Efficient NIZKs for Algebraic Sets

Geoffroy Couteau; Helger Lipmaa; Roberto Parisella; Arne Tobias Ødegaard

Paper 2021/1251

Efficient NIZKs for Algebraic Sets

Geoffroy Couteau, Centre National de la Recherche Scientifique, IRIF, Paris, France

Helger Lipmaa

, Simula UiB, Bergen, Norway

Roberto Parisella, Simula UiB, Bergen, Norway

Arne Tobias Ødegaard, Simula UiB, Bergen, Norway

Abstract

Significantly extending the framework of (Couteau and Hartmann, Crypto 2020), we propose a general methodology to construct NIZKs for showing that an encrypted vector belongs to an algebraic set, i.e., is in the zero locus of an ideal of a polynomial ring. In the case where is principal, i.e., generated by a single polynomial , we first construct a matrix that is a ``quasideterminantal representation'' of and then a NIZK argument to show that . This leads to compact NIZKs for general computational structures, such as polynomial-size algebraic branching programs. We extend the framework to the case where is non-principal, obtaining efficient NIZKs for R1CS, arithmetic constraint satisfaction systems, and thus for . As an independent result, we explicitly describe the corresponding language of ciphertexts as an algebraic language, with smaller parameters than in previous constructions that were based on the disjunction of algebraic languages. This results in an efficient GL-SPHF for algebraic branching programs.

Note: Published in Asiacrypt 2021. This version includes additional references, all proofs, and several appendices03 October 2021: Replaced some [?] with missing references 08.01.2022: Minor revision. The conference version had several small typos but also a more global inconsistency about the notation of tensor products. We corrected it in this update. 09.02.2022: Another minor revision. (Some more typos.)

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: A major revision of an IACR publication in ASIACRYPT 2021
Keywords: Algebraic branching programs algebraic languages algebraic sets NIZK pairing-based cryptography SPHF zero knowledge
Contact author(s): couteau @ irif fr
helger lipmaa @ gmail com
robertoparisella @ hotmail it
arne tobias @ gmail com
History: 2023-02-11: last of 4 revisions; 2021-09-20: received; See all versions
Short URL: https://ia.cr/2021/1251
License: CC BY

BibTeX

@misc{cryptoeprint:2021/1251,
      author = {Geoffroy Couteau and Helger Lipmaa and Roberto Parisella and Arne Tobias Ødegaard},
      title = {Efficient {NIZKs} for Algebraic Sets},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1251},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1251}
}