Paper 2018/046

Scalable, transparent, and post-quantum secure computational integrity

Eli Ben-Sasson, Iddo Bentov, Yinon Horesh, and Michael Riabzev

Abstract

Human dignity demands that personal information, like medical and forensic data, be hidden from the public. But veils of secrecy designed to preserve privacy may also be abused to cover up lies and deceit by parties entrusted with Data, unjustly harming citizens and eroding trust in central institutions. Zero knowledge (ZK) proof systems are an ingenious cryptographic solution to the tension between the ideals of personal privacy and institutional integrity, enforcing the latter in a way that does not compromise the former. Public trust demands transparency from ZK systems, meaning they be set up with no reliance on any trusted party, and have no trapdoors that could be exploited by powerful parties to bear false witness. For ZK systems to be used with Big Data, it is imperative that the public verification process scale sublinearly in data size. Transparent ZK proofs that can be verified exponentially faster than data size were first described in the 1990s but early constructions were impractical, and no ZK system realized thus far in code (including that used by crypto-currencies like Zcash) has achieved both transparency and exponential verification speedup, simultaneously, for general computations. Here we report the first realization of a transparent ZK system (ZK-STARK) in which verification scales exponentially faster than database size, and moreover, this exponential speedup in verification is observed concretely for meaningful and sequential computations, described next. Our system uses several recent advances on interactive oracle proofs (IOP), such as a “fast” (linear time) IOP system for error correcting codes. Our proof-of-concept system allows the Police to prove to the public that the DNA profile of a Presidential Candidate does not appear in the forensic DNA profile database maintained by the Police. The proof, which is generated by the Police, relies on no external trusted party, and reveals no further information about the contents of the database, nor about the candidate’s profile; in particular, no DNA information is disclosed to any party outside the Police. The proof is shorter than the size of the DNA database, and verified faster than the time needed to examine that database naively.

Note: Added measurements of comparison to Ligero system in Figure 3.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
zero knowledgecomputational integrityblockchainsinteractive proofsinteractive oracle proofs
Contact author(s)
eli @ cs technion ac il
History
2018-03-06: last of 4 revisions
2018-01-10: received
See all versions
Short URL
https://ia.cr/2018/046
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/046,
      author = {Eli Ben-Sasson and Iddo Bentov and Yinon Horesh and Michael Riabzev},
      title = {Scalable, transparent, and post-quantum secure computational integrity},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/046},
      year = {2018},
      url = {https://eprint.iacr.org/2018/046}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.