Document Open Access Logo

SoK: Zero-Knowledge Range Proofs

Authors Miranda Christ , Foteini Baldimtsi , Konstantinos Kryptos Chalkias , Deepak Maram , Arnab Roy , Joy Wang

PDF
Thumbnail PDF

File

LIPIcs.AFT.2024.14.pdf
  • Filesize: 0.86 MB
  • 25 pages

Document Identifiers

Author Details

Miranda Christ
  • Columbia University, New York, NY, USA
Foteini Baldimtsi
  • Mysten Labs, Palo Alto, CA, USA
  • George Mason University, Fairfax, VA, USA
Konstantinos Kryptos Chalkias
  • Mysten Labs, Palo Alto, CA, USA
Deepak Maram
  • Mysten Labs, Palo Alto, CA, USA
Arnab Roy
  • Mysten Labs, Palo Alto, CA, USA
Joy Wang
  • Mysten Labs, Palo Alto, CA, USA

Cite AsGet BibTex

Miranda Christ, Foteini Baldimtsi, Konstantinos Kryptos Chalkias, Deepak Maram, Arnab Roy, and Joy Wang. SoK: Zero-Knowledge Range Proofs. In 6th Conference on Advances in Financial Technologies (AFT 2024). Leibniz International Proceedings in Informatics (LIPIcs), Volume 316, pp. 14:1-14:25, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2024)
https://doi.org/10.4230/LIPIcs.AFT.2024.14

Abstract

Zero-knowledge range proofs (ZKRPs) allow a prover to convince a verifier that a secret value lies in a given interval. ZKRPs have numerous applications: from anonymous credentials and auctions, to confidential transactions in cryptocurrencies. At the same time, a plethora of ZKRP constructions exist in the literature, each with its own trade-offs. In this work, we systematize the knowledge around ZKRPs. We create a classification of existing constructions based on the underlying building techniques, and we summarize their properties. We provide comparisons between schemes both in terms of properties as well as efficiency levels, and construct a guideline to assist in the selection of an appropriate ZKRP for different application requirements. Finally, we discuss a number of interesting open research problems.

Subject Classification

ACM Subject Classification
  • Security and privacy → Cryptography
Keywords
  • Range proofs
  • zero knowledge

