TY - GEN
T1 - SNARGs for Monotone Policy Batch NP
AU - Brakerski, Zvika
AU - Brodsky, Maya Farber
AU - Kalai, Yael Tauman
AU - Lombardi, Alex
AU - Paneth, Omer
N1 - Publisher Copyright:
© 2023, International Association for Cryptologic Research.
PY - 2023
Y1 - 2023
N2 - We construct a succinct non-interactive argument (SNARG ) for the class of monotone policy batch NP languages, under the Learning with Errors (LWE ) assumption. This class is a subclass of NP that is associated with a monotone function f: { 0, 1 }k→ { 0, 1 } and an NP language L, and contains instances (x1, …, xk) such that f(b1, …, bk) = 1 where bj= 1 if and only if xj∈ L. Our SNARG s are arguments of knowledge in the non-adaptive setting, and satisfy a new notion of somewhere extractability against adaptive adversaries. This is the first SNARG under standard hardness assumptions for a sub-class of NP that is not known to have a (computational) non-signaling PCP with parameters compatible with the standard framework for constructing SNARG s dating back to [Kalai-Raz-Rothblum, STOC ’13]. Indeed, our approach necessarily departs from this framework. Our construction combines existing quasi-arguments for NP (based on batch arguments for NP ) with a new type of cryptographic encoding of the instance and a new analysis going from local to global soundness. The main novel ingredient used in our encoding is a predicate-extractable hash (PEHash ) family, which is a primitive that generalizes the notion of a somewhere extractable hash. Whereas a somewhere extractable hash allows to extract a single input coordinate, our PEHash extracts a global property of the input. We view this primitive to be of independent interest, and believe that it will find other applications.
AB - We construct a succinct non-interactive argument (SNARG ) for the class of monotone policy batch NP languages, under the Learning with Errors (LWE ) assumption. This class is a subclass of NP that is associated with a monotone function f: { 0, 1 }k→ { 0, 1 } and an NP language L, and contains instances (x1, …, xk) such that f(b1, …, bk) = 1 where bj= 1 if and only if xj∈ L. Our SNARG s are arguments of knowledge in the non-adaptive setting, and satisfy a new notion of somewhere extractability against adaptive adversaries. This is the first SNARG under standard hardness assumptions for a sub-class of NP that is not known to have a (computational) non-signaling PCP with parameters compatible with the standard framework for constructing SNARG s dating back to [Kalai-Raz-Rothblum, STOC ’13]. Indeed, our approach necessarily departs from this framework. Our construction combines existing quasi-arguments for NP (based on batch arguments for NP ) with a new type of cryptographic encoding of the instance and a new analysis going from local to global soundness. The main novel ingredient used in our encoding is a predicate-extractable hash (PEHash ) family, which is a primitive that generalizes the notion of a somewhere extractable hash. Whereas a somewhere extractable hash allows to extract a single input coordinate, our PEHash extracts a global property of the input. We view this primitive to be of independent interest, and believe that it will find other applications.
UR - http://www.scopus.com/inward/record.url?scp=85172990081&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85172990081&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-38545-2_9
DO - 10.1007/978-3-031-38545-2_9
M3 - Conference contribution
AN - SCOPUS:85172990081
SN - 9783031385445
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 252
EP - 283
BT - Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings, Part II
A2 - Handschuh, Helena
A2 - Lysyanskaya, Anna
PB - Springer Science and Business Media Deutschland GmbH
T2 - Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings
Y2 - 20 August 2023 through 24 August 2023
ER -