Skip to main content
SpringerLink
Log in
Book cover

International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2022: Advances in Cryptology – ASIACRYPT 2022 pp 517–546Cite as

Non-interactive Zero-Knowledge Proofs to Multiple Verifiers

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13793))

Abstract

In this paper, we study zero-knowledge (ZK) proofs for circuit satisfiability that can prove to n verifiers at a time efficiently. The proofs are secure against the collusion of a prover and a subset of t verifiers. We refer to such ZK proofs as multi-verifier zero-knowledge (MVZK) proofs and focus on the case that a majority of verifiers are honest (i.e., \(t<n/2\)). We construct efficient MVZK protocols in the random oracle model where the prover sends one message to each verifier, while the verifiers only exchange one round of messages. When the threshold of corrupted verifiers \(t<n/2\), the prover sends \(1/2+o(1)\) field elements per multiplication gate to every verifier; when \(t<n(1/2-\epsilon )\) for some constant \(0<\epsilon <1/2\), we can further reduce the communication to O(1/n) field elements per multiplication gate per verifier. Our MVZK protocols demonstrate particularly high scalability: the proofs are streamable and only require a memory proportional to what is needed to evaluate the circuit in the clear.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Abe, M.: Robust distributed multiplication without interaction. In: Advances in Cryptology-Crypto 1999. LNCS, vol. 1666, pp. 130–147. Springer (1999). https://doi.org/10.1007/3-540-48405-1_9

  2. Abe, M., Cramer, R., Fehr, S.: Non-interactive distributed-verifier proofs and proving relations among commitments. In: Advances in Cryptology-Asiacrypt 2002. LNCS, pp. 206–223. Springer (2002). https://doi.org/10.1007/3-540-36178-2_13

  3. Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: lightweight sublinear arguments without a trusted setup. In: ACM Conference on Computer and Communications Security (CCS) 2017, pp. 2087–2104. ACM Press (2017). https://doi.org/10.1145/3133956.3134104

  4. Applebaum, B., Kachlon, E., Patra, A.: Verifiable relation sharing and multi-verifier zero-knowledge in two rounds: trading NIZKs with honest majority. Cryptology ePrint Archive, Paper 2022/167 (2022). https://eprint.iacr.org/2022/167

  5. Baldimtsi, F., Kiayias, A., Zacharias, T., Zhang, B.: Crowd verifiable zero-knowledge and end-to-end verifiable multiparty computation. In: Advances in Cryptology-Asiacrypt 2020, Part III. LNCS, pp. 717–748. Springer (2020). https://doi.org/10.1007/978-3-030-64840-4_24

  6. Baum, C., Braun, L., Munch-Hansen, A., Razet, B., Scholl, P.: Appenzeller to brie: efficient zero-knowledge proofs for mixed-mode arithmetic and Z2k. In: ACM Conference on Computer and Communications Security (CCS) 2021, pp. 192–211. ACM Press (2021). https://doi.org/10.1145/3460120.3484812

  7. Baum, C., Jadoul, R., Orsini, E., Scholl, P., Smart, N.P.: Feta: efficient threshold designated-verifier zero-knowledge proofs. Cryptology ePrint Archive, Paper 2022/082 (2022). https://eprint.iacr.org/2022/082

  8. Baum, C., Malozemoff, A.J., Rosen, M.B., Scholl, P.: \(\sf Mac^{\prime }n^{\prime }Cheese\): zero-knowledge proofs for Boolean and arithmetic circuits with nested disjunctions. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12828, pp. 92–122. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84259-8_4

    Chapter  Google Scholar 

  9. Beck, G., Goel, A., Jain, A., Kaptchuk, G.: Order-C secure multiparty computation for highly repetitive circuits. In: Advances in Cryptology-Eurocrypt 2021, Part II. LNCS, pp. 663–693. Springer (2021). https://doi.org/10.1007/978-3-030-77886-6_23

  10. Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable zero knowledge with no trusted setup. In: Advances in Cryptology-Crypto 2019, Part III. LNCS, vol. 11694, pp. 701–732. Springer (2019). https://doi.org/10.1007/978-3-030-26954-8_23

  11. Ben-Sasson, E., Chiesa, A., Riabzev, M., Spooner, N., Virza, M., Ward, N.P.: Aurora: transparent succinct arguments for R1CS. In: Advances in Cryptology-Eurocrypt 2019, Part I. LNCS, vol. 11476, pp. 103–128. Springer (2019). https://doi.org/10.1007/978-3-030-17653-2_4

  12. Ben-Sasson, E., Chiesa, A., Spooner, N.: Interactive oracle proofs. In: 9th Theory of Cryptography Conference–TCC 2016, pp. 31–60. LNCS, Springer (2016). https://doi.org/10.1007/978-3-662-53644-5_2

  13. Bhadauria, R., Fang, Z., Hazay, C., Venkitasubramaniam, M., Xie, T., Zhang, Y.: Ligero++: a new optimized sublinear IOP. In: ACM Conference on Computer and Communications Security (CCS) 2020, pp. 2025–2038. ACM Press (2020). https://doi.org/10.1145/3372297.3417893

  14. Boneh, D., Boyle, E., Corrigan-Gibbs, H., Gilboa, N., Ishai, Y.: Zero-knowledge proofs on secret-shared data via fully linear PCPs. In: Advances in Cryptology-Crypto 2019, Part III. LNCS, vol. 11694, pp. 67–97. Springer (2019). https://doi.org/10.1007/978-3-030-26954-8_3

  15. Bootle, J., Cerulli, A., Chaidos, P., Groth, J., Petit, C.: Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Advances in Cryptology-Eurocrypt 2016, Part II. LNCS, vol. 9666, pp. 327–357. Springer (2016). https://doi.org/10.1007/978-3-662-49896-5_12

  16. Boyle, E., Gilboa, N., Ishai, Y., Nof, A.: Efficient fully secure computation via distributed zero-knowledge proofs. In: Advances in Cryptology-Asiacrypt 2020, Part III. LNCS, pp. 244–276. Springer (2020). https://doi.org/10.1007/978-3-030-64840-4_9

  17. Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: IEEE Symposium Security and Privacy 2018, pp. 315–334. IEEE (2018). https://doi.org/10.1109/SP.2018.00020

  18. Bünz, B., Fisch, B., Szepieniec, A.: Transparent SNARKs from DARK compilers. In: Advances in Cryptology-Eurocrypt 2020, Part I. LNCS, vol. 12105, pp. 677–706. Springer (2020). https://doi.org/10.1007/978-3-030-45721-1_24

  19. Burmester, M., Desmedt, Y.: Broadcast interactive proofs (extended abstract). In: Advances in Cryptology-Eurocrypt 1991. LNCS, pp. 81–95. Springer (1991). https://doi.org/10.1007/3-540-46416-6_7

  20. Canetti, R., et al.: Fiat-Shamir: from practice to theory. In: 51th Annual ACM Symposium on Theory of Computing (STOC), pp. 1082–1090. ACM Press (2019). https://doi.org/10.1145/3313276.3316380

  21. Canetti, R., Kaptchuk, G.: The Broken Promise of Apple’s Announced Forbidden-photo Reporting System - And How To Fix It. https://www.bu.edu/riscs/2021/08/10/apple-csam/ (2021)

  22. Chida, K., et al.: Fast large-scale honest-majority MPC for malicious adversaries. In: Advances in Cryptology-Crypto 2018, Part III. LNCS, vol. 10993, pp. 34–64. Springer (2018). https://doi.org/10.1007/978-3-319-96878-0_2

  23. Corrigan-Gibbs, H., Boneh, D.: Prio: private, robust, and scalable computation of aggregate statistics. In: 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 17), pp. 259–282. USENIX Association, March 2017

    Google Scholar 

  24. Damgård, I., Ishai, Y., Krøigaard, M.: Perfectly secure multiparty computation and the computational overhead of cryptography. In: Advances in Cryptology-Eurocrypt 2010. LNCS, pp. 445–465. Springer (2010). https://doi.org/10.1007/978-3-642-13190-5_23

  25. Damgård, I., Nielsen, J.B.: Scalable and unconditionally secure multiparty computation. In: Advances in Cryptology-Crypto 2007. LNCS, vol. 4622, pp. 572–590. Springer (2007). https://doi.org/10.1007/978-3-540-74143-5_32

  26. Damgård, I., Nielsen, J.B., Nielsen, M., Ranellucci, S.: The TinyTable Protocol for 2-party secure computation, or: gate-scrambling revisited. In: Advances in Cryptology-Crypto 2017, Part I. LNCS, vol. 10401, pp. 167–187. Springer (2017). https://doi.org/10.1007/978-3-319-63688-7_6

  27. Dittmer, S., Ishai, Y., Lu, S., Ostrovsky, R.: Improving line-point zero knowledge: two multiplications for the price of one. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. ACM Press (2022)

    Google Scholar 

  28. Dittmer, S., Ishai, Y., Ostrovsky, R.: Line-point zero knowledge and its applications. In: 2nd Conference on Information-Theoretic Cryptography (2021)

    Google Scholar 

  29. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Advances in Cryptology-Crypto 1986. LNCS, pp. 186–194. Springer (1987). https://doi.org/10.1007/3-540-47721-7_12

  30. Franklin, M.K., Yung, M.: Communication complexity of secure computation (extended abstract). In: 24th Annual ACM Symposium on Theory of Computing (STOC), pp. 699–710. ACM Press (1992). https://doi.org/10.1145/129712.129780

  31. Garay, J.A., Ishai, Y., Ostrovsky, R., Zikas, V.: The price of low communication in secure multi-party computation. In: Advances in Cryptology-Crypto 2017, Part I. LNCS, vol. 10401, pp. 420–446. Springer (2017). https://doi.org/10.1007/978-3-319-63688-7_14

  32. Genkin, D., Ishai, Y., Polychroniadou, A.: Efficient multi-party computation: from passive to active security via secure SIMD circuits. In: Advances in Cryptology-Crypto 2015, Part II. LNCS, vol. 9216, pp. 721–741. Springer (2015). https://doi.org/10.1007/978-3-662-48000-7_35

  33. Genkin, D., Ishai, Y., Prabhakaran, M., Sahai, A., Tromer, E.: Circuits resilient to additive attacks with applications to secure computation. In: 46th Annual ACM Symposium on Theory of Computing (STOC), pp. 495–504. ACM Press (2014). https://doi.org/10.1145/2591796.2591861

  34. Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Advances in Cryptology-Eurocrypt 2013. LNCS, pp. 626–645. Springer (2013). https://doi.org/10.1007/978-3-642-38348-9_37

  35. Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: Delegating computation: interactive proofs for muggles. In: 40th Annual ACM Symposium on Theory of Computing (STOC), pp. 113–122. ACM Press (2008). https://doi.org/10.1145/1374376.1374396

  36. Goldwasser, S., Lindell, Y.: Secure multi-party computation without agreement. J. Cryptol. 18(3), 247–287 (2005). https://doi.org/10.1007/s00145-005-0319-z

    Article  MATH  Google Scholar 

  37. Gordon, S.D., Starin, D., Yerukhimovich, A.: The more the merrier: reducing the cost of large scale MPC. In: Advances in Cryptology-Eurocrypt 2021, Part II. LNCS, pp. 694–723. Springer (2021). https://doi.org/10.1007/978-3-030-77886-6_24

  38. Goyal, V., Li, H., Ostrovsky, R., Polychroniadou, A., Song, Y.: ATLAS: efficient and scalable MPC in the honest majority setting. In: Advances in Cryptology-Crypto 2021, Part II. LNCS, pp. 244–274. Springer (2021). https://doi.org/10.1007/978-3-030-84245-1_9

  39. Goyal, V., Polychroniadou, A., Song, Y.: Unconditional communication-efficient MPC via Hall’s marriage theorem. In: Advances in Cryptology-Crypto 2021, Part II. LNCS, pp. 275–304. Springer (2021). https://doi.org/10.1007/978-3-030-84245-1_10

  40. Goyal, V., Song, Y.: Malicious Security Comes Free in Honest-Majority MPC. Cryptology ePrint Archive, Report 2020/134 (2020). https://eprint.iacr.org/2020/134

  41. Goyal, V., Song, Y., Zhu, C.: Guaranteed output delivery comes free in honest majority MPC. In: Advances in Cryptology-Crypto 2020, Part II. LNCS, pp. 618–646. Springer (2020). https://doi.org/10.1007/978-3-030-56880-1_22

  42. Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Advances in Cryptology-Asiacrypt 2010. LNCS, pp. 321–340. Springer (2010). https://doi.org/10.1007/978-3-642-17373-8_19

  43. Groth, J., Ostrovsky, R.: Cryptography in the multi-string model. In: Advances in Cryptology-Crypto 2007. LNCS, vol. 4622, pp. 323–341. Springer (2007). https://doi.org/10.1007/978-3-540-74143-5_18

