Concretely Efficient Lattice-based Polynomial Commitment from Standard Assumptions

Paper 2024/306

Concretely Efficient Lattice-based Polynomial Commitment from Standard Assumptions

Intak Hwang, Seoul National University
Jinyeong Seo, Seoul National University
Yongsoo Song, Seoul National University
Abstract

Polynomial commitment is a crucial cryptographic primitive in constructing zkSNARKs. Most practical constructions to date are either vulnerable against quantum adversaries or lack homomorphic properties, which are essential for recursive proof composition and proof batching. Recently, lattice-based constructions have drawn attention for their potential to achieve all the desirable properties, though they often suffer from concrete inefficiency or rely on newly introduced assumptions requiring further cryptanalysis. In this paper, we propose a novel construction of a polynomial commitment scheme based on standard lattice-based assumptions. Our scheme achieves a square-root proof size and verification complexity, ensuring concrete efficiency in proof size, proof generation, and verification. Additionally, it features a transparent setup and publicly verifiability. When compared with Brakedown (CRYPTO 2023), a recent code-based construction, our scheme offers comparable performance across all metrics. Furthermore, its proof size is approximately 4.1 times smaller than SLAP (EUROCRYPT 2024), a recent lattice-based construction.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in CRYPTO 2024
Keywords
Polynomial CommitmentLatticeZero-Knowledge
Contact author(s)
intak hwang @ snu ac kr
jinyeong seo @ snu ac kr
y song @ snu ac kr
History
2024-06-01: revised
2024-02-23: received
See all versions
Short URL
https://ia.cr/2024/306
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/306,
      author = {Intak Hwang and Jinyeong Seo and Yongsoo Song},
      title = {Concretely Efficient Lattice-based Polynomial Commitment from Standard Assumptions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/306},
      year = {2024},
      url = {https://eprint.iacr.org/2024/306}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.