Paper 2024/306
Concretely Efficient Lattice-based Polynomial Commitment from Standard Assumptions
Abstract
Polynomial commitment is a crucial cryptographic primitive in constructing zkSNARKs. To date, most practical constructions are either insecure against quantum adversaries or lack homomorphic properties, which are useful in recursive compositions of SNARKs. Recently, lattice-based constructions from functional commitments have drawn attention for possessing all the desirable properties, but they yet lack concrete efficiency, and their extractability, which is essential for SNARKs, requires further analysis. In this paper, we propose a novel construction of an extractable polynomial commitment scheme based on standard lattice-based assumptions, which is transparent and publicly verifiable. Our polynomial commitment has a square-root proof size and verification complexity, but it provides concrete efficiency in proof size, proof generation, and verification. When compared with the recent code-based construction based on Brakedown (CRYPTO 23), our construction provides comparable performance in all aspects.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Polynomial CommitmentLatticeZero-Knowledge
- Contact author(s)
-
intak hwang @ snu ac kr
jinyeong seo @ snu ac kr
y song @ snu ac kr - History
- 2024-02-26: approved
- 2024-02-23: received
- See all versions
- Short URL
- https://ia.cr/2024/306
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/306, author = {Intak Hwang and Jinyeong Seo and Yongsoo Song}, title = {Concretely Efficient Lattice-based Polynomial Commitment from Standard Assumptions}, howpublished = {Cryptology ePrint Archive, Paper 2024/306}, year = {2024}, note = {\url{https://eprint.iacr.org/2024/306}}, url = {https://eprint.iacr.org/2024/306} }