An Efficient ZK Compiler from SIMD Circuits to General Circuits

Dung Bui; Haotian Chu; Geoffroy Couteau; Xiao Wang; Chenkai Weng; Kang Yang; Yu Yu

doi:10.1007/s00145-024-09531-4

An Efficient ZK Compiler from SIMD Circuits to General Circuits

Dung Bui, Haotian Chu, Geoffroy Couteau, Xiao Wang, Chenkai Weng, Kang Yang^*, Yu Yu^*

^*Corresponding author for this work

Computer Science

Research output: Contribution to journal › Article › peer-review

1 Scopus citations

Abstract

We propose a generic compiler that can convert any zero-knowledge (ZK) proof for SIMD circuits to general circuits efficiently, and an extension that can preserve the space complexity of the proof systems. Our compiler can immediately produce new results improving upon state of the art. By plugging in our compiler to Antman, an interactive sublinear-communication protocol, we improve the overall communication complexity for general circuits from O(C3/4) to O(C1/2). Our implementation shows that for a circuit of size 227, it achieves up to 83.6× improvement on communication compared to the state-of-the-art implementation. Its end-to-end running time is at least 70% faster in a 10Mbps network. Using the recent results on compressed Σ-protocol theory, we obtain a discrete-log-based constant-round zero-knowledge argument with O(C1/2) communication and common random string length, improving over the state of the art that has linear-size common random string and requires heavier computation. We improve the communication of a designated n-verifier zero-knowledge proof from O(nC/B+n2B2) to O(nC/B+n2). To demonstrate the scalability of our compilers, we were able to extract a commit-and-prove SIMD ZK from Ligero and cast it in our framework. We also give one instantiation derived from LegoSNARK, demonstrating that the idea of CP-SNARK also fits in our methodology.

Original language	English (US)
Article number	10
Journal	Journal of Cryptology
Volume	38
Issue number	1
DOIs	https://doi.org/10.1007/s00145-024-09531-4
State	Published - Jan 2025

Funding

Work of Kang Yang is supported by the National Key Research and Development Pro gramofChina (GrantNo. 2022YFB2702000), and by theNationalNatural Science Foundation of China (Grant Nos. 62102037, 61932019). Work of Yu Yu is supported by the National Natural Science Foundation of China (Grant Nos. 92270201 and 62125204). Yu Yu’s work has also been supported by the New Corner-stone Science Foundation through the XPLORER PRIZE. Work of Geoffroy Couteau is supported by the French Agence Nationale de la Recherche (ANR), under grant ANR-20-CE39-0001 (project SCENE) and the France 2030 ANR Project ANR- 22-PECY-003 SecureCompute. Work of Dung Bui is supported by Dim Math Innov funding from the Paris Mathematical Sciences Foundation (FSMP) funded by the Paris Ile-de-France Region. Work of Xiao Wang is supported by DARPA under Contract No. HR001120C0087, NSF award # 2016240, # 2236819, # 2318975, # 2310927 and research awards from Meta and Google. The views, opinions, and/or findings expressed are those of the author(s) and should not be interpreted as representing the official views or policies of the Department of Defense or the US Government.

Keywords

General Compiler
SIMD ZK
VOLE-based ZK
Zero-Knowledge Proof
Σ-protocol

ASJC Scopus subject areas

Software
Computer Science Applications
Applied Mathematics

Access to Document

10.1007/s00145-024-09531-4

Cite this

@article{fc762784c83242b3ab6edb8058f94eaa,

title = "An Efficient ZK Compiler from SIMD Circuits to General Circuits",

abstract = "We propose a generic compiler that can convert any zero-knowledge (ZK) proof for SIMD circuits to general circuits efficiently, and an extension that can preserve the space complexity of the proof systems. Our compiler can immediately produce new results improving upon state of the art. By plugging in our compiler to Antman, an interactive sublinear-communication protocol, we improve the overall communication complexity for general circuits from O(C3/4) to O(C1/2). Our implementation shows that for a circuit of size 227, it achieves up to 83.6× improvement on communication compared to the state-of-the-art implementation. Its end-to-end running time is at least 70\% faster in a 10Mbps network. Using the recent results on compressed Σ-protocol theory, we obtain a discrete-log-based constant-round zero-knowledge argument with O(C1/2) communication and common random string length, improving over the state of the art that has linear-size common random string and requires heavier computation. We improve the communication of a designated n-verifier zero-knowledge proof from O(nC/B+n2B2) to O(nC/B+n2). To demonstrate the scalability of our compilers, we were able to extract a commit-and-prove SIMD ZK from Ligero and cast it in our framework. We also give one instantiation derived from LegoSNARK, demonstrating that the idea of CP-SNARK also fits in our methodology.",

