Efficient Zero-Knowledge Arguments for Arithmetic Circuits in the Discrete Log Setting
- Submitting institution
-
University College London
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 14144
- Type
- E - Conference contribution
- DOI
-
10.1007/978-3-662-49896-5_12
- Title of conference / published proceedings
- Advances in Cryptology – EUROCRYPT 2016
- First page
- 327
- Volume
- 9666
- Issue
- -
- ISSN
- 0302-9743
- Open access status
- Out of scope for open access requirements
- Month of publication
- April
- Year of publication
- 2016
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
4
- Research group(s)
-
-
- Citation count
- 26
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- Our key discovery is a new key/message homomorphic interaction in the well-known Pedersen commitment scheme. It forms the core of a novel zero-knowledge proofs based on the discrete logarithm problem for arithmetic circuit satisfiability (general purpose statements) with communication that is logarithmic in the size of the circuit size. For comparison, after three decades of research in this class of widely used zero-knowledge proofs the most efficient system had square-root communication size and dated back to 2009. Stanford researchers optimized and implemented our proof system under the name Bulletproofs, which is deployed in the blockchain space to verify cryptocurrency balances.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -