Subvector Commitments with Application to Succinct Arguments

We put forward the notion of subvector commitments (SVC): An SVC allows one to open a committed vector at a set of positions, where the opening size is independent of length of the committed vector and the number of positions to be opened. We propose two constructions under variants of the root assumption and the CDH assumption, respectively. We further generalize SVC to a notion called linear map commitments (LMC), which allows one to open a committed vector to its images under linear maps with a single short message, and propose a construction over pairing groups.

[1]  Nir Bitansky,et al.  Succinct Non-Interactive Arguments via Linear Interactive Proofs , 2013, Journal of Cryptology.

[2]  Eli Ben-Sasson,et al.  Scalable Zero Knowledge Via Cycles of Elliptic Curves , 2016, Algorithmica.

[3]  Rafael Pass,et al.  Output-Compressing Randomized Encodings and Applications , 2016, TCC.

[4]  George Danezis,et al.  Square Span Programs with Applications to Succinct NIZK Arguments , 2014, ASIACRYPT.

[5]  Dario Fiore,et al.  Vector Commitments and Their Applications , 2013, Public Key Cryptography.

[6]  Tsuyoshi Takagi,et al.  Number field cryptography , 2003 .

[7]  Tomas Sander,et al.  Efficient Accumulators without Trapdoor Extended Abstracts , 1999, ICICS.

[8]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[9]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[10]  Thilo Mie,et al.  Polylogarithmic two-round argument systems , 2008, J. Math. Cryptol..

[11]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[12]  Rafail Ostrovsky,et al.  Efficient Arguments without Short PCPs , 2007, Twenty-Second Annual IEEE Conference on Computational Complexity (CCC'07).

[13]  Jon Howell,et al.  Geppetto: Versatile Verifiable Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[14]  Dan Boneh,et al.  A Survey of Two Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[15]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[16]  Eran Tromer,et al.  Cluster Computing in Zero Knowledge , 2015, EUROCRYPT.

[17]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[18]  Johannes Buchmann,et al.  A Survey on {IQ} Cryptography , 2001 .

[19]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[20]  Helger Lipmaa,et al.  Progression-Free Sets and Sublinear Pairing-Based Non-Interactive Zero-Knowledge Arguments , 2012, TCC.

[21]  Sanjeev Arora,et al.  Probabilistic checking of proofs: a new characterization of NP , 1998, JACM.

[22]  Eli Ben-Sasson,et al.  Interactive Oracle Proofs , 2016, TCC.

[23]  Michael Backes,et al.  ADSNARK: Nearly Practical and Privacy-Preserving Proofs on Authenticated Data , 2015, 2015 IEEE Symposium on Security and Privacy.

[24]  Ivan Damgård,et al.  A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order , 2002, ASIACRYPT.

[25]  Eli Ben-Sasson,et al.  Aurora: Transparent Succinct Arguments for R1CS , 2019, IACR Cryptol. ePrint Arch..

[26]  Giovanni Di Crescenzo,et al.  Succinct NP Proofs from an Extractability Assumption , 2008, CiE.

[27]  Bodo Möller,et al.  Security of Cryptosystems Based on Class Groups of Imaginary Quadratic Orders , 2000, ASIACRYPT.

[28]  Ian Goldberg,et al.  Constant-Size Commitments to Polynomials and Their Applications , 2010, ASIACRYPT.

[29]  Johannes A. Buchmann,et al.  A key-exchange system based on imaginary quadratic fields , 1988, Journal of Cryptology.

[30]  Jonathan Katz,et al.  vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[31]  Robert H. Deng,et al.  Variations of Diffie-Hellman Problem , 2003, ICICS.

[32]  Jens Groth,et al.  Efficient Zero-Knowledge Arguments for Arithmetic Circuits in the Discrete Log Setting , 2016, EUROCRYPT.

[33]  Helger Lipmaa,et al.  A Subversion-Resistant SNARK , 2017, ASIACRYPT.

[34]  Joe Kilian,et al.  Improved Efficient Arguments (Preliminary Version) , 1995, CRYPTO.

[35]  Moti Yung,et al.  Functional Commitment Schemes: From Polynomial Commitments to Pairing-Based Accumulators from Simple Assumptions , 2016, ICALP.

[36]  Rafail Ostrovsky,et al.  Zero-knowledge from secure multiparty computation , 2007, STOC '07.

[37]  Eli Ben-Sasson,et al.  Fast Reed-Solomon Interactive Oracle Proofs of Proximity , 2017, Electron. Colloquium Comput. Complex..

[38]  Silvio Micali,et al.  Zero-knowledge sets , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[39]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[40]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[41]  E. Bach Explicit bounds for primality testing and related problems , 1990 .

[42]  Ron Rothblum,et al.  Constant-round interactive proofs for delegating computation , 2016, Electron. Colloquium Comput. Complex..

[43]  Silvio Micali,et al.  CS Proofs (Extended Abstracts) , 1994, FOCS 1994.

[44]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[45]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[46]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[47]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[48]  Eli Ben-Sasson,et al.  Computational Integrity with a Public Random String from Quasi-Linear PCPs , 2017, EUROCRYPT.

[49]  Ivan Damgård,et al.  Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups , 2002, EUROCRYPT.

[50]  Abhi Shelat,et al.  Doubly-Efficient zkSNARKs Without Trusted Setup , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[51]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[52]  Paul Valiant,et al.  Incrementally Verifiable Computation or Proofs of Knowledge Imply Time/Space Efficiency , 2008, TCC.

[53]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[54]  Helger Lipmaa,et al.  Secure Accumulators from Euclidean Rings without Trusted Setup , 2012, ACNS.

[55]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[56]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[57]  Yuval Ishai,et al.  Ligero: Lightweight Sublinear Arguments Without a Trusted Setup , 2017, Designs, Codes and Cryptography.

[58]  Dan Boneh,et al.  Batching Techniques for Accumulators with Applications to IOPs and Stateless Blockchains , 2019, IACR Cryptol. ePrint Arch..

[59]  Benjamin Wesolowski,et al.  Efficient Verifiable Delay Functions , 2019, Journal of Cryptology.