Cryptology ePrint Archive: Report 2019/458

Starkad and Poseidon: New Hash Functions for Zero Knowledge Proof Systems

Lorenzo Grassi and Daniel Kales and Dmitry Khovratovich and Arnab Roy and Christian Rechberger and Markus Schofnegger

Abstract: The area of practical proof systems, like SNARKs, STARKs, or Bulletproofs, is seeing a very dynamic development. Many use-cases of such systems involve, often as their most expensive apart, proving the knowledge of a preimage under a certain cryptographic hash function.

In this paper we present a modular framework and concrete instances of cryptographic hash functions which either work natively with GF(p) objects or on binary strings. Compared to competitors, our hash function Poseidon uses up to 8x fewer constraints per message bit compared to Pedersen Hash, whereas our STARK-friendly hash Starkad takes wins the factor of 4 over the hash function Friday by using a much smaller field.

Category / Keywords: cryptographic protocols / snark, stark, bulletproofs, hash, zkp

Date: received 6 May 2019, last revised 10 May 2019

Contact author: khovratovich at gmail com,arnab roy@bristol ac uk,christian rechberger@iaik tugraz at,lorenzo grassi@iaik tugraz at,daniel kales@iaik tugraz at,markus schofnegger@iaik tugraz at

Available format(s): PDF | BibTeX Citation

Version: 20190510:195517 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]