Paper 2023/1045
The XHash Family for ZK-Friendly Hash Functions
Abstract
Zero-knowledge proofs are widely used in real-world applications, such as authentication, access control, blockchains, and cryptocurrencies. The underlying hash function is a core element in these zero-knowledge proof systems, and it plays a vital role in its efficiency. While traditional hash functions, such as SHA3 or BLAKE, are efficient on CPU architectures, they perform poorly within proof systems. This is primarily because these systems require functions that operate efficiently over finite fields, without mixing operations from different algebras. To address this challenge, a new paradigm called Arithmetization-Orientation has emerged. These designs are tailored for efficiency within proof systems while providing reliable security guarantees. Several such hash functions have been proposed, many have been successfully targeted by algebraic attacks or fail to provide optimal performances. In this work, we provide a new framework to design such hash functions that prevent these attacks and allow a highly efficient implementation in various proof systems. To this end, we combine the Marvellous design strategy with a new type of S-boxes and propose a new security argument against algebraic attacks that relies on a single well-defined and reasonable conjecture of a novel type. Using these techniques in the framework, we construct four new hash functions, XHash12-Goldilocks, XHash8-Goldilocks, XHash24-M31, and XHash16-M31. These high-performance hash functions are designed for ZK-STARKs and Circle-STARKs.
Note: Two new hash functions are added. Add a new coauthor to the paper.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Preprint.
- Keywords
- Zero-knowledgeArithmetization-OrientedHash functionsXHashGoldilocks primeMersenne primeCircle STARKsAlgebraic Attacks
- Contact author(s)
-
tomer @ 3milabs tech
amitsingh bhati @ 3milabs tech
al-kindi-0 @ protonmail com
mairon mahzoun @ 3milabs tech
perrin leo @ gmail com
sundas tariq @ 3milabs tech - History
- 2026-05-11: last of 6 revisions
- 2023-07-04: received
- See all versions
- Short URL
- https://ia.cr/2023/1045
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1045,
author = {Tomer Ashur and Amit Singh Bhati and Al Kindi and Mohammad Mahzoun and Léo Perrin and Sundas Tariq},
title = {The {XHash} Family for {ZK}-Friendly Hash Functions},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/1045},
year = {2023},
url = {https://eprint.iacr.org/2023/1045}
}