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Related Versions

References

  1. Miklós Ajtai. Generating hard instances of lattice problems. In Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, pages 99-108, 1996. Google Scholar
  2. Martin R Albrecht, Valerio Cini, Russell WF Lai, Giulio Malavolta, and Sri AravindaKrishnan Thyagarajan. Lattice-based snarks: Publicly verifiable, preprocessing, and recursively composable. In Annual International Cryptology Conference, pages 102-132. Springer, 2022. Google Scholar
  3. Sebastian Angel and Michael Walfish. Verifiable auctions for online ad exchanges. In Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM, pages 195-206, 2013. Google Scholar
  4. Thomas Attema, Vadim Lyubashevsky, and Gregor Seiler. Practical product proofs for lattice commitments. In Annual International Cryptology Conference, pages 470-499. Springer, 2020. Google Scholar
  5. Carsten Baum, Ivan Damgård, Vadim Lyubashevsky, Sabine Oechsner, and Chris Peikert. More efficient commitments from structured lattice assumptions. In International Conference on Security and Cryptography for Networks, pages 368-385. Springer, 2018. Google Scholar
  6. Mira Belenkiy, Jan Camenisch, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Hovav Shacham. Randomizable proofs and delegatable anonymous credentials. In Shai Halevi, editor, Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings, volume 5677 of Lecture Notes in Computer Science, pages 108-125. Springer, 2009. URL: https://doi.org/10.1007/978-3-642-03356-8_7.
  7. James Bell, Adrià Gascón, Tancrède Lepoint, Baiyu Li, Sarah Meiklejohn, Mariana Raykova, and Cathie Yun. ACORN: Input validation for secure aggregation. In 32nd USENIX Security Symposium (USENIX Security 23), pages 4805-4822, 2023. Google Scholar
  8. Marta Bellés-Muñoz, Miguel Isabel, Jose Luis Muñoz-Tapia, Albert Rubio, and Jordi Baylina. Circom: A circuit description language for building zero-knowledge applications. IEEE Transactions on Dependable and Secure Computing, 2022. Google Scholar
  9. Eli Ben-Sasson, Iddo Bentov, Yinon Horesh, and Michael Riabzev. Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, 2018. Google Scholar
  10. Fabrice Benhamouda, Stephan Krenn, Vadim Lyubashevsky, and Krzysztof Pietrzak. Efficient zero-knowledge proofs for commitments from learning with errors over rings. In European symposium on research in computer security, pages 305-325. Springer, 2015. Google Scholar
  11. D Boneh, B Fisch, A Gabizon, and Z Williamson. A simple range proof from polynomial commitments, 2020. URL: https://hackmd.io/@dabo/B1U4kx8XI.
  12. Dan Boneh and Matthew Franklin. Efficient generation of shared rsa keys. In Advances in Cryptology - CRYPTO'97: 17th Annual International Cryptology Conference Santa Barbara, California, USA August 17-21, 1997 Proceedings 17, pages 425-439. Springer, 1997. Google Scholar
  13. Jonathan Bootle, Andrea Cerulli, Pyrros Chaidos, Jens Groth, and Christophe Petit. Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In Advances in Cryptology-EUROCRYPT 2016: 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II 35, pages 327-357. Springer, 2016. Google Scholar
  14. Fabrice Boudot. Efficient proofs that a committed number lies in an interval. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 431-444. Springer, 2000. Google Scholar
  15. Ernest F Brickell, David Chaum, Ivan B Damgård, and Jeroen van de Graaf. Gradual and verifiable release of a secret. In Advances in Cryptology - CRYPTO’87: Proceedings 7, pages 156-166. Springer, 1988. Google Scholar
  16. Benedikt Bünz, Shashank Agrawal, Mahdi Zamani, and Dan Boneh. Zether: Towards privacy in a smart contract world. In International Conference on Financial Cryptography and Data Security, pages 423-443. Springer, 2020. Google Scholar
  17. Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Greg Maxwell. Bulletproofs: Short proofs for confidential transactions and more. In 2018 IEEE symposium on security and privacy (SP), pages 315-334. IEEE, 2018. Google Scholar
  18. Benedikt Bünz, Ben Fisch, and Alan Szepieniec. Transparent snarks from dark compilers. In Advances in Cryptology-EUROCRYPT 2020: 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10-14, 2020, Proceedings, Part I 39, pages 677-706. Springer, 2020. Google Scholar
  19. Benedikt Bünz, Ben Fisch, and Alan Szepieniec. Transparent snarks from dark compilers. In Advances in Cryptology-EUROCRYPT 2020: 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10-14, 2020, Proceedings, Part I 39, pages 677-706. Springer, 2020. Google Scholar
  20. Philippe Camacho. Secure protocols for provable security, 2014. URL: https://www.slideshare.net/philippecamacho/protocols-for-provable-solvency-38501620.
  21. Jan Camenisch, BRICS, and Markus Michels. Separability and efficiency for generic group signature schemes. In Annual International Cryptology Conference, pages 413-430. Springer, 1999. Google Scholar
  22. Jan Camenisch, Rafik Chaabouni, and Abhi Shelat. Efficient protocols for set membership and range proofs. In International Conference on the Theory and Application of Cryptology and Information Security, pages 234-252. Springer, 2008. Google Scholar
  23. Jan Camenisch and Markus Michels. Proving in zero-knowledge that a number is the product of two safe primes. In Advances in Cryptology - EUROCRYPT’99: International Conference on the Theory and Application of Cryptographic Techniques Prague, Czech Republic, May 2-6, 1999 Proceedings 18, pages 107-122. Springer, 1999. Google Scholar
  24. Konstantinos Chalkias, Shir Cohen, Kevin Lewi, Fredric Moezinia, and Yolan Romailler. Hashwires: Hyperefficient credential-based range proofs. Proceedings on Privacy Enhancing Technologies, 4:76-95, 2021. Google Scholar
  25. Agnes Hui Chan, Yair Frankel, and Yiannis Tsiounis. Easy come - easy go divisible cash. In Kaisa Nyberg, editor, Advances in Cryptology - EUROCRYPT '98, International Conference on the Theory and Application of Cryptographic Techniques, Espoo, Finland, May 31 - June 4, 1998, Proceeding, volume 1403 of Lecture Notes in Computer Science, pages 561-575. Springer, 1998. URL: https://doi.org/10.1007/BFb0054154.
  26. Panagiotis Chatzigiannis and Foteini Baldimtsi. Miniledger: Compact-sized anonymous and auditable distributed payments. In Elisa Bertino, Haya Shulman, and Michael Waidner, editors, Computer Security - ESORICS 2021 - 26th European Symposium on Research in Computer Security, Darmstadt, Germany, October 4-8, 2021, Proceedings, Part I, volume 12972 of Lecture Notes in Computer Science, pages 407-429. Springer, 2021. URL: https://doi.org/10.1007/978-3-030-88418-5_20.
  27. Miranda Christ, Foteini Baldimtsi, Konstantinos Kryptos Chalkias, Deepak Maram, Arnab Roy, and Joy Wang. SoK: Zero-knowledge range proofs. Cryptology ePrint Archive, Paper 2024/430, 2024. URL: https://eprint.iacr.org/2024/430.
  28. Heewon Chung, Kyoohyung Han, Chanyang Ju, Myungsun Kim, and Jae Hong Seo. Bulletproofs+: Shorter proofs for a privacy-enhanced distributed ledger. IEEE Access, 10:42081-42096, 2022. Google Scholar
  29. Geoffroy Couteau, Dahmun Goudarzi, Michael Klooß, and Michael Reichle. Sharp: Short relaxed range proofs. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pages 609-622, 2022. Google Scholar
  30. Geoffroy Couteau, Michael Klooß, Huang Lin, and Michael Reichle. Efficient range proofs with transparent setup from bounded integer commitments. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 247-277. Springer, 2021. Google Scholar
  31. Geoffroy Couteau, Thomas Peters, and David Pointcheval. Removing the strong rsa assumption from arguments over the integers. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 321-350. Springer, 2017. Google Scholar
  32. Gaby G Dagher, Benedikt Bünz, Joseph Bonneau, Jeremy Clark, and Dan Boneh. Provisions: Privacy-preserving proofs of solvency for bitcoin exchanges. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 720-731, 2015. Google Scholar
  33. Ivan Damgård and Eiichiro Fujisaki. An integer commitment scheme based on groups with hidden order. Cryptology ePrint Archive, 2001. Google Scholar
  34. Vanesa Daza, Carla Ràfols, and Alexandros Zacharakis. Updateable inner product argument with logarithmic verifier and applications. In Public-Key Cryptography-PKC 2020: 23rd IACR International Conference on Practice and Theory of Public-Key Cryptography, Edinburgh, UK, May 4-7, 2020, Proceedings, Part I 23, pages 527-557. Springer, 2020. Google Scholar
