A Zero-Knowledge Version of vSQL

Zero-knowledge arguments of knowledge are powerful cryptographic primitives that allow a computationally strong prover to convince a weaker verifier for the validity of an NP statement, without revealing anything about the corresponding witness (beyond its existence). Most state-of-the art implementations of such arguments that achieve succinct communication and verification cost follow the quadratic arithmetic program paradigm. One notable exception to this is the vSQL system of [Zhang et al. IEEE S&P 2017] which takes an entirely different approach resulting is significantly fewer cryptographic operations. However, it has the notable downside that is not zero-knowledge (i.e., it does not hide the witness from the verifier), a property that has proven to be of utmost importance in many application (e.g., in cryptocurrencies). In this work, we present a zero-knowledge version of the argument upon which vSQL is based. Our construction utilizes two separate techniques: (i) a novel zero-knowledge verifiable polynomial delegation protocol, and (ii) running parts of the argument of vSQL over homomorphic commitments, thus hiding the committed values.

[1]  Carsten Lund,et al.  Algebraic methods for interactive proof systems , 1992, JACM.

[2]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[3]  Cédric Fournet,et al.  Hash First, Argue Later: Adaptive Verifiable Computations on Outsourced Data , 2016, CCS.

[4]  Eli Ben-Sasson,et al.  Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture , 2014, USENIX Security Symposium.

[5]  Graham Cormode,et al.  Practical verified computation with streaming interactive proofs , 2011, ITCS '12.

[6]  Juan A. Garay,et al.  Strengthening Zero-Knowledge Protocols Using Signatures , 2003, EUROCRYPT.

[7]  Elaine Shi,et al.  Signatures of Correct Computation , 2013, TCC.

[8]  Eli Ben-Sasson,et al.  Computational Integrity with a Public Random String from Quasi-Linear PCPs , 2017, EUROCRYPT.

[9]  Jonathan Katz,et al.  vSQL: Verifying Arbitrary SQL Queries over Dynamic Outsourced Databases , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[10]  Yael Tauman Kalai,et al.  Delegating computation: interactive proofs for muggles , 2008, STOC.

[11]  Andrew J. Blumberg,et al.  Verifying computations without reexecuting them , 2015, Commun. ACM.

[12]  Jens Groth,et al.  Efficient Zero-Knowledge Proof Systems , 2016, FOSAD.

[13]  Abhi Shelat,et al.  Doubly-Efficient zkSNARKs Without Trusted Setup , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[14]  Nir Bitansky,et al.  On the existence of extractable one-way functions , 2014, SIAM J. Comput..

[15]  Eli Ben-Sasson,et al.  Scalable Zero Knowledge Via Cycles of Elliptic Curves , 2014, Algorithmica.

[16]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[17]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[18]  Craig Gentry,et al.  Pinocchio: Nearly Practical Verifiable Computation , 2013, IEEE Symposium on Security and Privacy.

[19]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[20]  Jon Howell,et al.  Geppetto: Versatile Verifiable Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[21]  Eli Ben-Sasson,et al.  SNARKs for C: Verifying Program Executions Succinctly and in Zero Knowledge , 2013, CRYPTO.

[22]  Ivan Damgård,et al.  Zero-Knowledge Proofs for Finite Field Arithmetic; or: Can Zero-Knowledge be for Free? , 1998, CRYPTO.

[23]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[24]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[25]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[26]  Michael A. Forbes,et al.  A Zero Knowledge Sumcheck and its Applications , 2017, IACR Cryptol. ePrint Arch..

[27]  Craig Gentry,et al.  Quadratic Span Programs and Succinct NIZKs without PCPs , 2013, IACR Cryptol. ePrint Arch..

[28]  Rafael Pass,et al.  Limits of Extractability Assumptions with Distributional Auxiliary Input , 2015, ASIACRYPT.

[29]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.