Commitments and efficient zero-knowledge proofs from learning parity with noise

87Citations
Citations of this article
43Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We construct a perfectly binding string commitment scheme whose security is based on the learning parity with noise (LPN) assumption, or equivalently, the hardness of decoding random linear codes. Our scheme not only allows for a simple and efficient zero-knowledge proof of knowledge for committed values (essentially a Σ-protocol), but also for such proofs showing any kind of relation amongst committed values, i.e., proving that messages m0, . . . , mu, are such that m0 = C(m1, . . . , mu) for any circuit C. To get soundness which is exponentially small in a security parameter t, and when the zero-knowledge property relies on the LPN problem with secrets of length ℓ, our 3 round protocol has communication complexity O(t|C|ℓlog(ℓ)) and computational complexity of O(t|C|ℓ) bit operations. The hidden constants are small, and the computation consists mostly of computing inner products of bit-vectors. © International Association for Cryptologic Research 2012.

Cite

CITATION STYLE

APA

Jain, A., Krenn, S., Pietrzak, K., & Tentes, A. (2012). Commitments and efficient zero-knowledge proofs from learning parity with noise. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7658 LNCS, pp. 663–680). https://doi.org/10.1007/978-3-642-34961-4_40

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free