Abstract
Zero-Knowledge protocols have increasingly become both popular and practical in recent years due to their applicability in many areas such as blockchain systems. Unfortunately, public verifiability and small proof sizes of zero-knowledge protocols currently come at the price of strong assumptions, large prover time, or both, when considering statements with millions of gates. In this regime, the most prover-efficient protocols are in the designated verifier setting, where proofs are only valid to a single party that must keep a secret state. In this work, we bridge this gap between designated-verifier proofs and public verifiability by distributing the verifier efficiently. Here, a set of verifiers can then verify a proof and, if a given threshold t of the n verifiers is honest and trusted, can act as guarantors for the validity of a statement. We achieve this while keeping the concrete efficiency of current designated-verifier proofs, and present constructions that have small concrete computation and communication cost. We present practical protocols in the setting of threshold verifiers with t<n/4 and t<n/3, for which we give performance figures, showcasing the efficiency of our approach.
Original language | English |
---|---|
Title of host publication | CCS'22 - Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security |
Number of pages | 14 |
Place of publication | New York |
Publisher | Association for Computing Machinery |
Publication date | Nov 2022 |
Pages | 293-306 |
ISBN (Electronic) | 9781450394505 |
DOIs | |
Publication status | Published - Nov 2022 |
Event | 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 - Los Angeles, United States Duration: 7 Nov 2022 → 11 Nov 2022 |
Conference
Conference | 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 |
---|---|
Country/Territory | United States |
City | Los Angeles |
Period | 07/11/2022 → 11/11/2022 |
Sponsor | ACM Special Interest Group on Security, Audit and Control (ACM SIGSAC) |
Keywords
- multi-party computation
- threshold cryptography
- zero-knowledge proofs