The Tip5 Hash Function for Recursive STARKs

Alan Szepieniec; Alexander Lemmens; Jan Ferdinand Sauer; Bobbin Threadbare; Al-Kindi

Paper 2023/107

The Tip5 Hash Function for Recursive STARKs

Alan Szepieniec, Neptune

Alexander Lemmens, DIMA, Vrije Universiteit Brussel

Jan Ferdinand Sauer, Neptune

Bobbin Threadbare, Polygon

Al-Kindi, Polygon

Abstract

This paper specifies a new arithmetization-oriented hash function called Tip5. It uses the SHARK design strategy with low-degree power maps in combination with lookup tables, and is tailored to the field with $p=2^{64}-2^{32}+1$ elements. The context motivating this design is the recursive verification of STARKs. This context imposes particular design constraints, and therefore the hash function's arithmetization is discussed at length.

Note: - add credit

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Preprint.
Keywords: hash stark arithmetization-oriented zero-knowledge recursion
Contact author(s): alan @ neptune cash
Alexander Lemmens @ vub be
ferdinand @ neptune cash
bobbinth @ protonmail com
al-kindi-0 @ protonmail com
History: 2023-07-20: last of 3 revisions; 2023-01-27: received; See all versions
Short URL: https://ia.cr/2023/107
License: CC BY

BibTeX

@misc{cryptoeprint:2023/107,
      author = {Alan Szepieniec and Alexander Lemmens and Jan Ferdinand Sauer and Bobbin Threadbare and Al-Kindi},
      title = {The Tip5 Hash Function for Recursive {STARKs}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/107},
      year = {2023},
      url = {https://eprint.iacr.org/2023/107}
}