Paper 2022/1470

Casting out Primes: Bignum Arithmetic for Zero-Knowledge Proofs

Daniel Lubarov, Polygon Zero
Jordi Baylina Melé, Polygon Hermez
Abstract

We describe a nondeterministic method for bignum arithmetic. It is inspired by the "casting out nines" technique, where some identity is checked modulo 9, providing a probabilistic result. More generally, we might check that some identity holds under a set of moduli, i.e. $f(\vec{x}) = 0 \mod m_i$ for each $m_i \in M$. Then $\DeclareMathOperator{\lcm}{lcm} f(\vec{x}) = 0 \mod \lcm(M)$, and if we know $|f(\vec{x})| < \lcm(M)$, it follows that $f(\vec{x}) = 0$. We show how to perform such small-modulus checks efficiently, for certain $f(\vec{x})$ such as bignum multiplication. We focus on the cost model of zero-knowledge proof systems, which support field arithmetic and range checks as native operations.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
zero-knowledge SNARK bignum
Contact author(s)
daniel @ lubarov com
jordi @ baylina cat
History
2022-10-27: approved
2022-10-27: received
See all versions
Short URL
https://ia.cr/2022/1470
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1470,
      author = {Daniel Lubarov and Jordi Baylina Melé},
      title = {Casting out Primes: Bignum Arithmetic for Zero-Knowledge Proofs},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1470},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1470}},
      url = {https://eprint.iacr.org/2022/1470}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.