Paper 2018/046
Scalable, transparent, and post-quantum secure computational integrity
Eli Ben-Sasson, Iddo Bentov, Yinon Horesh, and Michael Riabzev
Abstract
Human dignity demands that personal information, like medical and forensic data, be hidden from the public. But veils of secrecy designed to preserve privacy may also be abused to cover up lies and deceit by parties entrusted with Data, unjustly harming citizens and eroding trust in central institutions. Zero knowledge (ZK) proof systems are an ingenious cryptographic solution to the tension between the ideals of personal privacy and institutional integrity, enforcing the latter in a way that does not compromise the former. Public trust demands transparency from ZK systems, meaning they be set up with no reliance on any trusted party, and have no trapdoors that could be exploited by powerful parties to bear false witness. For ZK systems to be used with Big Data, it is imperative that the public verification process scale sublinearly in data size. Transparent ZK proofs that can be verified exponentially faster than data size were first described in the 1990s but early constructions were impractical, and no ZK system realized thus far in code (including that used by crypto-currencies like Zcash) has achieved both transparency and exponential verification speedup, simultaneously, for general computations. Here we report the first realization of a transparent ZK system (ZK-STARK) in which verification scales exponentially faster than database size, and moreover, this exponential speedup in verification is observed concretely for meaningful and sequential computations, described next. Our system uses several recent advances on interactive oracle proofs (IOP), such as a “fast” (linear time) IOP system for error correcting codes. Our proof-of-concept system allows the Police to prove to the public that the DNA profile of a Presidential Candidate does not appear in the forensic DNA profile database maintained by the Police. The proof, which is generated by the Police, relies on no external trusted party, and reveals no further information about the contents of the database, nor about the candidate’s profile; in particular, no DNA information is disclosed to any party outside the Police. The proof is shorter than the size of the DNA database, and verified faster than the time needed to examine that database naively.
Note: Added measurements of comparison to Ligero system in Figure 3.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- zero knowledgecomputational integrityblockchainsinteractive proofsinteractive oracle proofs
- Contact author(s)
- eli @ cs technion ac il
- History
- 2018-03-06: last of 4 revisions
- 2018-01-10: received
- See all versions
- Short URL
- https://ia.cr/2018/046
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/046, author = {Eli Ben-Sasson and Iddo Bentov and Yinon Horesh and Michael Riabzev}, title = {Scalable, transparent, and post-quantum secure computational integrity}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/046}, year = {2018}, url = {https://eprint.iacr.org/2018/046} }