Improved Zero-Knowledge Proofs for Commitments from Learning Parity with Noise

Abstract

Zero-knowledge proof for any relation amongst committed values is crucial and widely applicable in the design of high level cryptographic schemes, especially in privacy-preserving protocols. Besides quantum resistance, efficiency is what we are most concerned about, including asymptotic efficiency and concrete efficiency. Jain et al. proposed a simple string commitment scheme based on the Learning Parity with Noise (LPN) problem (JKPT12), and then designed zero-knowledge proofs for valid opening, linear relation and multiplicative relation of committed values. As a result, they got an efficient zero-knowledge proof for any circuit C, with communication complexity $\mathcal{O}(t|C|\ell \log \ell )$, where t is a security parameter measuring soundness and ℓ is the secret length of the LPN problem. In this work, we improve the concrete communication complexity by combining some commitments in JKPT12 together. The proofs of linear relation and multiplicative relation are shortened by (6α + 4)ℓ and (42α+28)ℓ respectively, where ℓ is the size of LPN secret. As a result, the communication cost of the protocol proving arbitrary relation is reduced by a constant level.