Unlocking the lookup singularity with Lasso
This paper introduces Lasso, a new family of lookup arguments, which allow an untrusted
prover to commit to a vector a∈ F m and prove that all entries of a reside in some …
prover to commit to a vector a∈ F m and prove that all entries of a reside in some …
[HTML][HTML] Proofs, arguments, and zero-knowledge
J Thaler - Foundations and Trends® in Privacy and Security, 2022 - nowpublishers.com
Interactive proofs (IPs) and arguments are cryptographic protocols that enable an untrusted
prover to provide a guarantee that it performed a requested computation correctly …
prover to provide a guarantee that it performed a requested computation correctly …
Jolt: Snarks for virtual machines via lookups
Abstract Succinct Non-interactive Arguments of Knowledge (SNARKs) allow an untrusted
prover to establish that it correctly ran some “witness-checking procedure” on a witness. A …
prover to establish that it correctly ran some “witness-checking procedure” on a witness. A …
Customizable constraint systems for succinct arguments
This paper introduces customizable constraint system (CCS), a generalization of R1CS that
can simultaneously capture R1CS, Plonkish, and AIR without overheads. Unlike existing …
can simultaneously capture R1CS, Plonkish, and AIR without overheads. Unlike existing …
Proofs for inner pairing products and applications
We present a generalized inner product argument and demonstrate its applications to
pairing-based languages. We apply our generalized argument to prove that an inner pairing …
pairing-based languages. We apply our generalized argument to prove that an inner pairing …
Time-and space-efficient arguments from groups of unknown order
We construct public-coin time-and space-efficient zero-knowledge arguments for NP NP. For
every time T and space S non-deterministic RAM computation, the prover runs in time T ⋅ …
every time T and space S non-deterministic RAM computation, the prover runs in time T ⋅ …
HyperNova: Recursive arguments for customizable constraint systems
A Kothapalli, S Setty - Cryptology ePrint Archive, 2023 - eprint.iacr.org
This paper introduces HyperNova, a recursive argument for proving incremental
computations whose steps are expressed with CCS (Setty et al. ePrint 2023/552), a …
computations whose steps are expressed with CCS (Setty et al. ePrint 2023/552), a …
SuperNova: Proving universal machine executions without universal circuits
A Kothapalli, S Setty - Cryptology ePrint Archive, 2022 - eprint.iacr.org
This paper introduces SuperNova, a new recursive proof system for incrementally producing
succinct proofs of correct execution of programs on a stateful machine with a particular …
succinct proofs of correct execution of programs on a stateful machine with a particular …
[PDF][PDF] Brakedown: Linear-time and post-quantum SNARKs for R1CS.
This paper introduces Brakedown, 1 the first built system that provides linear-time SNARKs
for NP, meaning the prover incurs O (N) finite field operations to prove the satisfiability of an …
for NP, meaning the prover incurs O (N) finite field operations to prove the satisfiability of an …
Gemini: Elastic SNARKs for diverse environments
We introduce a new class of succinct arguments, that we call elastic. Elastic SNARKs allow
the prover to allocate different resources (such as memory and time) depending on the …
the prover to allocate different resources (such as memory and time) depending on the …