Lightweight Transparent Zero-Knowledge Proofs for Cross-Domain Statements
摘要
Commit-prove zero-knowledge proofs (CP-ZKP) efficiently validate cross domain statements spanning both algebraic and non-algebraic components, enabling applications like privacy-preserving credentials and confidential cryptocurrency audits based on standard signatures such as RSA or (EC)DSA. While existing CP-ZKPs using SNARKs offer advantages such as low communication overhead and fast verification, they require provers to perform group operations, such as exponentiation, that scales linearly with the statement size. This computational requirement can be challenging for resource-constrained environments like IoT. To address this, we present \(\mathsf {CP_{ILC}}\) , a lightweight zero-knowledge proof tailored for cross-domain settings, achieving more efficient prover-side computations dominated with field multiplication, rather than group exponentiation, that scales linearly with the statement size. The verification is dominated with linear field additions, and the communication cost is sublinear. Specifically, we develop \(\mathsf {CP_{link}}\) , a sub-proof of commitment equivalence, showing that a matrix of Pedersen commitment opens to a matrix of values committed in the ideal linear commitment model. Using the Fiat-Shamir transformation, we can compile \(\mathsf {CP_{link}}\) and \(\mathsf {CP_{ILC}}\) into non-interactive. Benchmark results demonstrate that \(\mathsf {CP_{ILC}}\) reduces proving (verification) time by 59% (55%) for the cross-domain statement “ \(\exists (w,r):c=g^{w} h^{r} \wedge y=\text {SHA256}(w)\) ”, with even greater efficiency gains as the algebraic component in the statement increases.