**On Publicly Verifiable Delegation From Standard Assumptions**

*Yael Kalai and Omer Paneth and Lisa Yang *

**Abstract: **We construct a publicly verifiable non-interactive delegation scheme for log-space uniform bounded depth computations in the common reference string (CRS) model, where the CRS is long (as long as the time it takes to do the computation).

The soundness of our scheme relies on the assumption that there exists a group with a bilinear map, such that given group elements $g,h,h^t,h^{t^2},$ it is hard to output $g^a,g^b,g^c$ and $h^a,h^b,h^c$ such that $a \cdot t^2 + b \cdot t + c = 0$, but $a,b,c$ are not all zero.

Previously, such a result was only known under knowledge assumptions (or in the Random Oracle model), or under non-standard assumptions related to obfuscation or zero-testable homomorphic encryption.

We obtain our result by converting the interactive delegation scheme of Goldwasser, Kalai and Rothblum (J. ACM 2015) into a publicly verifiable non-interactive one. As a stepping stone, we give a publicly verifiable non-interactive version of the sum-check protocol of Lund, Fortnow, Karloff, Nisan (J. ACM 1992).

**Category / Keywords: **

**Date: **received 24 Aug 2018

**Contact author: **omerpa at gmail com

**Available format(s): **PDF | BibTeX Citation

**Version: **20180827:141453 (All versions of this report)

**Short URL: **ia.cr/2018/776

[ Cryptology ePrint archive ]