Welcome to the resource topic for 2019/148
Title:
On the efficiency of pairing-based proofs under the d-PKE
Authors: Ariel Gabizon
Abstract:We investigate the minimal number of group elements and prover running time in a zk-SNARK when using only a symmetric linear'' knowledge assumption, like the $d$-Power Knowledge of Exponent assumption, rather than a quadratic’’ one as implicitly happens in the most efficient known construction by Groth [Groth16]. The proofs of [Groth16] contain only 3 group elements. We present 4 element proofs for quadratic arithmetic programs/rank 1 constraint systems under the d-PKE with very similar prover running time to [Groth16]. Central to our construction is a simple lemma for ``batching’’ knowledge checks, which allows us to save one proof element.
ePrint: https://eprint.iacr.org/2019/148
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .