Abstract
Zero-knowledge proof systems are usually designed to support computations for circuits over F2 or Fp for large p, but not for computations over Z2k, which all modern CPUs operate on. Although Z2k -arithmetic can be emulated using prime moduli, this comes with an unavoidable overhead. Recently, Baum et al. (CCS 2021) suggested a candidate construction for a designated-verifier zero-knowledge proof system that natively runs over Z2k. Unfortunately, their construction requires preprocessed random vector oblivious linear evaluation (VOLE) to be instantiated over Z2k. Currently, it is not known how to efficiently generate such random VOLE in large quantities. In this work, we present a maliciously secure, VOLE extension protocol that can turn a short seed-VOLE over Z2k into a much longer, pseudorandom VOLE over the same ring. Our construction borrows ideas from recent protocols over finite fields, which we non-trivially adapt to work over Z2k. Moreover, we show that the approach taken by the QuickSilver zero-knowledge proof system (Yang et al. CCS 2021) can be generalized to support computations over Z2k. This new VOLE-based proof system, which we call QuarkSilver, yields better efficiency than the previous zero-knowledge protocols suggested by Baum et al. Furthermore, we implement both our VOLE extension and our zero-knowledge proof system, and show that they can generate 13–50 million VOLEs per second for 64bit to 256bit rings, and evaluate 1.3million64bit multiplications per second in zero-knowledge.
| Original language | English |
|---|---|
| Title of host publication | Advances in Cryptology – CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Proceedings |
| Editors | Yevgeniy Dodis, Thomas Shrimpton |
| Publisher | Springer Science and Business Media Deutschland GmbH |
| Pages | 329-358 |
| Number of pages | 30 |
| ISBN (Print) | 9783031159848 |
| DOIs | |
| State | Published - 2022 |
| Externally published | Yes |
| Event | 42nd Annual International Cryptology Conference, CRYPTO 2022 - Hybrid, Santa Barbara, United States Duration: 15 Aug 2022 → 18 Aug 2022 |
Publication series
| Name | Lecture Notes in Computer Science |
|---|---|
| Volume | 13510 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 42nd Annual International Cryptology Conference, CRYPTO 2022 |
|---|---|
| Country/Territory | United States |
| City | Hybrid, Santa Barbara |
| Period | 15/08/22 → 18/08/22 |
Bibliographical note
Publisher Copyright:© 2022, International Association for Cryptologic Research.
Funding
Acknowledgements. This work is supported by the European Research Council (ERC) under the European Unions’s Horizon 2020 research and innovation programme under grant agreement No. 803096 (SPEC), the Carlsberg Foundation under the Semper Ardens Research Project CF18-112 (BCM), the Independent Research Fund Denmark (DFF) under project number 0165-00107B (C3PO), the Aarhus University Research Foundation, and the Defense Advanced Research Projects Agency (DARPA) under Contract No. HR001120C0085. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Defense Advanced Research Projects Agency (DARPA). Distribution Statement “A” (Approved for Public Release, Distribution Unlimited). We thank the ENCRYPTO group at TU Darmstadt for allowing us to use their servers for our experiments.
| Funders | Funder number |
|---|---|
| European Unions’s Horizon 2020 research and innovation programme | 803096 |
| Defense Advanced Research Projects Agency | HR001120C0085 |
| European Commission | |
| Aarhus Universitets Forskningsfond | |
| Carlsbergfondet | CF18-112 |
| Danmarks Frie Forskningsfond | 0165-00107B |