Our starting point is a transparent inner product commitment scheme with constant-sized proofs and linear verification. We build on this to construct a polynomial commitment scheme with constant size evaluation proofs and logarithmic (in the degree of the polynomial) verification time. Our constructions makes use of groups of unknown order instantiated by class groups. We prove security of our construction in the Generic Group Model (GGM). Using our polynomial commitment scheme to compile an information-theoretic proof system yields Dew - a transparent and constant-sized zkSNARK (Zero-knowledge Succinct Non-interactive ARguments of Knowledge) with logarithmic verification.
Finally, we show how to recover the result of DARK (Bünz et al., Eurocrypt 2020). DARK presented a succinct transparent polynomial commitment scheme with logarithmic proof size and verification. However, it was recently discovered to have a gap in its security proof (Block et al, CRYPTO 2021). We recover its extractability based on our polynomial commitment construction, thus obtaining a transparent polynomial commitment scheme with logarithmic proof size and verification under same assumptions as DARK.
Category / Keywords: cryptographic protocols / zero knowledge, SNARKs, class groups Date: received 1 Apr 2022, last revised 15 May 2022 Contact author: arasu at nyu edu, chaya at iisc ac in, satya at microsoft com, tusharmopuri at iisc ac in, srirams at berkeley edu Available format(s): PDF | BibTeX Citation Version: 20220515:104129 (All versions of this report) Short URL: ia.cr/2022/419