Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology in Africa

AFRICACRYPT 2016: Progress in Cryptology – AFRICACRYPT 2016 pp 185–206Cite as

Prover-Efficient Commit-and-Prove Zero-Knowledge SNARKs

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9646))

Abstract

Zk-SNARKs (succinct non-interactive zero-knowledge arguments of knowledge) are needed in many applications. Unfortunately, all previous zk-SNARKs for interesting languages are either inefficient for the prover, or are non-adaptive and based on a commitment scheme that depends both on the prover’s input and on the language, i.e., they are not commit-and-prove (CaP) SNARKs. We propose a proof-friendly extractable commitment scheme, and use it to construct prover-efficient adaptive CaP succinct zk-SNARKs for different languages, that can all reuse committed data. In new zk-SNARKs, the prover computation is dominated by a linear number of cryptographic operations. We use batch-verification to decrease the verifier’s computation; importantly, batch-verification can be used also in QAP-based zk-SNARKs.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Recently, [12] proposed an independent methodology to improve the prover’s computational complexity in QAP-based arguments. However, [12] does not spell out their achieved prover’s computational complexity.

  2. 2.

    We emphasize that \(\textsc {Circuit-SAT}\) is not our focus; the lines corresponding to \(\textsc {Circuit-SAT}\) are provided only for the sake of comparison. One can use proof boot-strapping [12] to decrease the length of the resulting \(\textsc {Circuit-SAT}\) argument from \(\varTheta (\log n)\), as stated in [25], to \(\varTheta (1)\); we omit further discussion.

References

  1. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  2. Bellare, M., Garay, J.A., Rabin, T.: Batch verification with applications to cryptography and checking. In: Lucchesi, C.L., Moura, A.V. (eds.) LATIN 1998. LNCS, vol. 1380, pp. 170–191. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  3. Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 90–108. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  4. Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Scalable zero knowledge via cycles of elliptic curves. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part II. LNCS, vol. 8617, pp. 276–294. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  5. Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Succinct non-interactive zero knowledge for a von Neumann architecture. In: USENIX, pp. 781–796 (2014)

    Google Scholar 

  6. Bitansky, N., Chiesa, A., Ishai, Y., Ostrovsky, R., Paneth, O.: Succinct non-interactive arguments via linear interactive proofs. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 315–333. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  7. Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptol. 21(2), 149–177 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  8. Bos, J.W., Costello, C., Naehrig, M.: Exponentiating in pairing groups. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 438–455. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  9. Canetti, R., Lindell, Y., Ostrovsky, R., Sahai, A.: Universally composable two-party and multi-party secure computation. In: STOC, pp. 494–503 (2002)

    Google Scholar 

  10. Chaabouni, R., Lipmaa, H., Shelat, A.: Additive combinatorics and discrete logarithm based range protocols. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 336–351. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Chaabouni, R., Lipmaa, H., Zhang, B.: A non-interactive range proof with constant communication. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 179–199. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  12. Costello, C., Fournet, C., Howell, J., Kohlweiss, M., Kreuter, B., Naehrig, M., Parno, B., Zahur, S.: Geppetto: versatile verifiable computation. In: IEEE SP, pp. 253–270 (2015)

    Google Scholar 

  13. Danezis, G., Fournet, C., Groth, J., Kohlweiss, M.: Square span programs with applications to succinct NIZK arguments. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 532–550. Springer, Heidelberg (2014)

    Google Scholar 

  14. Fauzi, P., Lipmaa, H.: Efficient culpably sound NIZK shuffle argument without random oracles. CT-RSA 2016. LNCS, vol. 9610. Springer, switzerland (2016)

    Chapter  Google Scholar 

  15. Fauzi, P., Lipmaa, H., Zhang, B.: Efficient modular NIZK arguments from shift and product. In: Abdalla, M., Nita-Rotaru, C., Dahab, R. (eds.) CANS 2013. LNCS, vol. 8257, pp. 92–121. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  16. Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. Series of Books in the Mathematical Sciences. W.H. Freeman, New York (1979)

    MATH  Google Scholar 

  17. Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626–645. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  18. Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: STOC, pp. 99–108 (2011)

    Google Scholar 

  19. Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  20. Kilian, J.: Uses of randomness in algorithms and protocols. Ph.D. thesis, Massachusetts Institute of Technology, USA (1989)

    Google Scholar 

  21. Kolesnikov, V., Schneider, T.: A practical universal circuit construction and secure evaluation of private functions. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 83–97. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  22. Lipmaa, H.: On diophantine complexity and statistical zero-knowledge arguments. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 398–415. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  23. Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169–189. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  24. Lipmaa, H.: Succinct non-interactive zero knowledge arguments from span programs and linear error-correcting codes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 41–60. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  25. Lipmaa, H.: Efficient NIZK arguments via parallel verification of benes networks. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 416–434. Springer, Heidelberg (2014)

    Google Scholar 

  26. Lipmaa, H.: Prover-efficient commit-and-prove zero-knowledge SNARKs. TR 2014/396, IACR (2014). http://eprint.iacr.org/2014/396

  27. Lipmaa, H., Asokan, N., Niemi, V.: Secure vickrey auctions without threshold trust. FC 2002. LNCS, vol. 2357, pp. 87–101. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  28. Parno, B., Gentry, C., Howell, J., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: IEEE SP, pp. 238–252 (2013)

    Google Scholar 

  29. Pippenger, N.: On the evaluation of powers and monomials. SIAM J. Comput. 9(2), 230–250 (1980)

    Article  MathSciNet  MATH  Google Scholar 

  30. Raz, R.: Elusive functions and lower bounds for arithmetic circuits. Theor. Comput. 6(1), 135–177 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  31. Sadeghi, A.-R., Schneider, T.: Generalized universal circuits for secure evaluation of private functions with application to data classification. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 336–353. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  32. Straus, E.G.: Addition chains of vectors. Amer. Math. Mon. 70, 806–808 (1964)

    MathSciNet  Google Scholar 

  33. Valiant, L.G.: Universal circuits (Preliminary report). In: STOC, pp. 196–203 (1976)

    Google Scholar 

Download references

Acknowledgments

We would like to thank Diego Aranha, Paulo Barreto, Markulf Kohlweiss, and Prastudy Fauzi for useful comments. This work was supported by the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 653497 (project PANORAMIX), and the Estonian Research Council.

Author information

Authors and Affiliations

  1. Institute of Computer Science, University of Tartu, Tartu, Estonia

    Helger Lipmaa

Authors
  1. Helger Lipmaa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Helger Lipmaa .

Editor information

Editors and Affiliations

  1. Ecole Normale Supérieure, Paris, France

    David Pointcheval

  2. University of Caen, Caen, France

    Abderrahmane Nitaj

  3. Al Akhawayn University in Ifrane, Ifrane, Morocco

    Tajjeeddine Rachidi

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Lipmaa, H. (2016). Prover-Efficient Commit-and-Prove Zero-Knowledge SNARKs. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds) Progress in Cryptology – AFRICACRYPT 2016. AFRICACRYPT 2016. Lecture Notes in Computer Science(), vol 9646. Springer, Cham. https://doi.org/10.1007/978-3-319-31517-1_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-31517-1_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-31516-4

  • Online ISBN: 978-3-319-31517-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation