International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Faster Sounder Succinct Arguments and IOPs

Justin Holmgren , NTT Research
Ron Rothblum , Technion
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2022
Abstract: Succinct arguments allow a prover to convince a verifier that a given statement is true, using an extremely short proof. A major bottleneck that has been the focus of a large body of work is in reducing the overhead incurred by the prover in order to prove correctness of the computation. By overhead we refer to the cost of proving correctness, divided by the cost of the original computation. In this work, for a large class of Boolean circuits C, we construct succinct arguments for satisfiability of C with soundness error 2^{-k}, and with prover overhead polylog(k). This result relies on the existence of (sub-exponentially secure) linear-size computable collision-resistant hash functions. The class of Boolean circuits that we can handle includes circuits with a repeated sub-structure, which arise in natural applications such as batch computation/verification, hashing, and related block chain applications. The succinct argument is obtained by constructing interactive oracle proofs for the same class of languages, with polylog(k) prover overhead, and soundness error 2^{-k}. Prior to our work, the best IOPs for Boolean circuits either had prover overhead of polylog(|C|) based on efficient PCPs due to Ben~Sasson et al. (STOC, 2013) or poly(k) due to Rothblum and Ron-Zewi (STOC, 2022).
Video from CRYPTO 2022
  title={Faster Sounder Succinct Arguments and IOPs},
  author={Justin Holmgren and Ron Rothblum},