  44. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: 39th Annual ACM Symposium on Theory of Computing (STOC), pp. 21–30. ACM Press (2007). https://doi.org/10.1145/1250790.1250794

  45. Lepinski, M., Micali, S., Shelat, A.: Fair-zero knowledge. In: Theory of Cryptography Conference–TCC 2005. LNCS, vol. 3378, pp. 245–263. Springer (2005). https://doi.org/10.1007/978-3-540-30576-7_14

  46. Lindell, Y., Nof, A.: A framework for constructing fast MPC over arithmetic circuits with malicious adversaries and an honest-majority. In: ACM Conference on Computer and Communications Security (CCS) 2017, pp. 259–276. ACM Press (2017). https://doi.org/10.1145/3133956.3133999

  47. Nordholt, P.S., Veeningen, M.: Minimising communication in honest-majority MPC by batchwise multiplication verification. In: International Conference on Applied Cryptography and Network Security (ACNS). LNCS, pp. 321–339. Springer (2018). https://doi.org/10.1007/978-3-319-93387-0_17

  48. Setty, S.: Spartan: efficient and general-purpose zkSNARKs without trusted setup. In: Advances in Cryptology-Crypto 2020, Part III. LNCS, pp. 704–737. Springer (2020). https://doi.org/10.1007/978-3-030-56877-1_25

  49. Wahby, R.S., Tzialla, I., shelat, a., Thaler, J., Walfish, M.: Doubly-efficient zkSNARKs without trusted setup. In: IEEE Symposium Security and Privacy 2018, pp. 926–943. IEEE (2018). https://doi.org/10.1109/SP.2018.00060

  50. Weng, C., Yang, K., Katz, J., Wang, X.: Wolverine: fast, scalable, and communication-efficient zero-knowledge proofs for boolean and arithmetic circuits. In: IEEE Symposium Security and Privacy 2021, pp. 1074–1091. IEEE (2021). https://doi.org/10.1109/SP40001.2021.00056

  51. Yang, K., Sarkar, P., Weng, C., Wang, X.: QuickSilver: efficient and affordable zero-knowledge proofs for circuits and polynomials over any field. In: ACM Conference on Computer and Communications Security (CCS) 2021, pp. 2986–3001. ACM Press (2021). https://doi.org/10.1145/3460120.3484556

  52. Yang, K., Wang, X.: Non-Interactive Zero-Knowledge Proofs to Multiple Verifiers. Cryptology ePrint Archive, Paper 2022/063 (2022). https://eprint.iacr.org/2022/063

  53. Zhang, J., et al.: Doubly efficient interactive proofs for general arithmetic circuits with linear prover time. In: ACM Conference on Computer and Communications Security (CCS) 2021, pp. 159–177. ACM Press (2021). https://doi.org/10.1145/3460120.3484767

  54. Zhang, J., Xie, T., Zhang, Y., Song, D.: Transparent polynomial delegation and its applications to zero knowledge proof. In: IEEE Symposium Security and Privacy 2020, pp. 859–876. IEEE (2020). https://doi.org/10.1109/SP40000.2020.00052

Download references

Acknowledgements

Work of Kang Yang is supported by the National Natural Science Foundation of China (Grant Nos. 62102037, 61932019). Work of Xiao Wang is supported in part by DARPA under Contract No. HR001120C0087, NSF award #2016240, and research awards from Meta, Google and PlatON Network. The views, opinions, and/or findings expressed are those of the author(s) and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government.

Author information

Authors and Affiliations

  1. State Key Laboratory of Cryptology, Beijing, China

    Kang Yang

  2. Northwestern University, Evanston, USA

    Xiao Wang

Authors
  1. Kang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kang Yang .

Editor information

Editors and Affiliations

  1. Indian Institute of Technology Madras, Chennai, India

    Shweta Agrawal

  2. Chinese Academy of Sciences, Beijing, China

    Dongdai Lin

Rights and permissions

Reprints and permissions

Copyright information

© 2022 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, K., Wang, X. (2022). Non-interactive Zero-Knowledge Proofs to Multiple Verifiers. In: Agrawal, S., Lin, D. (eds) Advances in Cryptology – ASIACRYPT 2022. ASIACRYPT 2022. Lecture Notes in Computer Science, vol 13793. Springer, Cham. https://doi.org/10.1007/978-3-031-22969-5_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-22969-5_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-22968-8

  • Online ISBN: 978-3-031-22969-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation