Lattice-Based Succinct Arguments from Vanishing Polynomials

Valerio Cini; Russell W.F. Lai; Giulio Malavolta

doi:10.1007/978-3-031-38545-2_3

Lattice-Based Succinct Arguments from Vanishing Polynomials

Valerio Cini^*, Russell W.F. Lai, Giulio Malavolta

^*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

15 Sitaatiot (Scopus)

Abstrakti

Succinct arguments allow a prover to convince a verifier of the validity of any statement in a language, with minimal communication and verifier’s work. Among other approaches, lattice-based protocols offer solid theoretical foundations, post-quantum security, and a rich algebraic structure. In this work, we present some new approaches to constructing efficient lattice-based succinct arguments. Our main technical ingredient is a new commitment scheme based on vanishing polynomials, a notion borrowed from algebraic geometry. We analyse the security of such a commitment scheme, and show how to take advantage of the additional algebraic structure to build new lattice-based succinct arguments. A few highlights amongst our results are: (i)The first recursive folding (i.e. Bulletproofs-like) protocol for linear relations with polylogarithmic verifier runtime. Traditionally, the verifier runtime has been the efficiency bottleneck for such protocols (regardless of the underlying assumptions).(ii)The first verifiable delay function (VDF) based on lattices, building on a recently introduced sequential relation.(iii)The first lattice-based linear-time prover succinct argument for NP, in the preprocessing model. The soundness of the scheme is based on (knowledge)-k-R-ISIS assumption [Albrecht et al., CRYPTO’22].

Alkuperäiskieli	Englanti
Otsikko	Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II
Toimittajat	Helena Handschuh, Anna Lysyanskaya
Kustantaja	Springer
Sivut	72-105
Sivumäärä	34
ISBN (painettu)	978-3-031-38544-5
DOI - pysyväislinkit	https://doi.org/10.1007/978-3-031-38545-2_3
Tila	Julkaistu - 2023
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisussa
Tapahtuma	International Cryptology Conference - Santa Barbara, Yhdysvallat Kesto: 20 elok. 2023 → 24 elok. 2023 Konferenssinumero: 43

Julkaisusarja

Nimi	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Kustantaja	Springer
Vuosikerta	14082 LNCS
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Conference

Conference	International Cryptology Conference
Lyhennettä	CRYPTO
Maa/Alue	Yhdysvallat
Kaupunki	Santa Barbara
Ajanjakso	20/08/2023 → 24/08/2023

Pääsy asiakirjaan

10.1007/978-3-031-38545-2_3

https://eprint.iacr.org/2023/1405Lisenssi: CC BY

Muut tiedostot ja linkit

Linkki julkaisuun Scopuksessa

Siteeraa tätä

Cini, V., Lai, R. W. F., & Malavolta, G. (2023). Lattice-Based Succinct Arguments from Vanishing Polynomials. teoksessa H. Handschuh, & A. Lysyanskaya (Toimittajat), Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II (Sivut 72-105). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 14082 LNCS). Springer. https://doi.org/10.1007/978-3-031-38545-2_3

Cini, Valerio ; Lai, Russell W.F. ; Malavolta, Giulio. / Lattice-Based Succinct Arguments from Vanishing Polynomials. Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II. Toimittaja / Helena Handschuh ; Anna Lysyanskaya. Springer, 2023. Sivut 72-105 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{60dc73e43e09445992e3b5f6860a0dd8,

title = "Lattice-Based Succinct Arguments from Vanishing Polynomials",

abstract = "Succinct arguments allow a prover to convince a verifier of the validity of any statement in a language, with minimal communication and verifier{\textquoteright}s work. Among other approaches, lattice-based protocols offer solid theoretical foundations, post-quantum security, and a rich algebraic structure. In this work, we present some new approaches to constructing efficient lattice-based succinct arguments. Our main technical ingredient is a new commitment scheme based on vanishing polynomials, a notion borrowed from algebraic geometry. We analyse the security of such a commitment scheme, and show how to take advantage of the additional algebraic structure to build new lattice-based succinct arguments. A few highlights amongst our results are: (i)The first recursive folding (i.e. Bulletproofs-like) protocol for linear relations with polylogarithmic verifier runtime. Traditionally, the verifier runtime has been the efficiency bottleneck for such protocols (regardless of the underlying assumptions).(ii)The first verifiable delay function (VDF) based on lattices, building on a recently introduced sequential relation.(iii)The first lattice-based linear-time prover succinct argument for NP, in the preprocessing model. The soundness of the scheme is based on (knowledge)-k-R-ISIS assumption [Albrecht et al., CRYPTO{\textquoteright}22].",

