Non-Interactive Batch Arguments for NP from Standard Assumptions

We study the problem of designing non-interactive batch arguments for NP. Such an argument system allows an ecient prover to prove multiple NP statements, with size smaller than the combined witness length. We provide the €rst construction of such an argument system for NP in the common reference string model based on standard cryptographic assumptions. Prior works either require non-standard assumptions (or the random oracle model) or can only support private veri€cation. At the heart of our result is a new dual mode interactive batch argument system for NP. We show how to apply the correlation-intractability framework for Fiat-Shamir – that has primarily been applied to proof systems – to such interactive arguments.

[1]  Ron Rothblum,et al.  Fiat-Shamir: from practice to theory , 2019, STOC.

[2]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[3]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[4]  Ron Rothblum,et al.  Batch Verification for Statistical Zero Knowledge Proofs , 2020, IACR Cryptol. ePrint Arch..

[5]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[6]  Emanuele Viola,et al.  Constant-Depth Circuits for Arithmetic in Finite Fields of Characteristic Two , 2006, STACS.

[7]  Chris Peikert,et al.  Noninteractive Zero Knowledge for NP from (Plain) Learning With Errors , 2019, IACR Cryptol. ePrint Arch..

[8]  Vinod Vaikuntanathan,et al.  Fiat-Shamir for Repeated Squaring with Applications to PPAD-Hardness and VDFs , 2020, IACR Cryptol. ePrint Arch..

[9]  Adi Shamir,et al.  IP = PSPACE , 1992, JACM.

[10]  Carsten Lund,et al.  Algebraic methods for interactive proof systems , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[11]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[12]  Eric Allender,et al.  Uniform constant-depth threshold circuits for division and iterated multiplication , 2002, J. Comput. Syst. Sci..

[13]  Zvika Brakerski,et al.  Circular and Leakage Resilient Public-Key Encryption Under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) , 2010, IACR Cryptol. ePrint Arch..

[14]  Zvika Brakerski,et al.  NIZK from LPN and Trapdoor Hash via Correlation Intractability for Approximable Relations , 2020, IACR Cryptol. ePrint Arch..

[15]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[16]  Avi Wigderson,et al.  On interactive proofs with a laconic prover , 2001, computational complexity.

[17]  Daniel Wichs,et al.  On the Communication Complexity of Secure Function Evaluation with Long Output , 2015, IACR Cryptol. ePrint Arch..

[18]  Silvio Micali,et al.  CS Proofs (Extended Abstracts) , 1994, FOCS 1994.

[19]  Alex Lombardi,et al.  Cryptographic Hashing from Strong One-Way Functions (Or: One-Way Product Functions and Their Applications) , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[20]  Nir Bitansky,et al.  Recursive composition and bootstrapping for SNARKS and proof-carrying data , 2013, STOC '13.

[21]  Brent Waters,et al.  New Realizations of Somewhere Statistically Binding Hashing and Positional Accumulators , 2015, ASIACRYPT.

[22]  Sanjam Garg,et al.  Trapdoor Functions from the Computational Diffie-Hellman Assumption , 2018, IACR Cryptol. ePrint Arch..

[23]  Oded Goldreich,et al.  On the Complexity of Interactive Proofs with Bounded Communication , 1998, Inf. Process. Lett..

[24]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[25]  Yael Tauman Kalai,et al.  Non-interactive delegation and batch NP verification from standard computational assumptions , 2017, STOC.

[26]  Guy N. Rothblum,et al.  Constant-Round Interactive Proofs for Delegating Computation , 2016, Electron. Colloquium Comput. Complex..

[27]  Ron Rothblum,et al.  Fiat-Shamir and Correlation Intractability from Strong KDM-Secure Encryption , 2018, IACR Cryptol. ePrint Arch..

[28]  Elwyn R. Berlekamp,et al.  On the Solution of Algebraic Equations over Finite Fields , 1967, Inf. Control..

[29]  Rafail Ostrovsky,et al.  Trapdoor Hash Functions and Their Applications , 2019, IACR Cryptol. ePrint Arch..

