Xi Lin, Heyang Cao, Feng-Hao Liu, Zhedong Wang, Mingsheng Wang
{"title":"来自理想网格上平方跨度程序的更短 ZK-SNARKs","authors":"Xi Lin, Heyang Cao, Feng-Hao Liu, Zhedong Wang, Mingsheng Wang","doi":"10.1186/s42400-024-00215-x","DOIUrl":null,"url":null,"abstract":"<p>Zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs) are cryptographic protocols that offer efficient and privacy-preserving means of verifying NP language relations and have drawn considerable attention for their appealing applications, e.g., verifiable computation and anonymous payment protocol. Compared with the pre-quantum case, the practicability of this primitive in the post-quantum setting is still unsatisfactory, especially for the space complexity. To tackle this issue, this work seeks to enhance the efficiency and compactness of lattice-based zk-SNARKs, including proof length and common reference string (CRS) length. In this paper, we develop the framework of square span program-based SNARKs and design new zk-SNARKs over cyclotomic rings. Compared with previous works, our construction is without parallel repetition and achieves shorter proof and CRS lengths than previous lattice-based zk-SNARK schemes. Particularly, the proof length of our scheme is around <span>\\(23.3\\%\\)</span> smaller than the recent shortest lattice-based zk-SNARKs by Ishai et al. (in: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 212–234, 2021), and the CRS length is <span>\\(3.6\\times\\)</span> smaller. Our constructions follow the framework of Gennaro et al. (in: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 556–573, 2018), and adapt it to the ring setting by slightly modifying the knowledge assumptions. We develop concretely small constructions by using module-switching and key-switching procedures in a novel way.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":"117 1","pages":""},"PeriodicalIF":3.9000,"publicationDate":"2024-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Shorter ZK-SNARKs from square span programs over ideal lattices\",\"authors\":\"Xi Lin, Heyang Cao, Feng-Hao Liu, Zhedong Wang, Mingsheng Wang\",\"doi\":\"10.1186/s42400-024-00215-x\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs) are cryptographic protocols that offer efficient and privacy-preserving means of verifying NP language relations and have drawn considerable attention for their appealing applications, e.g., verifiable computation and anonymous payment protocol. Compared with the pre-quantum case, the practicability of this primitive in the post-quantum setting is still unsatisfactory, especially for the space complexity. To tackle this issue, this work seeks to enhance the efficiency and compactness of lattice-based zk-SNARKs, including proof length and common reference string (CRS) length. In this paper, we develop the framework of square span program-based SNARKs and design new zk-SNARKs over cyclotomic rings. Compared with previous works, our construction is without parallel repetition and achieves shorter proof and CRS lengths than previous lattice-based zk-SNARK schemes. Particularly, the proof length of our scheme is around <span>\\\\(23.3\\\\%\\\\)</span> smaller than the recent shortest lattice-based zk-SNARKs by Ishai et al. (in: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 212–234, 2021), and the CRS length is <span>\\\\(3.6\\\\times\\\\)</span> smaller. Our constructions follow the framework of Gennaro et al. (in: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 556–573, 2018), and adapt it to the ring setting by slightly modifying the knowledge assumptions. We develop concretely small constructions by using module-switching and key-switching procedures in a novel way.</p>\",\"PeriodicalId\":36402,\"journal\":{\"name\":\"Cybersecurity\",\"volume\":\"117 1\",\"pages\":\"\"},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2024-03-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybersecurity\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1186/s42400-024-00215-x\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s42400-024-00215-x","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
零知识简洁非交互知识论证(zk-SNARKs)是一种加密协议,它为验证 NP 语言关系提供了高效且保护隐私的手段,并因其极具吸引力的应用(如可验证计算和匿名支付协议)而备受关注。与前量子情况相比,这种基元在后量子环境中的实用性仍不尽人意,尤其是空间复杂性。为了解决这个问题,本文试图提高基于网格的 zk-SNARKs 的效率和紧凑性,包括证明长度和公共参考字符串(CRS)长度。在本文中,我们发展了基于平方跨度程序的 SNARK 框架,并设计了新的循环环上的 zk-SNARK。与之前的工作相比,我们的构造没有并行重复,而且比之前基于网格的 zk-SNARK 方案实现了更短的证明长度和 CRS 长度。特别是,我们方案的证明长度比 Ishai 等人最近基于晶格的最短 zk-SNARK 方案(in:Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 212-234, 2021),而CRS的长度则小\(3.6\times\)。我们的构造遵循 Gennaro 等人(in:Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 556-573, 2018)的框架,并通过对知识假设稍作修改,使其适应环网环境。我们以一种新颖的方式使用模块切换和密钥切换程序,开发出了具体的小型结构。
Shorter ZK-SNARKs from square span programs over ideal lattices
Zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs) are cryptographic protocols that offer efficient and privacy-preserving means of verifying NP language relations and have drawn considerable attention for their appealing applications, e.g., verifiable computation and anonymous payment protocol. Compared with the pre-quantum case, the practicability of this primitive in the post-quantum setting is still unsatisfactory, especially for the space complexity. To tackle this issue, this work seeks to enhance the efficiency and compactness of lattice-based zk-SNARKs, including proof length and common reference string (CRS) length. In this paper, we develop the framework of square span program-based SNARKs and design new zk-SNARKs over cyclotomic rings. Compared with previous works, our construction is without parallel repetition and achieves shorter proof and CRS lengths than previous lattice-based zk-SNARK schemes. Particularly, the proof length of our scheme is around \(23.3\%\) smaller than the recent shortest lattice-based zk-SNARKs by Ishai et al. (in: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp 212–234, 2021), and the CRS length is \(3.6\times\) smaller. Our constructions follow the framework of Gennaro et al. (in: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 556–573, 2018), and adapt it to the ring setting by slightly modifying the knowledge assumptions. We develop concretely small constructions by using module-switching and key-switching procedures in a novel way.