111,535 research outputs found
Efficient Modular NIZK Arguments from Shift and Product
We propose a non-interactive product argument, that is more efficient than the one by Groth and Lipmaa, and a novel shift argument. We then use them to design several novel non-interactive zero-knowledge (NIZK) arguments. We obtain the first range proof with constant communication and subquadratic prover\u27s computation.
We construct NIZK arguments for -complete languages, {\textsc{Set-Partition}}, {\textsc{Subset-Sum}} and {\textsc{Decision-Knapsack}}, with constant communication, subquadratic prover\u27s computation and linear verifier\u27s computation
Optimal Error Rates for Interactive Coding II: Efficiency and List Decoding
We study coding schemes for error correction in interactive communications.
Such interactive coding schemes simulate any -round interactive protocol
using rounds over an adversarial channel that corrupts up to
transmissions. Important performance measures for a coding scheme are its
maximum tolerable error rate , communication complexity , and
computational complexity.
We give the first coding scheme for the standard setting which performs
optimally in all three measures: Our randomized non-adaptive coding scheme has
a near-linear computational complexity and tolerates any error rate with a linear communication complexity. This improves over
prior results which each performed well in two of these measures.
We also give results for other settings of interest, namely, the first
computationally and communication efficient schemes that tolerate adaptively, if only one party is required to
decode, and if list decoding is allowed. These are the
optimal tolerable error rates for the respective settings. These coding schemes
also have near linear computational and communication complexity.
These results are obtained via two techniques: We give a general black-box
reduction which reduces unique decoding, in various settings, to list decoding.
We also show how to boost the computational and communication efficiency of any
list decoder to become near linear.Comment: preliminary versio
Bulletproofs: Short Proofs for Confidential Transactions and More
We propose Bulletproofs, a new non-interactive zero-knowledge proof protocol
with very short proofs and without a trusted setup; the proof size is only logarithmic in the witness size.
Bulletproofs are especially well suited for efficient range proofs on committed values: they enable proving that a committed value is in a range using only group and field elements, where is the bit length of the range.
Proof generation and verification times are linear in .
Bulletproofs greatly improve on the linear (in ) sized range proofs in existing proposals for confidential transactions in Bitcoin and other cryptocurrencies.
Moreover, Bulletproofs supports aggregation of range proofs, so that a party can prove that commitments lie in a given range by providing only an additive group elements over the length of a single proof.
To aggregate proofs from multiple parties, we enable the parties to generate a single proof without revealing their inputs to each other via a simple multi-party computation (MPC) protocol for constructing Bulletproofs.
This MPC protocol uses either a constant number of rounds and linear communication, or a logarithmic number of rounds and logarithmic communication.
We show that verification time, while asymptotically linear, is very efficient in practice. Moreover, the verification of multiple Bulletproofs can be batched for further speed-up. Concretely, the marginal time to verify an aggregation of 16 range proofs is about the same as the time to verify 16 ECDSA signatures.
Bulletproofs build on the techniques of Bootle et al. (EUROCRYPT 2016).
Beyond range proofs, Bulletproofs provide short zero-knowledge proofs for general arithmetic circuits while only relying on the discrete logarithm assumption and without requiring a trusted setup.
We discuss many applications that would benefit from Bulletproofs, primarily in the area of cryptocurrencies.
The efficiency of Bulletproofs is particularly well suited for the distributed and trustless nature of blockchains
Coding for interactive communication correcting insertions and deletions
We consider the question of interactive communication, in which two remote
parties perform a computation while their communication channel is
(adversarially) noisy. We extend here the discussion into a more general and
stronger class of noise, namely, we allow the channel to perform insertions and
deletions of symbols. These types of errors may bring the parties "out of
sync", so that there is no consensus regarding the current round of the
protocol.
In this more general noise model, we obtain the first interactive coding
scheme that has a constant rate and resists noise rates of up to
. To this end we develop a novel primitive we name edit
distance tree code. The edit distance tree code is designed to replace the
Hamming distance constraints in Schulman's tree codes (STOC 93), with a
stronger edit distance requirement. However, the straightforward generalization
of tree codes to edit distance does not seem to yield a primitive that suffices
for communication in the presence of synchronization problems. Giving the
"right" definition of edit distance tree codes is a main conceptual
contribution of this work
Scalable and Secure Aggregation in Distributed Networks
We consider the problem of computing an aggregation function in a
\emph{secure} and \emph{scalable} way. Whereas previous distributed solutions
with similar security guarantees have a communication cost of , we
present a distributed protocol that requires only a communication complexity of
, which we prove is near-optimal. Our protocol ensures perfect
security against a computationally-bounded adversary, tolerates
malicious nodes for any constant (not
depending on ), and outputs the exact value of the aggregated function with
high probability
- âŠ