A non-PCP Approach to Succinct Quantum-Safe Zero-Knowledge

Today’s most compact zero-knowledge arguments are based on the hardness of the discrete logarithm problem and related classical assumptions. If one is interested in quantum-safe solutions, then all of the known techniques stem from the PCP-based framework of Kilian (STOC 92) which can be instantiated based on the hardness of any collision-resistant hash function. Both approaches produce asymptotically logarithmic sized arguments but, by exploiting extra algebraic structure, the discrete logarithm arguments are a few orders of magnitude more compact in practice than the generic constructions.

[1]  W. Banaszczyk New bounds in some transference theorems in the geometry of numbers , 1993 .

[2]  Jens Groth,et al.  Linear Algebra with Sub-linear Zero-Knowledge Arguments , 2009, CRYPTO.

[3]  Vadim Lyubashevsky,et al.  Algebraic Techniques for Short(er) Exact Lattice-Based Zero-Knowledge Proofs , 2019, IACR Cryptol. ePrint Arch..

[4]  Peter Schwabe,et al.  The SPHINCS+ Signature Framework , 2019, IACR Cryptol. ePrint Arch..

[5]  Eli Ben-Sasson,et al.  Computational Integrity with a Public Random String from Quasi-Linear PCPs , 2017, EUROCRYPT.

[6]  Damien Stehlé,et al.  CRYSTALS-Dilithium: A Lattice-Based Digital Signature Scheme , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[7]  Yuval Ishai,et al.  Ligero: Lightweight Sublinear Arguments Without a Trusted Setup , 2017, Designs, Codes and Cryptography.

[8]  Jens Groth,et al.  Efficient Zero-Knowledge Arguments from Two-Tiered Homomorphic Commitments , 2011, ASIACRYPT.

[9]  Jan Camenisch,et al.  Better Zero-Knowledge Proofs for Lattice Encryption and Their Application to Group Signatures , 2014, ASIACRYPT.

[10]  Serge Fehr,et al.  The Measure-and-Reprogram Technique 2.0: Multi-Round Fiat-Shamir and More , 2020, IACR Cryptol. ePrint Arch..

[11]  Yuval Ishai,et al.  Quasi-Optimal SNARGs via Linear Multi-Prover Interactive Proofs , 2018, IACR Cryptol. ePrint Arch..

[12]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[13]  Eli Ben-Sasson,et al.  Scalable Zero Knowledge with No Trusted Setup , 2019, CRYPTO.

[14]  Jens Groth,et al.  Sub-Linear Lattice-Based Zero-Knowledge Arguments for Arithmetic Circuits , 2018, IACR Cryptol. ePrint Arch..

[15]  Eike Kiltz,et al.  The Algebraic Group Model and its Applications , 2018, IACR Cryptol. ePrint Arch..

[16]  Markulf Kohlweiss,et al.  Updatable and Universal Common Reference Strings with Applications to zk-SNARKs , 2018, IACR Cryptol. ePrint Arch..

[17]  Vadim Lyubashevsky,et al.  Practical Product Proofs for Lattice Commitments , 2020, IACR Cryptol. ePrint Arch..

[18]  Jens Groth,et al.  Efficient Zero-Knowledge Arguments for Arithmetic Circuits in the Discrete Log Setting , 2016, EUROCRYPT.

[19]  I. Damgård,et al.  The protocols. , 1989, The New Zealand nursing journal. Kai tiaki.

[20]  Nicolas Gama,et al.  Predicting Lattice Reduction , 2008, EUROCRYPT.

[21]  Keisuke Tanaka,et al.  Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems , 2008, ASIACRYPT.

[22]  Vadim Lyubashevsky,et al.  Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures , 2009, ASIACRYPT.

[23]  Serge Fehr,et al.  Security of the Fiat-Shamir Transformation in the Quantum Random-Oracle Model , 2019, IACR Cryptol. ePrint Arch..

[24]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[25]  Mark Zhandry,et al.  Revisiting Post-Quantum Fiat-Shamir , 2019, IACR Cryptol. ePrint Arch..

[26]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[27]  Eli Ben-Sasson,et al.  Aurora: Transparent Succinct Arguments for R1CS , 2019, IACR Cryptol. ePrint Arch..

[28]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[29]  Ngoc Khanh Nguyen,et al.  Practical Exact Proofs from Lattices: New Techniques to Exploit Fully-Splitting Rings , 2020, IACR Cryptol. ePrint Arch..

[30]  Léo Ducas,et al.  Efficient Identity-Based Encryption over NTRU Lattices , 2014, ASIACRYPT.

[31]  Daniele Micciancio,et al.  Asymptotically Efficient Lattice-Based Digital Signatures , 2018, Journal of Cryptology.

[32]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[33]  Eike Kiltz,et al.  A Concrete Treatment of Fiat-Shamir Signatures in the Quantum Random-Oracle Model , 2018, IACR Cryptol. ePrint Arch..

[34]  Leslie Lamport,et al.  Constructing Digital Signatures from a One Way Function , 2016 .

[35]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[36]  Anca Nitulescu,et al.  Lattice-Based Zero-Knowledge SNARGs for Arithmetic Circuits , 2019, LATINCRYPT.

[37]  Dongxi Liu,et al.  Lattice-based Zero-Knowledge Proofs: New Techniques for Shorter and Faster Constructions and Applications , 2019, IACR Cryptol. ePrint Arch..

[38]  Rosario Gennaro,et al.  Lattice-Based zk-SNARKs from Square Span Programs , 2018, IACR Cryptol. ePrint Arch..

[39]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[40]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.