Abstract
Interactive Oracle Proofs (IOPs) allow a probabilistic verifier interacting with a prover to verify the validity of an NP statement while reading only few bits from the prover messages. IOPs generalize standard Probabilistically-Checkable Proofs (PCPs) to the interactive setting, and in the few years since their introduction have already exhibited major improvements in main parameters of interest (such as the proof length and prover and verifier running times), which in turn led to significant improvements in constructions of succinct arguments. Zero-Knowledge (ZK) IOPs additionally guarantee that the view of any query-bounded (possibly malicious) verifier can be efficiently simulated. ZK-IOPs are the main building block of succinct ZK arguments which use the underlying cryptographic object (e.g., a collision-resistant hash function) as a black box. In this work, we construct the first ZK-IOPs approaching the witness length for a natural NP problem. More specifically, we design constant-query and constant-round IOPs for 3SAT in which the total communication is (1+γ)m, where m is the number of variables and γ>0 is an arbitrarily small constant, and ZK holds against verifiers querying mβ bits from the prover’s messages, for a constant β>0. This gives a ZK variant of a recent result of Ron-Zewi and Rothblum (FOCS ‘20), who construct (non-ZK) IOPs approaching the witness length for a large class of NP languages. Previous constructions of ZK-IOPs incurred an (unspecified) large constant multiplicative overhead in the proof length, even when restricting to ZK against the honest verifier. We obtain our ZK-IOPs by improving the two main building blocks underlying most ZK-IOP constructions, namely ZK codes and ZK-IOPs for sumcheck. More specifically, we give the first ZK-IOPs for sumcheck that achieve both sublinear communication for sumchecking a general tensor code, and a ZK guarantee. We also show a strong ZK preservation property for tensors of ZK codes, which extends a recent result of Bootle, Chiesa, and Liu (EC ‘22). Given the central role of these objects in designing ZK-IOPs, these results might be of independent interest.
Original language | English |
---|---|
Title of host publication | Advances in Cryptology – CRYPTO 2024 - 44th Annual International Cryptology Conference, Proceedings |
Editors | Leonid Reyzin, Douglas Stebila |
Publisher | Springer Science and Business Media Deutschland GmbH |
Pages | 105-137 |
Number of pages | 33 |
ISBN (Print) | 9783031684029 |
DOIs | |
State | Published - 2024 |
Event | 44th Annual International Cryptology Conference, CRYPTO 2024 - Santa Barbara, United States Duration: 18 Aug 2024 → 22 Aug 2024 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 14929 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 44th Annual International Cryptology Conference, CRYPTO 2024 |
---|---|
Country/Territory | United States |
City | Santa Barbara |
Period | 18/08/24 → 22/08/24 |
Bibliographical note
Publisher Copyright:© International Association for Cryptologic Research 2024.
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science