STUDY SPACE
On the Size of Pairing-Based Non-interactive Arguments

On the Size of Pairing-Based Non-interactive Arguments

2016 | Jens Groth
This paper presents a pairing-based non-interactive zero-knowledge argument (NIZK) for arithmetic circuit satisfiability, which is an NP-complete language. The argument consists of only 3 group elements and is easy to verify. The verification process involves checking a single pairing product equation using 3 pairings. The argument is zero-knowledge and does not reveal anything about the witness used by the prover. The paper also addresses an open question regarding linear interactive proofs (LIPs) and shows that linear interactive proofs cannot have a linear decision procedure. This result implies that pairing-based SNARKs cannot consist of a single group element. This provides the first lower bound for pairing-based SNARKs. The paper also discusses the efficiency of pairing-based SNARKs and their applications in verifiable computation. The paper introduces a new approach to constructing pairing-based SNARKs by using linear interactive proofs (LIPs) and converting them into SNARKs using pairing-based cryptography. The LIP is designed to be efficient, with the prover only sending 3 field elements. The paper also discusses the efficiency of different types of pairings, including symmetric and asymmetric pairings, and shows that asymmetric pairings are more efficient. The paper also discusses the theoretical foundations of SNARKs, including their relation to linear interactive proofs and the security assumptions required for their construction. The paper provides a detailed construction of a pairing-based SNARK for quadratic arithmetic programs, which are a generalization of arithmetic circuits. The construction involves a common reference string (CRS) and a proof that consists of 3 group elements. The verification process involves checking a single pairing product equation using 3 pairings. The paper also discusses the efficiency of the proposed SNARK, comparing it to existing constructions in terms of the size of the common reference string, the size of the proof, the prover's computation, the verifier's computation, and the number of pairing product equations used to verify a proof. The proposed SNARK is more efficient than existing constructions in all efficiency parameters. The paper also discusses the lower bounds for pairing-based SNARKs and shows that pairing-based SNARKs with a single group element proof cannot exist. This result is related to an open question regarding linear interactive proofs and provides a new lower bound for pairing-based SNARKs. The paper also discusses the implications of this result for the design of SNARKs and the efficiency of verifiable computation.This paper presents a pairing-based non-interactive zero-knowledge argument (NIZK) for arithmetic circuit satisfiability, which is an NP-complete language. The argument consists of only 3 group elements and is easy to verify. The verification process involves checking a single pairing product equation using 3 pairings. The argument is zero-knowledge and does not reveal anything about the witness used by the prover. The paper also addresses an open question regarding linear interactive proofs (LIPs) and shows that linear interactive proofs cannot have a linear decision procedure. This result implies that pairing-based SNARKs cannot consist of a single group element. This provides the first lower bound for pairing-based SNARKs. The paper also discusses the efficiency of pairing-based SNARKs and their applications in verifiable computation. The paper introduces a new approach to constructing pairing-based SNARKs by using linear interactive proofs (LIPs) and converting them into SNARKs using pairing-based cryptography. The LIP is designed to be efficient, with the prover only sending 3 field elements. The paper also discusses the efficiency of different types of pairings, including symmetric and asymmetric pairings, and shows that asymmetric pairings are more efficient. The paper also discusses the theoretical foundations of SNARKs, including their relation to linear interactive proofs and the security assumptions required for their construction. The paper provides a detailed construction of a pairing-based SNARK for quadratic arithmetic programs, which are a generalization of arithmetic circuits. The construction involves a common reference string (CRS) and a proof that consists of 3 group elements. The verification process involves checking a single pairing product equation using 3 pairings. The paper also discusses the efficiency of the proposed SNARK, comparing it to existing constructions in terms of the size of the common reference string, the size of the proof, the prover's computation, the verifier's computation, and the number of pairing product equations used to verify a proof. The proposed SNARK is more efficient than existing constructions in all efficiency parameters. The paper also discusses the lower bounds for pairing-based SNARKs and shows that pairing-based SNARKs with a single group element proof cannot exist. This result is related to an open question regarding linear interactive proofs and provides a new lower bound for pairing-based SNARKs. The paper also discusses the implications of this result for the design of SNARKs and the efficiency of verifiable computation.
Terms of Service
Privacy Policy
Reach us at info@study.space