This talk is scoped for both cryptographers and non-cryptographers. I will start by introducing two of the most active research areas in modern cryptography: secure (multi-party) computation (MPC) and (privacy-preserving) verifiable computation (VC). In MPC protocols, a set of mutually distrusting participants want to jointly compute some function of their choice on their secret data, while keeping their inputs private. In VC, external parties which did not take part in some computation f(x)=y want to make sure that y was indeed computed by applying f to the (potentially hidden) input x.

The second part of the talk will describe in more detail Succint Non-Interactive ARguments of Knowledge (SNARKs). SNARKs are an important building block for VC, credential systems, cryptocurrencies and privacy-preserving variants thereof. However, most of current SNARK constructions assume that the statements to be proven can be efficiently represented as either Boolean or arithmetic circuits over finite fields. Furthermore, the field choice is almost always limited by the application of secure bilinear maps in the verification procedure.

After explaining the details of field-restricted SNARKs I will present Rinocchio, a designated-verifier SNARKs for statements which are represented as circuits over more general commutative rings, namely those containing big enough exceptional sets. Exceptional sets consist of elements satisfying the property that their pairwise differences are invertible. Along the way, we introduce Quadratic Ring Programs (QRPs) as a characterization of NP where the arithmetic is over a ring. We also study and generalize pre-existent (knowledge-type) assumptions employed in field-restricted SNARKs to the ring context. We propose two applications for Rinocchio: zk-SNARKs for the integers modulo 2^k (e.g. privately applying a Machine Learning model to the Verifier’s data) and VC over encrypted data, for which we can efficiently support more homomorphic encryption schemes and parameters than state-of-the art SNARKs.