TY - GEN
T1 - LogRobin++
T2 - 30th Annual International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2024
AU - Hazay, Carmit
AU - Heath, David
AU - Kolesnikov, Vladimir
AU - Venkitasubramaniam, Muthuramakrishnan
AU - Yang, Yibin
N1 - This work is supported in part by Visa research award, Cisco research award, and NSF awards CNS-2246353, CNS-2246354, and CCF-2217070.
PY - 2025
Y1 - 2025
N2 - In the Zero-Knowledge Proof (ZKP) of a disjunctive statement, P and V agree on B fan-in 2 circuits C0,…,CB-1 over a field F; each circuit has nin inputs, n× multiplications, and one output. P ’s goal is to demonstrate the knowledge of a witness (id∈[B], w∈Fnin), s.t. Cid(w)=0 where neither w nor id is revealed. Disjunctive statements are effective, for example, in implementing ZKP based on sequential execution of CPU steps. This paper studies ZKP (of knowledge) protocols over disjunctive statements based on Vector OLE. Denoting by λ the statistical security parameter and let ρ≜max{log|F|,λ}, the previous state-of-the-art protocol Robin (Yang et al. CCS’23) required (nin+3n×)logF+O(ρB) bits of communication with O(1) rounds, and Mac′n′Cheese (Baum et al. CRYPTO’21) required (nin+n×)logF+2n×ρ+O(ρlogB) bits of communication with O(logB) rounds, both in the VOLE-hybrid model. Our novel protocol LogRobin++ achieves the same functionality at the cost of (nin+n×)logF+O(ρlogB) bits of communication with O(1) rounds in the VOLE-hybrid model. Crucially, LogRobin++ takes advantage of two new techniques – (1) an O(logB)-overhead approach to prove in ZK that an IT-MAC commitment vector contains a zero; and (2) the realization of VOLE-based ZK over a disjunctive statement, where P commits only to w and multiplication outputs of Cid(w) (as opposed to prior work where P commits to w and all three wires that are associated with each multiplication gate). We implemented LogRobin++ over Boolean (i.e., F2) and arithmetic (i.e., F261-1) fields. In our experiments, including the cost of generating VOLE correlations, LogRobin++ achieved up to 170× optimization over Robin in communication, resulting in up to 7× (resp. 3×) wall-clock time improvements in a WAN-like (resp. LAN-like) setting.
AB - In the Zero-Knowledge Proof (ZKP) of a disjunctive statement, P and V agree on B fan-in 2 circuits C0,…,CB-1 over a field F; each circuit has nin inputs, n× multiplications, and one output. P ’s goal is to demonstrate the knowledge of a witness (id∈[B], w∈Fnin), s.t. Cid(w)=0 where neither w nor id is revealed. Disjunctive statements are effective, for example, in implementing ZKP based on sequential execution of CPU steps. This paper studies ZKP (of knowledge) protocols over disjunctive statements based on Vector OLE. Denoting by λ the statistical security parameter and let ρ≜max{log|F|,λ}, the previous state-of-the-art protocol Robin (Yang et al. CCS’23) required (nin+3n×)logF+O(ρB) bits of communication with O(1) rounds, and Mac′n′Cheese (Baum et al. CRYPTO’21) required (nin+n×)logF+2n×ρ+O(ρlogB) bits of communication with O(logB) rounds, both in the VOLE-hybrid model. Our novel protocol LogRobin++ achieves the same functionality at the cost of (nin+n×)logF+O(ρlogB) bits of communication with O(1) rounds in the VOLE-hybrid model. Crucially, LogRobin++ takes advantage of two new techniques – (1) an O(logB)-overhead approach to prove in ZK that an IT-MAC commitment vector contains a zero; and (2) the realization of VOLE-based ZK over a disjunctive statement, where P commits only to w and multiplication outputs of Cid(w) (as opposed to prior work where P commits to w and all three wires that are associated with each multiplication gate). We implemented LogRobin++ over Boolean (i.e., F2) and arithmetic (i.e., F261-1) fields. In our experiments, including the cost of generating VOLE correlations, LogRobin++ achieved up to 170× optimization over Robin in communication, resulting in up to 7× (resp. 3×) wall-clock time improvements in a WAN-like (resp. LAN-like) setting.
KW - Disjunctions
KW - VOLE-Based ZK
KW - Zero-Knowledge
UR - http://www.scopus.com/inward/record.url?scp=85213380465&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85213380465&partnerID=8YFLogxK
U2 - 10.1007/978-981-96-0935-2_12
DO - 10.1007/978-981-96-0935-2_12
M3 - Conference contribution
AN - SCOPUS:85213380465
SN - 9789819609345
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 367
EP - 401
BT - Advances in Cryptology – ASIACRYPT 2024 - 30th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
A2 - Chung, Kai-Min
A2 - Sasaki, Yu
PB - Springer
Y2 - 9 December 2024 through 13 December 2024
ER -