[PDF][PDF] Brakedown: Linear-time and post-quantum SNARKs for R1CS.
This paper introduces Brakedown, 1 the first built system that provides linear-time SNARKs
for NP, meaning the prover incurs O (N) finite field operations to prove the satisfiability of an …
for NP, meaning the prover incurs O (N) finite field operations to prove the satisfiability of an …
Spartan: Efficient and general-purpose zkSNARKs without trusted setup
S Setty - Annual International Cryptology Conference, 2020 - Springer
This paper introduces Spartan, a new family of zero-knowledge succinct non-interactive
arguments of knowledge (zkSNARKs) for the rank-1 constraint satisfiability (R1CS), an NP …
arguments of knowledge (zkSNARKs) for the rank-1 constraint satisfiability (R1CS), an NP …
Dory: Efficient, transparent arguments for generalised inner products and polynomial commitments
J Lee - Theory of Cryptography Conference, 2021 - Springer
This paper presents Dory, a transparent setup, public-coin interactive argument for inner-
pairing products between committed vectors of elements of two source groups. For a product …
pairing products between committed vectors of elements of two source groups. For a product …
Efficient KZG-Based Univariate Sum-Check and Lookup Argument
We propose a novel KZG-based sum-check scheme, dubbed Losum, with optimal efficiency.
Particularly, its proving cost is one multi-scalar-multiplication of size k—the number of non …
Particularly, its proving cost is one multi-scalar-multiplication of size k—the number of non …
Garbled circuit lookup tables with logarithmic number of ciphertexts
Garbled Circuit (GC) is a basic technique for practical secure computation. GC handles
Boolean circuits; it consumes significant network bandwidth to transmit encoded gate truth …
Boolean circuits; it consumes significant network bandwidth to transmit encoded gate truth …
Monolith: Circuit-friendly hash functions with new nonlinear layers for fast and constant-time implementations
L Grassi, D Khovratovich, R Lüftenegger… - Cryptology ePrint …, 2023 - eprint.iacr.org
Hash functions are a crucial component in incrementally verifiable computation (IVC)
protocols and applications. Among those, recursive SNARKs and folding schemes require …
protocols and applications. Among those, recursive SNARKs and folding schemes require …
Goldreich's one-way function candidate and myopic backtracking algorithms
Goldreich (ECCC 2000) proposed a candidate one-way function construction which is
parameterized by the choice of a small predicate (over d= O (1) variables) and of a bipartite …
parameterized by the choice of a small predicate (over d= O (1) variables) and of a bipartite …
SPARKs: succinct parallelizable arguments of knowledge
N Ephraim, C Freitag, I Komargodski… - … Conference on the Theory …, 2020 - Springer
We introduce the notion of a Succinct Parallelizable Argument of Knowledge (SPARK). This
is an argument system with the following three properties for computing and proving a time T …
is an argument system with the following three properties for computing and proving a time T …
A novel permutation-based hash mode of operation FP and the hash function SAMOSA
The contribution of the paper is two-fold. First, we design a novel permutation-based hash
mode of operation FP, and analyze its security. We show that any n-bit hash function that …
mode of operation FP, and analyze its security. We show that any n-bit hash function that …
Succinct non-interactive arguments via linear interactive proofs
Succinct non-interactive arguments (SNARGs) enable verifying NP statements with lower
complexity than required for classical NP verification. Traditionally, the focus has been on …
complexity than required for classical NP verification. Traditionally, the focus has been on …