Chainable Functional Commitments for Unbounded-Depth Circuits

David Balbás; Dario Catalano; Dario Fiore; Russell W.F. Lai

doi:10.1007/978-3-031-48621-0_13

Chainable Functional Commitments for Unbounded-Depth Circuits

David Balbás^*, Dario Catalano, Dario Fiore, Russell W.F. Lai

^*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

7 Sitaatiot (Scopus)

Abstrakti

A functional commitment (FC) scheme allows one to commit to a vector x and later produce a short opening proof of (f, f(x) ) for any admissible function f. Since their inception, FC schemes supporting ever more expressive classes of functions have been proposed. In this work, we introduce a novel primitive that we call chainable functional commitment (CFC), which extends the functionality of FCs by allowing one to 1) open to functions of multiple inputs f(x₁, …, x_m) that are committed independently, 2) while preserving the output also in committed form. We show that CFCs for quadratic polynomial maps generically imply FCs for circuits. Then, we efficiently realize CFCs for quadratic polynomials over pairing groups and lattices, resulting in the first FC schemes for circuits of unbounded depth based on either pairing-based or lattice-based falsifiable assumptions. Our FCs require fixing a-priori only the maximal width of the circuit to be evaluated, and have opening proof size depending only on the circuit depth. Additionally, our FCs feature other nice properties such as being additively homomorphic and supporting sublinear-time verification after offline preprocessing. Using a recent transformation that constructs homomorphic signatures (HS) from FCs, we obtain the first pairing- and lattice-based realisations of HS for bounded-width, but unbounded-depth, circuits. Prior to this work, the only HS for general circuits is lattice-based and requires bounding the circuit depth at setup time.

Alkuperäiskieli	Englanti
Otsikko	Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings
Toimittajat	Guy Rothblum, Hoeteck Wee
Kustantaja	Springer
Sivut	363-393
Sivumäärä	31
ISBN (painettu)	978-3-031-48620-3
DOI - pysyväislinkit	https://doi.org/10.1007/978-3-031-48621-0_13
Tila	Julkaistu - 2023
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisussa
Tapahtuma	Theory of Cryptography Conference - Taipei, Taiwan Kesto: 29 marrask. 2023 → 2 jouluk. 2023 Konferenssinumero: 21

Julkaisusarja

Nimi	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Kustantaja	Springer
Vuosikerta	14371 LNCS
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Conference

Conference	Theory of Cryptography Conference
Lyhennettä	TCC
Maa/Alue	Taiwan
Kaupunki	Taipei
Ajanjakso	29/11/2023 → 02/12/2023

Pääsy asiakirjaan

10.1007/978-3-031-48621-0_13

https://eprint.iacr.org/2022/1365Lisenssi: CC BY

Muut tiedostot ja linkit

Linkki julkaisuun Scopuksessa

Siteeraa tätä

Balbás, D., Catalano, D., Fiore, D., & Lai, R. W. F. (2023). Chainable Functional Commitments for Unbounded-Depth Circuits. teoksessa G. Rothblum, & H. Wee (Toimittajat), Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings (Sivut 363-393). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 14371 LNCS). Springer. https://doi.org/10.1007/978-3-031-48621-0_13

Balbás, David ; Catalano, Dario ; Fiore, Dario et al. / Chainable Functional Commitments for Unbounded-Depth Circuits. Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings. Toimittaja / Guy Rothblum ; Hoeteck Wee. Springer, 2023. Sivut 363-393 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{c08824a6c8c049fab536859f70146a38,

title = "Chainable Functional Commitments for Unbounded-Depth Circuits",

abstract = "A functional commitment (FC) scheme allows one to commit to a vector x and later produce a short opening proof of (f, f(x) ) for any admissible function f. Since their inception, FC schemes supporting ever more expressive classes of functions have been proposed. In this work, we introduce a novel primitive that we call chainable functional commitment (CFC), which extends the functionality of FCs by allowing one to 1) open to functions of multiple inputs f(x1, …, xm) that are committed independently, 2) while preserving the output also in committed form. We show that CFCs for quadratic polynomial maps generically imply FCs for circuits. Then, we efficiently realize CFCs for quadratic polynomials over pairing groups and lattices, resulting in the first FC schemes for circuits of unbounded depth based on either pairing-based or lattice-based falsifiable assumptions. Our FCs require fixing a-priori only the maximal width of the circuit to be evaluated, and have opening proof size depending only on the circuit depth. Additionally, our FCs feature other nice properties such as being additively homomorphic and supporting sublinear-time verification after offline preprocessing. Using a recent transformation that constructs homomorphic signatures (HS) from FCs, we obtain the first pairing- and lattice-based realisations of HS for bounded-width, but unbounded-depth, circuits. Prior to this work, the only HS for general circuits is lattice-based and requires bounding the circuit depth at setup time.",

author = "David Balb{\'a}s and Dario Catalano and Dario Fiore and Lai, {Russell W.F.}",

note = "Funding Information: This work is supported by the PICOCRYPT project that has received funding from the European Research Council (ERC) under the European Union{\textquoteright}s Horizon 2020 research and innovation programme (Grant agreement No. 101001283), partially supported by projects PRODIGY (TED2021-132464B-I00) and ESPADA (PID2022-142290OB-I00) funded by MCIN/AEI/10.13039/501100011033/ and the European Union NextGenerationEU/PRTR, and partially funded by Ministerio de Universidades (FPU21/00600). This research has been supported in part by the Programma ricerca di ateneo UNICT 35 2020-22 linea 2 and by research gifts from Protocol Labs. Publisher Copyright: {\textcopyright} International Association for Cryptologic Research 2023.; Theory of Cryptography Conference, TCC ; Conference date: 29-11-2023 Through 02-12-2023",

year = "2023",

doi = "10.1007/978-3-031-48621-0_13",

language = "English",

isbn = "978-3-031-48620-3",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "363--393",

editor = "Guy Rothblum and Hoeteck Wee",

booktitle = "Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings",

address = "Germany",

}

Balbás, D, Catalano, D, Fiore, D & Lai, RWF 2023, Chainable Functional Commitments for Unbounded-Depth Circuits. julkaisussa G Rothblum & H Wee (toim), Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vuosikerta 14371 LNCS, Springer, Sivut 363-393, Theory of Cryptography Conference, Taipei, Taiwan, 29/11/2023. https://doi.org/10.1007/978-3-031-48621-0_13

Chainable Functional Commitments for Unbounded-Depth Circuits. / Balbás, David; Catalano, Dario; Fiore, Dario et al.
Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings. toim. / Guy Rothblum; Hoeteck Wee. Springer, 2023. s. 363-393 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 14371 LNCS).

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

TY - GEN

T1 - Chainable Functional Commitments for Unbounded-Depth Circuits

AU - Balbás, David

AU - Catalano, Dario

AU - Fiore, Dario

AU - Lai, Russell W.F.

N1 - Conference code: 21

PY - 2023

Y1 - 2023

N2 - A functional commitment (FC) scheme allows one to commit to a vector x and later produce a short opening proof of (f, f(x) ) for any admissible function f. Since their inception, FC schemes supporting ever more expressive classes of functions have been proposed. In this work, we introduce a novel primitive that we call chainable functional commitment (CFC), which extends the functionality of FCs by allowing one to 1) open to functions of multiple inputs f(x1, …, xm) that are committed independently, 2) while preserving the output also in committed form. We show that CFCs for quadratic polynomial maps generically imply FCs for circuits. Then, we efficiently realize CFCs for quadratic polynomials over pairing groups and lattices, resulting in the first FC schemes for circuits of unbounded depth based on either pairing-based or lattice-based falsifiable assumptions. Our FCs require fixing a-priori only the maximal width of the circuit to be evaluated, and have opening proof size depending only on the circuit depth. Additionally, our FCs feature other nice properties such as being additively homomorphic and supporting sublinear-time verification after offline preprocessing. Using a recent transformation that constructs homomorphic signatures (HS) from FCs, we obtain the first pairing- and lattice-based realisations of HS for bounded-width, but unbounded-depth, circuits. Prior to this work, the only HS for general circuits is lattice-based and requires bounding the circuit depth at setup time.

AB - A functional commitment (FC) scheme allows one to commit to a vector x and later produce a short opening proof of (f, f(x) ) for any admissible function f. Since their inception, FC schemes supporting ever more expressive classes of functions have been proposed. In this work, we introduce a novel primitive that we call chainable functional commitment (CFC), which extends the functionality of FCs by allowing one to 1) open to functions of multiple inputs f(x1, …, xm) that are committed independently, 2) while preserving the output also in committed form. We show that CFCs for quadratic polynomial maps generically imply FCs for circuits. Then, we efficiently realize CFCs for quadratic polynomials over pairing groups and lattices, resulting in the first FC schemes for circuits of unbounded depth based on either pairing-based or lattice-based falsifiable assumptions. Our FCs require fixing a-priori only the maximal width of the circuit to be evaluated, and have opening proof size depending only on the circuit depth. Additionally, our FCs feature other nice properties such as being additively homomorphic and supporting sublinear-time verification after offline preprocessing. Using a recent transformation that constructs homomorphic signatures (HS) from FCs, we obtain the first pairing- and lattice-based realisations of HS for bounded-width, but unbounded-depth, circuits. Prior to this work, the only HS for general circuits is lattice-based and requires bounding the circuit depth at setup time.

UR - http://www.scopus.com/inward/record.url?scp=85178664594&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-48621-0_13

DO - 10.1007/978-3-031-48621-0_13

M3 - Conference article in proceedings

AN - SCOPUS:85178664594

SN - 978-3-031-48620-3

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 363

EP - 393

BT - Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings

A2 - Rothblum, Guy

A2 - Wee, Hoeteck

PB - Springer

T2 - Theory of Cryptography Conference

Y2 - 29 November 2023 through 2 December 2023

ER -

Balbás D, Catalano D, Fiore D, Lai RWF. Chainable Functional Commitments for Unbounded-Depth Circuits. julkaisussa Rothblum G, Wee H, toimittajat, Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings. Springer. 2023. s. 363-393. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-48621-0_13