Crypto Seminar

  • Remote Access - Zoom
  • Virtual Presentation - ET
  • PRATIK SONI
  • Postdoctoral Fellow
  • Computer Science Department
  • Carnegie Mellon University
Seminars

Time- and Space-Efficient Arguments from Groups of Unknown Order

We construct public-coin time- and space-efficient zero-knowledge arguments for NP. For every time T and space S non-deterministic RAM computation, the prover runs in time T⋅polylog(T) and space S⋅polylog(T), and the verifier runs in time n⋅polylog(T), where n is the input length. Our protocol relies on hidden order groups, which can be instantiated, assuming a trusted setup, from the hardness of factoring (products of safe primes), or, without a trusted setup, using class groups. The argument-system can heuristically be made non-interactive using the Fiat-Shamir transform.

Our proof builds on DARK (Bünz et al., Eurocrypt 2020), a recent succinct and efficiently verifiable polynomial commitment scheme. We show how to implement a variant of DARK in a time- and space-efficient way. Along the way we:

  1. Identify a significant gap in the proof of security of DARK.
  2. Give a non-trivial modification of the DARK scheme that overcomes the aforementioned gap. The modified version also relies on significantly weaker cryptographic assumptions than those in the original DARK scheme. Our proof utilizes ideas from the theory of integer lattices in a novel way.
  3. Generalize Pietrzak's (ITCS 2019) proof of exponentiation (PoE) protocol to work with general groups of unknown order (without relying on any cryptographic assumption).

In proving these results, we develop general-purpose techniques for working with (hidden order) groups, which may be of independent interest.

This is joint work with Alex Block, Justin Holmgren, Alon Rosen and Ron Rothblum.

Paper Reference

Zoom Participation. See announcement.

Additional Information

For More Information, Please Contact: 
Keywords: