Zero-knowledge proofs for set membership: efficient, succinct, modular

【Author】 Benarroch, Daniel; Campanelli, Matteo; Fiore, Dario; Gurkan, Kobi; Kolonelos, Dimitris

【Source】DESIGNS CODES AND CRYPTOGRAPHY

【影响因子】1.397

【Abstract】We consider the problem of proving in zero knowledge that an element of a public set satisfies a given property without disclosing the element, i.e., for some u, "u is an element of S and P(u) holds". This problem arises in many applications (anonymous cryptocurrencies, credentials or whitelists) where, for privacy or anonymity reasons, it is crucial to hide certain data while ensuring properties of such data. We design new modular and efficient constructions for this problem through new commit-and-prove zero-knowledge systems for set membership, i.e. schemes proving u is an element of S for a value u that is in a public commitment c(u). We also extend our results to support non-membership proofs, i.e. proving u is not an element of S. Being commit-and-prove, our solutions can act as plug-and-play modules in statements of the form "u is an element of S and P(u) holds" by combining our set (non-)membership systems with any other commit-and-prove scheme for P(u). Also, they work with Pedersen commitments over prime order groups which makes them compatible with popular systems such as Bulletproofs or Groth16. We implemented our schemes as a software library, and tested experimentally their performance. Compared to previouswork that achieves similar properties-the clever techniques combining zkSNARKs and Merkle Trees in Zcash-our solutions offer more flexibility, shorter public parameters and 3.7x-30x faster proving time for a set of size 2(64).

【Keywords】Public-key cryptography; Zero-knowledge proofs; Applications

【发表时间】2023 2023 JUL 1

【收录时间】2023-08-13

【文献类型】实验仿真

【主题类别】

区块链技术-协同技术-零知识证明