International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Doubly Efficient Cryptography: Commitments, Arguments and RAM MPC

Authors:
Wei-Kai Lin , University of Virginia
Ethan Mook , Northeastern University
Daniel Wichs , Northeastern University, NTT Research
Download:
DOI: 10.1007/978-3-031-68397-8_8 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2024
Abstract: Can a sender commit to a long input without even reading all of it? Can a prover convince a verifier that an NP statement holds without even reading the entire witness? Can a set of parties run a multiparty computation (MPC) protocol in the RAM model, without necessarily even reading their entire inputs? We show how to construct such ``doubly efficient'' schemes in a setting where parties can preprocess their input offline, but subsequently they can engage in many different protocol executions over this input in sublinear online time. We do so in the plain model, without any common setup. Our constructions rely on doubly efficient private information retrieval (DEPIR) as a building block and can be instantiated based on Ring LWE. In more detail, we begin by constructing doubly efficient (interactive) commitments, where the sender preprocesses the input offline, and can later commit to this input to arbitrary receivers in sublinear online time. Moreover, the sender can open individual bits of the committed input in sublinear time. We then use these commitments to implement doubly succinct (interactive) arguments, where the prover preprocesses the statement/witness offline, and can subsequently run many proof protocols to convince arbitrary verifiers of the statement's validity in sublinear online time. Furthermore, we augment these to get a doubly efficient ``commit, prove and locally open'' protocol, where the prover can commit to a long preprocessed input, prove that it satisfies some global property, and locally open individual bits, all in sublinear time. Finally, we leverage these tools to construct a RAM-MPC with malicious security in the plain model. Each party individually preprocesses its input offline, and can then run arbitrary MPC executions over this input with arbitrary other parties. The online run-time of each MPC execution is only proportional to the RAM run-time of the underlying program, that can be sublinear in the input size.
BibTeX
@inproceedings{crypto-2024-34280,
  title={Doubly Efficient Cryptography: Commitments, Arguments and RAM MPC},
  publisher={Springer-Verlag},
  doi={10.1007/978-3-031-68397-8_8},
  author={Wei-Kai Lin and Ethan Mook and Daniel Wichs},
  year=2024
}