Recent works on lattice-based extractable polynomial commitments can be grouped into two classes: (i) non-interactive constructions that stem from the functional commitment by Albrecht, Cini, Lai, Malavolta and Thyagarajan (CRYPTO 2022), and (ii) lattice adaptations of the Bulletproofs protocol (S&P 2018). The former class enjoys security in the standard model, albeit a knowledge assumption is desired. In contrast, Bulletproof-like protocols can be made secure under falsifiable assumptions, but due to technical limitations regarding subtractive sets, they only offer inverse-polynomial soundness error. This issue becomes particularly problematic when transforming these protocols to the non-interactive setting using the Fiat-Shamir paradigm. ...
Today\u27s most compact zero-knowledge arguments are based on the hardness of the discrete logarithm...
Commitment schemes are among cryptography's most important building blocks. Besides their basic prop...
We introduce an efficient SNARK for towers of binary fields. Adapting Brakedown (CRYPTO \u2723), we ...
Vector commitment schemes allow a user to commit to a vector of values $\mathbf{x} \in \{0,1\}^\ell$...
Succinct arguments allow a prover to convince a verifier of the validity of any statement in a langu...
A functional commitment allows a user to commit to an input $\mathbf{x} \in \{0,1\}^\ell$ and later ...
This PhD thesis is about practical lattice-based zero-knowledge proof systems. We construct protocol...
Interactive Oracle Proof of Proximity (IOPPs) are a powerful tool for constructing succinct non-inte...
We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations ...
International audienceWe formalize a cryptographic primitive called functional commitment (FC) which...
A *functional commitment* scheme enables a user to concisely commit to a function from a specified f...
Non-malleable commitments are a central cryptographic primitive that guarantee security against man-...
Higher-level cryptographic privacy-enhancing protocols such as anonymous credentials, voting schemes...
We present Boomy, a multivariate polynomial commitment scheme enabling the proof of the evaluation o...
A functional commitment (FC) scheme allows one to commit to a vector $\vec{x}$ and later produce a s...
Today\u27s most compact zero-knowledge arguments are based on the hardness of the discrete logarithm...
Commitment schemes are among cryptography's most important building blocks. Besides their basic prop...
We introduce an efficient SNARK for towers of binary fields. Adapting Brakedown (CRYPTO \u2723), we ...
Vector commitment schemes allow a user to commit to a vector of values $\mathbf{x} \in \{0,1\}^\ell$...
Succinct arguments allow a prover to convince a verifier of the validity of any statement in a langu...
A functional commitment allows a user to commit to an input $\mathbf{x} \in \{0,1\}^\ell$ and later ...
This PhD thesis is about practical lattice-based zero-knowledge proof systems. We construct protocol...
Interactive Oracle Proof of Proximity (IOPPs) are a powerful tool for constructing succinct non-inte...
We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations ...
International audienceWe formalize a cryptographic primitive called functional commitment (FC) which...
A *functional commitment* scheme enables a user to concisely commit to a function from a specified f...
Non-malleable commitments are a central cryptographic primitive that guarantee security against man-...
Higher-level cryptographic privacy-enhancing protocols such as anonymous credentials, voting schemes...
We present Boomy, a multivariate polynomial commitment scheme enabling the proof of the evaluation o...
A functional commitment (FC) scheme allows one to commit to a vector $\vec{x}$ and later produce a s...
Today\u27s most compact zero-knowledge arguments are based on the hardness of the discrete logarithm...
Commitment schemes are among cryptography's most important building blocks. Besides their basic prop...
We introduce an efficient SNARK for towers of binary fields. Adapting Brakedown (CRYPTO \u2723), we ...