Abstract
Succinct Non-interactive Arguments of Knowledge (SNARks) are receiving a lot of attention as a core privacy-enhancing technology for blockchain applications. Polynomial commitment schemes are important building blocks for the construction of SNARks. Polynomial commitment schemes enable the prover to commit to a secret polynomial of the prover and convince the verifier that the evaluation of the committed polynomial is correct at a public point later. Bünz et al. recently presented a novel polynomial commitment scheme with no trusted setup in Eurocrypt’20. To provide a transparent setup, their scheme is built over an ideal class group of imaginary quadratic fields (or briefly, class group). However, cryptographic assumptions on a class group are relatively new and have, thus far, not been well-analyzed. In this paper, we study an approach to transpose Bünz et al.’s techniques in the discrete log setting because the discrete log setting brings a significant improvement in efficiency and security compared to class groups. We show that the transposition to the discrete log setting can be obtained by employing a proof system for the equality of discrete logarithms over multiple bases. Theoretical analysis shows that the transposition preserves security requirements for a polynomial commitment scheme.
Highlights
Zero-Knowledge Succinct Non-interactive Arguments of Knowledge are non-interactive proof systems between the prover and the verifier
This is because a monomial homomorphic property may require some special structures for base elements in the group, which is impossible to generate without a trusted setup
We presented how to transpose a recursive argument of polynomial evaluation over a class group proposed by Bünz et al to the discrete log setting as a way to improve the efficiency
Summary
Zero-Knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARKs) are non-interactive proof systems between the prover and the verifier They provide a way for the prover to convince the verifier that the statement claimed by the prover is true without disclosing any other information except the validity of the statement while maintaining a short proof size and an efficient verification by the verifier. Since their adoption to cryptocurrency systems, such as Zcash [1] and Ethereum [2], zk-SNARKs are regarded as an essential technique for solving data privacy issues in blockchain-based applications. Because the transparent property is desirable for applications, such as cryptocurrency, recent constructions [6,7,8]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