  35. Rafaël Del Pino, Vadim Lyubashevsky, and Gregor Seiler. Short discrete log proofs for fhe and ring-lwe ciphertexts. In IACR International Workshop on Public Key Cryptography, pages 344-373. Springer, 2019. Google Scholar
  36. Liam Eagen. Bulletproofs++. Cryptology ePrint Archive, 2022. Google Scholar
  37. Muhammed F Esgin, Ron Steinfeld, Joseph K Liu, and Dongxi Liu. Lattice-based zero-knowledge proofs: new techniques for shorter and faster constructions and applications. In Annual International Cryptology Conference, pages 115-146. Springer, 2019. Google Scholar
  38. Muhammed F Esgin, Ron Steinfeld, Amin Sakzad, Joseph K Liu, and Dongxi Liu. Short lattice-based one-out-of-many proofs and applications to ring signatures. In Applied Cryptography and Network Security: 17th International Conference, ACNS 2019, Bogota, Colombia, June 5-7, 2019, Proceedings 17, pages 67-88. Springer, 2019. Google Scholar
  39. Yair Frankel, Philip D MacKenzie, and Moti Yung. Robust efficient distributed rsa-key generation. In Proceedings of the thirtieth annual ACM symposium on Theory of computing, pages 663-672, 1998. Google Scholar
  40. Eiichiro Fujisaki and Tatsuaki Okamoto. Statistical zero knowledge protocols to prove modular polynomial relations. In Advances in Cryptology - CRYPTO'97: 17th Annual International Cryptology Conference Santa Barbara, California, USA August 17-21, 1997 Proceedings 17, pages 16-30. Springer, 1997. Google Scholar
  41. Ariel Gabizon, Zachary J Williamson, and Oana Ciobotaru. Plonk: Permutations over lagrange-bases for oecumenical noninteractive arguments of knowledge. Cryptology ePrint Archive, 2019. Google Scholar
  42. Craig Gentry, Shai Halevi, and Vadim Lyubashevsky. Practical non-interactive publicly verifiable secret sharing with thousands of parties. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 458-487. Springer, 2022. Google Scholar
  43. Jens Groth. Non-interactive zero-knowledge arguments for voting. In Applied Cryptography and Network Security: Third International Conference, ACNS 2005, New York, NY, USA, June 7-10, 2005. Proceedings 3, pages 467-482. Springer, 2005. Google Scholar
  44. Jens Groth. On the size of pairing-based non-interactive arguments. In Advances in Cryptology-EUROCRYPT 2016: 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II 35, pages 305-326. Springer, 2016. Google Scholar
  45. Jens Groth. Non-interactive distributed key generation and key resharing. Cryptology ePrint Archive, 2021. Google Scholar
  46. G.H. Hardy, E.M. Wright, D.R. Heath-Brown, and J. Silverman. An Introduction to the Theory of Numbers. Oxford mathematics. OUP Oxford, 2008. Google Scholar
  47. iden3. rapidsnark. https://github.com/iden3/rapidsnark, 2023.
  48. Yan Ji and Konstantinos Chalkias. Generalized proof of liabilities. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pages 3465-3486, 2021. Google Scholar
  49. Aniket Kate, Gregory M Zaverucha, and Ian Goldberg. Constant-size commitments to polynomials and their applications. In Advances in Cryptology-ASIACRYPT 2010: 16th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 5-9, 2010. Proceedings 16, pages 177-194. Springer, 2010. Google Scholar
  50. Jonathan Katz and Yehuda Lindell. Introduction to modern cryptography: principles and protocols. Chapman and hall/CRC, 2007. Google Scholar
  51. Akinori Kawachi, Keisuke Tanaka, and Keita Xagawa. Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In Advances in Cryptology-ASIACRYPT 2008: 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7-11, 2008. Proceedings 14, pages 372-389. Springer, 2008. Google Scholar
  52. Benoit Libert. Vector commitments with short proofs of smallness. Cryptology ePrint Archive, 2023. Google Scholar
  53. Benoît Libert, San Ling, Fabrice Mouhartem, Khoa Nguyen, and Huaxiong Wang. Zero-knowledge arguments for matrix-vector relations and lattice-based group encryption. In International Conference on the Theory and Application of Cryptology and Information Security, pages 101-131. Springer, 2016. Google Scholar
