Pietrzak, K., Rosen, A., Rothblum, G.N.: Finding a nash equilibrium is no easier than breaking Fiat-Shamir. In: Charikar, M., Cohen, E. (eds.) 51st ACM STOC, pp. 1103–1114. ACM Press (Jun 2019)

    Google Scholar 

  16. Choudhuri, A.R., Jain, A., Jin, Z.: Non-interactive batch arguments for NP from standard assumptions. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part IV. LNCS, vol. 12828, pp. 394–423. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-030-84259-8_14

    Chapter  Google Scholar 

  17. Choudhuri, A.R., Jain, A., Jin, Z.: SNARGs for \(\cal{P} \) from LWE. In: 62nd FOCS, pp. 68–79. IEEE Computer Society Press (Feb 2022)

    Google Scholar 

  18. Couteau, G., Katsumata, S., Ursu, B.: Non-interactive zero-knowledge in pairing-free groups from weaker assumptions. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part III. LNCS, vol. 12107, pp. 442–471. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-45727-3_15

    Chapter  Google Scholar 

  19. Devadas, L., Goyal, R., Kalai, Y., Vaikuntanathan, V.: Rate-1 non-interactive arguments for batch-NP and applications. In: 63rd FOCS, pp. 1057–1068. IEEE Computer Society Press (Oct/Nov 2022)

    Google Scholar 

  20. Döttling, N., Garg, S.: Identity-based encryption from the Diffie-Hellman assumption. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 537–569. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-63688-7_18

    Chapter  Google Scholar 

  21. Döttling, N., Garg, S., Ishai, Y., Malavolta, G., Mour, T., Ostrovsky, R.: Trapdoor hash functions and their applications. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part III. LNCS, vol. 11694, pp. 3–32. Springer, Heidelberg (Aug (2019)

    Chapter  Google Scholar 

  22. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO’86. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Google Scholar 

  23. Freitag, C., Pass, R., Sirkin, N.: Parallelizable delegation from LWE. In: Kiltz, E., Vaikuntanathan, V. (eds.) TCC 2022, Part II. LNCS, vol. 13748, pp. 623–652. Springer, Heidelberg (2022)

    Google Scholar 

  24. Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626–645. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_37

    Chapter  Google Scholar 

  25. Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Fortnow, L., Vadhan, S.P. (eds.) 43rd ACM STOC, pp. 99–108. ACM Press (Jun 2011)

    Google Scholar 

  26. Grossman, O., Holmgren, J., Yogev, E.: Transparent error correcting in a computationally bounded world. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part III. LNCS, vol. 12552, pp. 530–549. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-64381-2_19

    Chapter  Google Scholar 

  27. Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_19

    Chapter  Google Scholar 

  28. Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 305–326. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_11

    Chapter  Google Scholar 

  29. Groth, J., Ostrovsky, R., Sahai, A.: Perfect non-interactive zero knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 339–358. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_21

    Chapter  Google Scholar 

  30. Holmgren, J., Lombardi, A.: Cryptographic hashing from strong one-way functions (or: One-way product functions and their applications). In: Thorup, M. (ed.) 59th FOCS, pp. 850–858. IEEE Computer Society Press (Oct 2018)

    Google Scholar 

  31. Holmgren, J., Lombardi, A., Rothblum, R.D.: Fiat-Shamir via list-recoverable codes (or: parallel repetition of GMW is not zero-knowledge). In: Khuller, S., Williams, V.V. (eds.) 53rd ACM STOC, pp. 750–760. ACM Press (Jun 2021)

    Google Scholar 

  32. Hubacek, P., Wichs, D.: On the communication complexity of secure function evaluation with long output. In: Roughgarden, T. (ed.) ITCS 2015, pp. 163–172. ACM (Jan 2015)

    Google Scholar 

  33. Hulett, J., Jawale, R., Khurana, D., Srinivasan, A.: SNARGs for P from sub-exponential DDH and QR. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part II. LNCS, vol. 13276, pp. 520–549. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-07085-3_18

    Chapter  Google Scholar 

  34. Jain, A., Jin, Z.: Non-interactive zero knowledge from sub-exponential DDH. In: Canteaut, A., Standaert, F.X. (eds.) EUROCRYPT 2021, Part I. LNCS, vol. 12696, pp. 3–32. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-030-77870-5_1

    Chapter  Google Scholar 

  35. Jawale, R., Kalai, Y.T., Khurana, D., Zhang, R.Y.: SNARGs for bounded depth computations and PPAD hardness from sub-exponential LWE. In: Khuller, S., Williams, V.V. (eds.) 53rd ACM STOC, pp. 708–721. ACM Press (Jun 2021)

    Google Scholar 

  36. Kalai, Y.T., Lombardi, A., Vaikuntanathan, V.: SNARGs and PPAD hardness from the decisional diffie-hellman assumption. Cryptology ePrint Archive, Report 2022/1409 (2022). https://eprint.iacr.org/2022/1409

  37. Kalai, Y.T., Lombardi, A., Vaikuntanathan, V., Wichs, D.: Boosting batch arguments and RAM delegation. Cryptology ePrint Archive, Report 2022/1320 (2022). https://eprint.iacr.org/2022/1320

  38. Kalai, Y.T., Paneth, O., Yang, L.: How to delegate computations publicly. In: Charikar, M., Cohen, E. (eds.) 51st ACM STOC, pp. 1115–1124. ACM Press (Jun 2019)

    Google Scholar 

  39. Kalai, Y.T., Raz, R., Rothblum, R.D.: Delegation for bounded space. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) 45th ACM STOC, pp. 565–574. ACM Press (Jun 2013)