keywords = "General Compiler, SIMD ZK, VOLE-based ZK, Zero-Knowledge Proof, Σ-protocol",

author = "Dung Bui and Haotian Chu and Geoffroy Couteau and Xiao Wang and Chenkai Weng and Kang Yang and Yu Yu",

note = "Publisher Copyright: {\textcopyright} The Author(s) 2024.",

year = "2025",

month = jan,

doi = "10.1007/s00145-024-09531-4",

language = "English (US)",

volume = "38",

journal = "Journal of Cryptology",

issn = "0933-2790",

publisher = "Springer New York",

number = "1",

}

TY - JOUR

T1 - An Efficient ZK Compiler from SIMD Circuits to General Circuits

AU - Bui, Dung

AU - Chu, Haotian

AU - Couteau, Geoffroy

AU - Wang, Xiao

AU - Weng, Chenkai

AU - Yang, Kang

AU - Yu, Yu

N1 - Publisher Copyright: © The Author(s) 2024.

PY - 2025/1

Y1 - 2025/1

N2 - We propose a generic compiler that can convert any zero-knowledge (ZK) proof for SIMD circuits to general circuits efficiently, and an extension that can preserve the space complexity of the proof systems. Our compiler can immediately produce new results improving upon state of the art. By plugging in our compiler to Antman, an interactive sublinear-communication protocol, we improve the overall communication complexity for general circuits from O(C3/4) to O(C1/2). Our implementation shows that for a circuit of size 227, it achieves up to 83.6× improvement on communication compared to the state-of-the-art implementation. Its end-to-end running time is at least 70% faster in a 10Mbps network. Using the recent results on compressed Σ-protocol theory, we obtain a discrete-log-based constant-round zero-knowledge argument with O(C1/2) communication and common random string length, improving over the state of the art that has linear-size common random string and requires heavier computation. We improve the communication of a designated n-verifier zero-knowledge proof from O(nC/B+n2B2) to O(nC/B+n2). To demonstrate the scalability of our compilers, we were able to extract a commit-and-prove SIMD ZK from Ligero and cast it in our framework. We also give one instantiation derived from LegoSNARK, demonstrating that the idea of CP-SNARK also fits in our methodology.

AB - We propose a generic compiler that can convert any zero-knowledge (ZK) proof for SIMD circuits to general circuits efficiently, and an extension that can preserve the space complexity of the proof systems. Our compiler can immediately produce new results improving upon state of the art. By plugging in our compiler to Antman, an interactive sublinear-communication protocol, we improve the overall communication complexity for general circuits from O(C3/4) to O(C1/2). Our implementation shows that for a circuit of size 227, it achieves up to 83.6× improvement on communication compared to the state-of-the-art implementation. Its end-to-end running time is at least 70% faster in a 10Mbps network. Using the recent results on compressed Σ-protocol theory, we obtain a discrete-log-based constant-round zero-knowledge argument with O(C1/2) communication and common random string length, improving over the state of the art that has linear-size common random string and requires heavier computation. We improve the communication of a designated n-verifier zero-knowledge proof from O(nC/B+n2B2) to O(nC/B+n2). To demonstrate the scalability of our compilers, we were able to extract a commit-and-prove SIMD ZK from Ligero and cast it in our framework. We also give one instantiation derived from LegoSNARK, demonstrating that the idea of CP-SNARK also fits in our methodology.

KW - General Compiler

KW - SIMD ZK

KW - VOLE-based ZK

KW - Zero-Knowledge Proof

KW - Σ-protocol

UR - https://www.scopus.com/pages/publications/85211342914

UR - https://www.scopus.com/inward/citedby.url?scp=85211342914&partnerID=8YFLogxK

U2 - 10.1007/s00145-024-09531-4

DO - 10.1007/s00145-024-09531-4

M3 - Article

AN - SCOPUS:85211342914

SN - 0933-2790

VL - 38

JO - Journal of Cryptology

JF - Journal of Cryptology

IS - 1

M1 - 10

ER -

An Efficient ZK Compiler from SIMD Circuits to General Circuits

Abstract

Funding

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this