author = "Valerio Cini and Lai, {Russell W.F.} and Giulio Malavolta",

note = "Funding Information: V. Cini was funded by the Austrian Science Fund (FWF) and netidee SCIENCE grant P31621-N38 (PROFET). G. Malavolta was partially funded by the German Federal Ministry of Education and Research (BMBF) in the course of the 6GEM research hub under grant number 16KISK038 and by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) under Germany{\textquoteright}s Excellence Strategy-EXC 2092 CASA-390781972. Publisher Copyright: {\textcopyright} 2023, International Association for Cryptologic Research.; International Cryptology Conference, CRYPTO ; Conference date: 20-08-2023 Through 24-08-2023",

year = "2023",

doi = "10.1007/978-3-031-38545-2_3",

language = "English",

isbn = "978-3-031-38544-5",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "72--105",

editor = "Helena Handschuh and Anna Lysyanskaya",

booktitle = "Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II",

address = "Germany",

}

Cini, V, Lai, RWF & Malavolta, G 2023, Lattice-Based Succinct Arguments from Vanishing Polynomials. julkaisussa H Handschuh & A Lysyanskaya (toim), Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vuosikerta 14082 LNCS, Springer, Sivut 72-105, International Cryptology Conference, Santa Barbara, California, Yhdysvallat, 20/08/2023. https://doi.org/10.1007/978-3-031-38545-2_3

Lattice-Based Succinct Arguments from Vanishing Polynomials. / Cini, Valerio; Lai, Russell W.F.; Malavolta, Giulio.
Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II. toim. / Helena Handschuh; Anna Lysyanskaya. Springer, 2023. s. 72-105 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 14082 LNCS).

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference article in proceedings › Scientific › vertaisarvioitu

TY - GEN

T1 - Lattice-Based Succinct Arguments from Vanishing Polynomials

AU - Cini, Valerio

AU - Lai, Russell W.F.

AU - Malavolta, Giulio

N1 - Conference code: 43

PY - 2023

Y1 - 2023

N2 - Succinct arguments allow a prover to convince a verifier of the validity of any statement in a language, with minimal communication and verifier’s work. Among other approaches, lattice-based protocols offer solid theoretical foundations, post-quantum security, and a rich algebraic structure. In this work, we present some new approaches to constructing efficient lattice-based succinct arguments. Our main technical ingredient is a new commitment scheme based on vanishing polynomials, a notion borrowed from algebraic geometry. We analyse the security of such a commitment scheme, and show how to take advantage of the additional algebraic structure to build new lattice-based succinct arguments. A few highlights amongst our results are: (i)The first recursive folding (i.e. Bulletproofs-like) protocol for linear relations with polylogarithmic verifier runtime. Traditionally, the verifier runtime has been the efficiency bottleneck for such protocols (regardless of the underlying assumptions).(ii)The first verifiable delay function (VDF) based on lattices, building on a recently introduced sequential relation.(iii)The first lattice-based linear-time prover succinct argument for NP, in the preprocessing model. The soundness of the scheme is based on (knowledge)-k-R-ISIS assumption [Albrecht et al., CRYPTO’22].

AB - Succinct arguments allow a prover to convince a verifier of the validity of any statement in a language, with minimal communication and verifier’s work. Among other approaches, lattice-based protocols offer solid theoretical foundations, post-quantum security, and a rich algebraic structure. In this work, we present some new approaches to constructing efficient lattice-based succinct arguments. Our main technical ingredient is a new commitment scheme based on vanishing polynomials, a notion borrowed from algebraic geometry. We analyse the security of such a commitment scheme, and show how to take advantage of the additional algebraic structure to build new lattice-based succinct arguments. A few highlights amongst our results are: (i)The first recursive folding (i.e. Bulletproofs-like) protocol for linear relations with polylogarithmic verifier runtime. Traditionally, the verifier runtime has been the efficiency bottleneck for such protocols (regardless of the underlying assumptions).(ii)The first verifiable delay function (VDF) based on lattices, building on a recently introduced sequential relation.(iii)The first lattice-based linear-time prover succinct argument for NP, in the preprocessing model. The soundness of the scheme is based on (knowledge)-k-R-ISIS assumption [Albrecht et al., CRYPTO’22].

UR - http://www.scopus.com/inward/record.url?scp=85173011213&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-38545-2_3

DO - 10.1007/978-3-031-38545-2_3

M3 - Conference article in proceedings

AN - SCOPUS:85173011213

SN - 978-3-031-38544-5

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 72

EP - 105

BT - Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II

A2 - Handschuh, Helena

A2 - Lysyanskaya, Anna

PB - Springer

T2 - International Cryptology Conference

Y2 - 20 August 2023 through 24 August 2023

ER -

Cini V, Lai RWF, Malavolta G. Lattice-Based Succinct Arguments from Vanishing Polynomials. julkaisussa Handschuh H, Lysyanskaya A, toimittajat, Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II. Springer. 2023. s. 72-105. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-38545-2_3