Chapter

Public Key Cryptography – PKC 2011

Volume 6571 of the series Lecture Notes in Computer Science pp 387-402

Round-Efficient Sub-linear Zero-Knowledge Arguments for Linear Algebra

  • Jae Hong SeoAffiliated withDepartment of Mathematical Sciences and ISaC-RIM, Seoul National University

Abstract

The round complexity of interactive zero-knowledge arguments is an important measure along with communication and computational complexities. In the case of zero-knowledge arguments for linear algebraic relations over finite fields, Groth proposed (at CRYPTO 2009) an elegant methodology that achieves sub-linear communication overheads and low computational complexity. He obtained zero-knowledge arguments of sub-linear size for linear algebra using reductions from linear algebraic relations to equations of the form z = x*′y, where x, \(\mathbf{y}\in\mathbb{F}_p^n\) are committed vectors, \(z\in\mathbb{F}_p\) is a committed element, and \(*':\mathbb{F}_p^n\times\mathbb{F}_p^n\rightarrow\mathbb{F}_p\) is a bilinear map. These reductions impose additional rounds on zero-knowledge arguments of sub-linear size. We focus on minimizing such additional rounds, and we reduce the rounds of sub-linear zero-knowledge arguments for linear algebraic relations as compared with Groth’s zero-knowledge arguments for the same relations. To reduce round complexity, we propose a general transformation from a t-round zero-knowledge argument, satisfying mild conditions, to a (t − 2)-round zero-knowledge argument; this transformation is of independent interest.

Keywords

Round-efficient zero-knowledge arguments sub-linear zero-knowledge arguments linear algebra