Efficient Set Membership Proofs using MPC-in-the-Head

Set membership proofs are an invaluable part of privacy preserving systems. These proofs allow a prover to demonstrate knowledge of a witness corresponding to a secret element of a public set, such that they jointly satisfy a given NP relation, ℛ( ) = 1 and is a member of a public set { , . . . , x...

Full description

Saved in:
Bibliographic Details
Published inProceedings on Privacy Enhancing Technologies Vol. 2022; no. 2; pp. 304 - 324
Main Authors Goel, Aarushi, Green, Matthew, Hall-Andersen, Mathias, Kaptchuk, Gabriel
Format Journal Article
LanguageEnglish
Published Sciendo 01.04.2022
Subjects
Disjunctions
Ring Signatures
RingCT
Set Membership
Zero-Knowledge
Online AccessGet full text

Cover

More Information
Summary:Set membership proofs are an invaluable part of privacy preserving systems. These proofs allow a prover to demonstrate knowledge of a witness corresponding to a secret element of a public set, such that they jointly satisfy a given NP relation, ℛ( ) = 1 and is a member of a public set { , . . . , x }. This allows the identity of the prover to remain hidden, eg. ring signatures and confidential transactions in cryptocurrencies. In this work, we develop a new technique for efficiently adding logarithmic-sized set membership proofs to any MPC-in-the-head based zero-knowledge protocol (Ishai et al. [STOC’07]). We integrate our technique into an open source implementation of the state-of-the-art, post quantum secure zero-knowledge protocol of Katz et al. [CCS’18].We find that using our techniques to construct ring signatures results in signatures (based only on symmetric key primitives) that are between 5 and 10 times smaller than state-of-the-art techniques based on the same assumptions. We also show that our techniques can be used to efficiently construct post-quantum secure RingCT from only symmetric key primitives.
ISSN:2299-0984
2299-0984
DOI:10.2478/popets-2022-0047