[30]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[31]  Moni Naor,et al.  On Cryptographic Assumptions and Challenges , 2003, CRYPTO.

[32]  Vinod Vaikuntanathan,et al.  Anonymous IBE, Leakage Resilience and Circular Security from New Assumptions , 2018, IACR Cryptol. ePrint Arch..

[33]  Shuichi Katsumata,et al.  Non-interactive Zero-Knowledge in Pairing-Free Groups from Weaker Assumptions , 2020, EUROCRYPT.

[34]  Srinath T. V. Setty,et al.  A Hybrid Architecture for Interactive Verifiable Computation , 2013, 2013 IEEE Symposium on Security and Privacy.

[35]  Nico Döttling,et al.  New Constructions of Identity-Based and Key-Dependent Message Secure Encryption Schemes , 2018, Public Key Cryptography.

[36]  Carsten Lund,et al.  Algebraic methods for interactive proof systems , 1992, JACM.

[37]  James Bartusek,et al.  On the (In)security of Kilian-Based SNARGs , 2019, IACR Cryptol. ePrint Arch..

[38]  Nico Döttling,et al.  Identity-Based Encryption from the Diffie-Hellman Assumption , 2017, CRYPTO.

[39]  Daniele Venturi,et al.  On Adaptive Security of Delayed-Input Sigma Protocols and Fiat-Shamir NIZKs , 2020, IACR Cryptol. ePrint Arch..

[40]  Ivan Damgård,et al.  Secure Two-Party Computation with Low Communication , 2012, IACR Cryptol. ePrint Arch..

[41]  Craig Gentry,et al.  Separating succinct non-interactive arguments from all falsifiable assumptions , 2011, STOC '11.

[42]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[43]  Shafi Goldwasser,et al.  Delegation of Computation without Rejection Problem from Designated Verifier CS-Proofs , 2011, IACR Cryptol. ePrint Arch..

[44]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[45]  Yael Tauman Kalai,et al.  SNARGs for bounded depth computations and PPAD hardness from sub-exponential LWE , 2020, IACR Cryptol. ePrint Arch..

[46]  Yael Tauman Kalai,et al.  From Obfuscation to the Security of Fiat-Shamir for Proofs , 2017, CRYPTO.

[47]  Ron Rothblum,et al.  Public-Coin Statistical Zero-Knowledge Batch Verification against Malicious Verifiers , 2021, Electron. Colloquium Comput. Complex..

[48]  Yael Tauman Kalai,et al.  SNARGs for Bounded Depth Computations from Sub-Exponential LWE , 2020, IACR Cryptol. ePrint Arch..

[49]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[50]  Zhengzhong Jin,et al.  Non-Interactive Zero Knowledge from Sub-exponential DDH , 2021, IACR Cryptol. ePrint Arch..

[51]  Guy N. Rothblum,et al.  Finding a Nash equilibrium is no easier than breaking Fiat-Shamir , 2019, IACR Cryptol. ePrint Arch..

[52]  Yael Tauman Kalai,et al.  How to delegate computations publicly , 2019, IACR Cryptol. ePrint Arch..

[53]  J. Reif,et al.  On Threshold Circuits and Polynomial Computation , 1992, SIAM J. Comput..

[54]  Justin Thaler,et al.  Time-Optimal Interactive Proofs for Circuit Evaluation , 2013, CRYPTO.

[55]  Srinath T. V. Setty,et al.  Spartan: Efficient and general-purpose zkSNARKs without trusted setup , 2020, IACR Cryptol. ePrint Arch..

[56]  Dakshita Khurana,et al.  Lossy Correlation Intractability and PPAD Hardness from Sub-exponential LWE , 2020, IACR Cryptol. ePrint Arch..

[57]  Jan Camenisch,et al.  Batch Verification of Short Signatures , 2007, Journal of Cryptology.

[58]  Ron Rothblum,et al.  Batch Verification and Proofs of Proximity with Polylog Overhead , 2020, Electron. Colloquium Comput. Complex..