  54. Benoît Libert, San Ling, Khoa Nguyen, and Huaxiong Wang. Zero-knowledge arguments for lattice-based accumulators: logarithmic-size ring signatures and group signatures without trapdoors. In Advances in Cryptology-EUROCRYPT 2016: 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II 35, pages 1-31. Springer, 2016. Google Scholar
  55. Benoît Libert, San Ling, Khoa Nguyen, and Huaxiong Wang. Lattice-based zero-knowledge arguments for integer relations. In Annual International Cryptology Conference, pages 700-732. Springer, 2018. Google Scholar
  56. Helger Lipmaa. On diophantine complexity and statistical zero-knowledge arguments. In Advances in Cryptology-ASIACRYPT 2003: 9th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, November 30-December 4, 2003. Proceedings 9, pages 398-415. Springer, 2003. Google Scholar
  57. Vadim Lyubashevsky, Ngoc Khanh Nguyen, and Maxime Plançon. Lattice-based zero-knowledge proofs and applications: shorter, simpler, and more general. In Annual International Cryptology Conference, pages 71-101. Springer, 2022. Google Scholar
  58. Vadim Lyubashevsky, Ngoc Khanh Nguyen, and Gregor Seiler. Practical lattice-based zero-knowledge proofs for integer relations. In Proceedings of the 2020 ACM SIGSAC conference on computer and communications security, pages 1051-1070, 2020. Google Scholar
  59. Greg Maxwell. Confidential transactions, 2016. URL: https://people.xiph.org/~greg/confidential_values.txt.
  60. Eduardo Morais, Tommy Koens, Cees van Wijk, and Aleksei Koren. A survey on zero knowledge range proofs and applications. CoRR, abs/1907.06381, 2019. URL: https://arxiv.org/abs/1907.06381.
  61. Khoa Nguyen, Hanh Tang, Huaxiong Wang, and Neng Zeng. New code-based privacy-preserving cryptographic constructions. In Advances in Cryptology-ASIACRYPT 2019: 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, December 8-12, 2019, Proceedings, Part II 25, pages 25-55. Springer, 2019. Google Scholar
  62. Valeria Nikolaenko, Sam Ragsdale, Joseph Bonneau, and Dan Boneh. Powers-of-tau to the people: Decentralizing setup ceremonies. In International Conference on Applied Cryptography and Network Security, pages 105-134. Springer, 2024. Google Scholar
  63. Torben Pryds Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Annual international cryptology conference, pages 129-140. Springer, 1991. Google Scholar
  64. Andrew Poelstra. Mimblewimble, 2016. Google Scholar
  65. Ronald L Rivest and Adi Shamir. Payword and micromint: Two simple micropayment schemes. In International workshop on security protocols, pages 69-87. Springer, 1996. Google Scholar
  66. Jacques Stern. A new paradigm for public key identification. IEEE Transactions on Information Theory, 42(6):1757-1768, 1996. Google Scholar
  67. Alin Tomescu. Range proofs from polynomial commitments, re-explained, March 2020. URL: https://decentralizedthoughts.github.io/2020-03-03-range-proofs-from-polynomial-commitments-reexplained/.
  68. Nan Wang and Sid Chi-Kin Chau. Flashproofs: Efficient zero-knowledge arguments of range and polynomial evaluation with transparent setup. In International Conference on the Theory and Application of Cryptology and Information Security, pages 219-248. Springer, 2022. Google Scholar
  69. Nan Wang, Sid Chi-Kin Chau, and Dongxi Liu. Swiftrange: A short and efficient zero-knowledge range argument for confidential transactions and more. Cryptology ePrint Archive, 2023. Google Scholar
  70. Pieter Wuille. libsecp256k1, 2018. URL: https://github.com/bitcoin/secp256k1.
  71. Rupeng Yang, Man Ho Au, Zhenfei Zhang, Qiuliang Xu, Zuoxia Yu, and William Whyte. Efficient lattice-based zero-knowledge arguments with standard soundness: construction and applications. In Advances in Cryptology-CRYPTO 2019: 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2019, Proceedings, Part I 39, pages 147-175. Springer, 2019. Google Scholar
  72. Zibo Zhou, Zongyang Zhang, Hongyu Tao, Tianyu Li, and Boyu Zhao. Efficient inner product arguments and their applications in range proofs. IET Information Security, 17(3):485-504, 2023. Google Scholar
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2024 Schloss Dagstuhl – LZI GmbH Imprint Privacy Contact