Welcome to the resource topic for 2020/517
Title:
Practical Product Proofs for Lattice Commitments
Authors: Thomas Attema, Vadim Lyubashevsky, Gregor Seiler
Abstract:We construct a practical lattice-based zero-knowledge argument for proving multiplicative relations between committed values. The underlying commitment scheme that we use is the currently most efficient one of Baum et al. (SCN 2018), and the size of our multiplicative proof ($9$KB) is only slightly larger than the $7$KB required for just proving knowledge of the committed values. We additionally expand on the work of Lyubashevsky and Seiler (Eurocrypt 2018) by showing that the above-mentioned result can also apply when working over rings \mathbb{Z}_q[X]/(X^d+1) where X^d+1 splits into low-degree factors, which is a desirable property for many applications (e.g. range proofs, multiplications over \mathbb{Z}_q) that take advantage of packing multiple integers into the NTT coefficients of the committed polynomial.
ePrint: https://eprint.iacr.org/2020/517
Talk: https://www.youtube.com/watch?v=0byGTfdp7RU
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .