Paper 2025/517

Designated-Verifier SNARGs with One Group Element

Gal Arnon, Weizmann Institute of Science, Bar-Ilan University
Jesko Dujmovic, Helmholtz Center for Information Security, Saarland University
Yuval Ishai, Technion – Israel Institute of Technology, Amazon Web Services
Abstract

We revisit the question of minimizing the proof length of designated-verifier succinct non-interactive arguments (dv-SNARGs) in the generic group model. Barta et al. (Crypto 2020) constructed such dv-SNARGs with inverse-polynomial soundness in which the proof consists of only two group elements. For negligible soundness, all previous constructions required a super-constant number of group elements. We show that one group element suffices for negligible soundness. Concretely, we obtain dv-SNARGs (in fact, dv-SNARKs) with soundness where proofs consist of one element of a generic group and additional bits. In particular, the proof length in group elements is constant even with soundness error. In more concrete terms, compared to the best known SNARGs using bilinear groups, we get dv-SNARGs with roughly x shorter proofs (with soundness at a -bit security level). We are not aware of any practically feasible proof systems that achieve similar succinctness, even fully interactive or heuristic ones. Our technical approach is based on a novel combination of techniques for trapdoor hash functions and group-based homomorphic secret sharing with linear multi-prover interactive proofs.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
succinct argumentsSNARGsgeneric group model
Contact author(s)
galarnon42 @ gmail com
jesko dujmovic @ cispa de
yuvali @ cs technion ac il
History
2025-03-21: approved
2025-03-19: received
See all versions
Short URL
https://ia.cr/2025/517
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/517,
      author = {Gal Arnon and Jesko Dujmovic and Yuval Ishai},
      title = {Designated-Verifier {SNARGs} with One Group Element},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/517},
      year = {2025},
      url = {https://eprint.iacr.org/2025/517}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.