IMDEA Software

IMDEA initiative

Home > Events > Invited Talks > 2021 > Acyclicity Programming for Sigma-Protocols

Miguel Ambrona

Tuesday, April 20, 2021

11:00am Zoom3 - https://zoom.us/j/3911012202 (pass: s3)

Miguel Ambrona, Post-doctoral Researcher, NTT Secure Platform Laboratories, Japan

Acyclicity Programming for Sigma-Protocols

Abstract:

Cramer, Damgård, and Schoenmakers (CDS) built a proof system to demonstrate the possession of subsets of witnesses for a given collection of statements that belong to a prescribed access structure P by composing so-called sigma-protocols for each atomic statement. Their verifier complexity is linear in the size of the monotone span program representation of P. We propose an alternative method for combining sigma-protocols into a single non-interactive system for a compound statement in the random oracle model. In contrast to CDS, our verifier complexity is linear in the size of the acyclicity program representation of P, a complete model of monotone computation introduced in this work. We show that the acyclicity program size of a predicate is never larger than its de Morgan formula size and it is polynomially incomparable to its monotone span program size. We additionally present an extension of our proof system, with verifier complexity linear in the monotone circuit size of P, in the common reference string model.