    Google Scholar 

  40. Kalai, Y.T., Raz, R., Rothblum, R.D.: How to delegate computations: the power of no-signaling proofs. In: Shmoys, D.B. (ed.) 46th ACM STOC, pp. 485–494. ACM Press (May/Jun 2014)

    Google Scholar 

  41. Kalai, Y.T., Rothblum, G.N., Rothblum, R.D.: From obfuscation to the security of Fiat-Shamir for proofs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 224–251. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-63715-0_8

    Chapter  Google Scholar 

  42. Kalai, Y.T., Vaikuntanathan, V., Zhang, R.Y.: Somewhere statistical soundness, post-quantum security, and SNARGs. In: Nissim, K., Waters, B. (eds.) TCC 2021, Part I. LNCS, vol. 13042, pp. 330–368. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-030-90459-3_12

    Chapter  Google Scholar 

  43. Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: 24th ACM STOC, pp. 723–732. ACM Press (May 1992)

    Google Scholar 

  44. Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169–189. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28914-9_10

    Chapter  Google Scholar 

  45. Lombardi, A., Vaikuntanathan, V.: Fiat-shamir for repeated squaring with applications to PPAD-hardness and VDFs. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part III. LNCS, vol. 12172, pp. 632–651. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-56877-1_22

    Chapter  Google Scholar 

  46. Lombardi, A., Vaikuntanathan, V.: Correlation-intractable hash functions via shift-hiding. In: Braverman, M. (ed.) 13th Innovations in Theoretical Computer Science Conference, ITCS 2022, January 31 - February 3, 2022, Berkeley, CA, USA. LIPIcs, vol. 215, pp. 102:1–102:16. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2022)

    Google Scholar 

  47. Micali, S.: CS proofs (extended abstracts). In: 35th FOCS, pp. 436–453. IEEE Computer Society Press (Nov 1994)

    Google Scholar 

  48. Mour, T.: Correlation intractability vs. one-wayness. Cryptology ePrint Archive, Report 2021/057 (2021). https://eprint.iacr.org/2021/057

  49. Naor, M.: On cryptographic assumptions and challenges (invited talk). In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96–109. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_6

    Chapter  Google Scholar 

  50. Okamoto, T., Pietrzak, K., Waters, B., Wichs, D.: New realizations of somewhere statistically binding hashing and positional accumulators. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015, Part I. LNCS, vol. 9452, pp. 121–145. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  51. Paneth, O., Pass, R.: Incrementally verifiable computation via rate-1 batch arguments. In: 63rd FOCS, pp. 1045–1056. IEEE Computer Society Press (Oct/Nov 2022)

    Google Scholar 

  52. Peikert, C., Shiehian, S.: Noninteractive zero knowledge for NP from (plain) learning with errors. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part I. LNCS, vol. 11692, pp. 89–114. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-030-26948-7_4

    Chapter  Google Scholar 

  53. Waters, B., Wu, D.J.: Batch arguments for sfNP and more from standard bilinear group assumptions. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part II. LNCS, vol. 13508, pp. 433–463. Springer, Heidelberg (2022)

    Chapter  Google Scholar 

  54. Zhandry, M.: The magic of ELFs. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 479–508. Springer, Heidelberg (2016)

    Chapter  Google Scholar 

Download references

Acknowledgments

Abhishek Jain and Zhengzhong Jin were supported in part by NSF CNS-1814919, NSF CAREER 1942789 and Johns Hopkins University Catalyst award. Abhishek Jain was also supported in part by AFOSR Award FA9550-19-1-0200 and the Office of Naval Research Grant N00014-19-1-2294. Zhengzhong Jin was additionally supported in part by NSF CAREER 1845349 and by DARPA under Agreement No. HR00112020023 and by an NSF grant CNS-2154149.

The second author is supported in part by DARPA under Agreement No. HR00112020026, AFOSR Award FA9550-19-1-0200, NSF CNS Award 1936826, and research grants by the Sloan Foundation, and Visa Inc.

This research was conducted in part when Arka Rai Choudhuri was at UC Berkeley, and Jiaheng Zhang was an intern at NTT Research.

Author information

Authors and Affiliations

  1. NTT Research, Sunnyvale, USA

    Arka Rai Choudhuri & Sanjam Garg

  2. University of California Berkeley, Berkeley, USA

    Sanjam Garg & Jiaheng Zhang

  3. Johns Hopkins University, Baltimore, USA

    Abhishek Jain

  4. Massachusets Institute of Technology, Cambridge, USA

    Zhengzhong Jin

Authors
  1. Arka Rai Choudhuri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sanjam Garg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abhishek Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zhengzhong Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jiaheng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Arka Rai Choudhuri .

Editor information

Editors and Affiliations

  1. Rambus Inc., San Jose, CA, USA

    Helena Handschuh

  2. Brown University, Providence, RI, USA

    Anna Lysyanskaya

Rights and permissions

Reprints and permissions

Copyright information

© 2023 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Choudhuri, A.R., Garg, S., Jain, A., Jin, Z., Zhang, J. (2023). Correlation Intractability and SNARGs from Sub-exponential DDH. In: Handschuh, H., Lysyanskaya, A. (eds) Advances in Cryptology – CRYPTO 2023. CRYPTO 2023. Lecture Notes in Computer Science, vol 14084. Springer, Cham. https://doi.org/10.1007/978-3-031-38551-3_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-38551-3_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-38550-6

  • Online ISBN: 978-3-031-38551-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation