Efficient ZeroKnowledge Arguments from TwoTiered Homomorphic Commitments Jens
- Slides: 21
Efficient Zero-Knowledge Arguments from Two-Tiered Homomorphic Commitments Jens Groth University College London
Zero-knowledge argument Zero-knowledge: Nothing but truth revealed; witness remains secret Prover Soundness: Statement is true Verifier
Statements •
Results Circuit with N gates Rounds Cramer et al. 1994 3 Groth 2009 5 This paper 7 Range proof [0; 2 N) Rounds Cramer et al. 1994 3 Camenisch et al. 2008 3 This paper 7 Prover Verifier Comm.
Two-tiered commitments •
Pedersen commitment •
Commitments to vectors •
Bilinear groups •
Commitments to vectors of group elements •
Homomorphic property •
Commitments to commitments •
Two-tiered homomorphic commitments •
Range proof •
Range proof for [0; 2 N) •
Commitments to the bits •
Evaluating committed polynomials •
Proving bits are 0 or 1 •
Range proof conclusion •
Efficiency •
Circuit satisfiability •
Summary • Two-tiered homomorphic commitments give us efficient zero-knowledge arguments Circuit with N gates Rounds Cramer et al. 1994 3 Groth 2009 5 This paper 7 Range proof [0; 2 N) Rounds Cramer et al. 1994 3 Camenisch et al. 2008 3 This paper 7 Prover Verifier Comm.
Productive inefficiency and allocative inefficiency
Allocative efficiency
Productively efficient vs allocatively efficient
Allocative efficiency vs productive efficiency
Productively efficient vs allocatively efficient
Core commitments for children
Unauthorized committment
Sanctuary 7 commitments
Entry strategy and strategic alliances
Functional encryption
Ibm fully homomorphic
Homomorphic encryption
Craig gentry homomorphic encryption
Homomorphic encryption
Somewhat homomorphic encryption
Homomorphic encryption standard
Homomorphic filtering block diagram
Homomorphic encryption tutorial
Practical homomorphic encryption
Homomorphic encryption tutorial
Craig gentry homomorphic encryption
Gsw homomorphic encryption
