Helger Lipmaa's publications

Prover-Efficient Commit-And-Prove Zero-Knowledge SNARKs

Helger Lipmaa. Prover-Efficient Commit-And-Prove Zero-Knowledge SNARKs. International Journal of Applied Cryptography, 3 (4):344--362, 2017.

File: [.pdf (510 KB)] recommended.


Zk-SNARKs (succinct non-interactive zero-knowledge arguments of knowledge) are needed in many applications. Unfortunately, all previous zk-SNARKs for interesting languages are either inefficient for the prover, or are non-adaptive and based on a commitment scheme that depends both on the prover's input and on the language, i.e., they are not commit-and-prove (CaP) SNARKs. We propose a proof-friendly extractable commitment scheme, and use it to construct prover-efficient adaptive CaP succinct zk-SNARKs for different languages, that can all reuse committed data. In new zk-SNARKs, the prover computation is dominated by a linear number of cryptographic operations. We use batch-verification to decrease the verifier's computation; importantly, batch-verification can be used also in QAP-based zk-SNARKs.

Keywords: Batch verification, commit-and-prove, CRS, NIZK, numerical NP-complete languages, range proof, \textsc{Subset-Sum}, zk-SNARK.

Comment: Accepted. Invited journal version of a paper by the same name at Africacrypt 2016


Page by Helger Lipmaa. Send your inqueries to <helger.lipmaa><at>gmail.com.