{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:48:46Z","timestamp":1780634926098,"version":"3.54.1"},"publisher-location":"Cham","reference-count":83,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030176525","type":"print"},{"value":"9783030176532","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-17653-2_4","type":"book-chapter","created":{"date-parts":[[2019,5,14]],"date-time":"2019-05-14T04:42:13Z","timestamp":1557808933000},"page":"103-128","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":264,"title":["Aurora: Transparent Succinct Arguments for R1CS"],"prefix":"10.1007","author":[{"given":"Eli","family":"Ben-Sasson","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alessandro","family":"Chiesa","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Michael","family":"Riabzev","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nicholas","family":"Spooner","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Madars","family":"Virza","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nicholas P.","family":"Ward","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2019,4,18]]},"reference":[{"key":"4_CR1","unstructured":"ZCash Company (2014). https:\/\/z.cash\/"},{"key":"4_CR2","unstructured":"The Zcash Ceremony (2016). https:\/\/z.cash\/blog\/the-design-of-the-ceremony.html"},{"key":"4_CR3","unstructured":"Zero knowledge proof standardization (2017). https:\/\/zkproof.org\/"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: lightweight sublinear arguments without a trusted setup. In: Proceedings of the 24th ACM Conference on Computer and Communications Security, CCS 2017, pp. 2087\u20132104 (2017)","DOI":"10.1145\/3133956.3134104"},{"issue":"3","key":"4_CR5","doi-asserted-by":"publisher","first-page":"501","DOI":"10.1145\/278298.278306","volume":"45","author":"S Arora","year":"1998","unstructured":"Arora, S., Lund, C., Motwani, R., Sudan, M., Szegedy, M.: Proof verification and the hardness of approximation problems. J. ACM 45(3), 501\u2013555 (1998). Preliminary version in FOCS 1992","journal-title":"J. ACM"},{"issue":"1","key":"4_CR6","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1145\/273865.273901","volume":"45","author":"S Arora","year":"1998","unstructured":"Arora, S., Safra, S.: Probabilistic checking of proofs: a new characterization of NP. J. ACM 45(1), 70\u2013122 (1998). Preliminary version in FOCS 1992","journal-title":"J. ACM"},{"key":"4_CR7","series-title":"Information Security and Cryptography","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44757-4","volume-title":"The Hash Function BLAKE","author":"J-P Aumasson","year":"2014","unstructured":"Aumasson, J.-P., Meier, W., Phan, R.C.-W., Henzen, L.: The Hash Function BLAKE. ISC. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44757-4"},{"key":"4_CR8","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1007\/978-3-642-38980-1_8","volume-title":"Applied Cryptography and Network Security","author":"Jean-Philippe Aumasson","year":"2013","unstructured":"Aumasson, J.P., Neves, S., Wilcox-O\u2019Hearn, Z., Winnerlein, C.: BLAKE2: simpler, smaller, fast as MD5 (2013). https:\/\/blake2.net\/blake2.pdf"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Babai, L., Fortnow, L., Levin, L.A., Szegedy, M.: Checking computations in polylogarithmic time. In: Proceedings of the 23rd Annual ACM Symposium on Theory of Computing, STOC 1991, pp. 21\u201332 (1991)","DOI":"10.1145\/103418.103428"},{"key":"4_CR10","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/BF01200056","volume":"1","author":"L Babai","year":"1991","unstructured":"Babai, L., Fortnow, L., Lund, C.: Non-deterministic exponential time has two-prover interactive protocols. Comput. Complex. 1, 3\u201340 (1991). Preliminary version appeared in FOCS 1990","journal-title":"Comput. Complex."},{"key":"4_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"669","DOI":"10.1007\/978-3-319-96881-0_23","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"C Baum","year":"2018","unstructured":"Baum, C., Bootle, J., Cerulli, A., del Pino, R., Groth, J., Lyubashevsky, V.: Sub-linear lattice-based zero-knowledge arguments for arithmetic circuits. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 669\u2013699. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_23"},{"key":"4_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1007\/978-3-319-56617-7_19","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"E Ben-Sasson","year":"2017","unstructured":"Ben-Sasson, E., et al.: Computational integrity with a public random string from quasi-linear PCPs. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 551\u2013579. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56617-7_19"},{"key":"4_CR13","unstructured":"Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, Report 2018\/046 (2018)"},{"key":"4_CR14","unstructured":"Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Fast Reed-Solomon interactive Oracle proofs of proximity. In: Proceedings of the 45th International Colloquium on Automata, Languages and Programming, ICALP 2018, pp. 14:1\u201314:17 (2018)"},{"key":"4_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1007\/978-3-319-70503-3_6","volume-title":"Theory of Cryptography","author":"E Ben-Sasson","year":"2017","unstructured":"Ben-Sasson, E., Chiesa, A., Forbes, M.A., Gabizon, A., Riabzev, M., Spooner, N.: Zero knowledge protocols from succinct constraint detection. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10678, pp. 172\u2013206. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70503-3_6"},{"key":"4_CR16","unstructured":"Ben-Sasson, E., Chiesa, A., Gabizon, A., Riabzev, M., Spooner, N.: Interactive Oracle Proofs with constant rate and query complexity. In: Proceedings of the 44th International Colloquium on Automata, Languages and Programming, ICALP 2017, pp. 40:1\u201340:15 (2017)"},{"key":"4_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-662-49099-0_2","volume-title":"Theory of Cryptography","author":"E Ben-Sasson","year":"2016","unstructured":"Ben-Sasson, E., Chiesa, A., Gabizon, A., Virza, M.: Quasi-linear size zero knowledge from linear-algebraic PCPs. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016-A. LNCS, vol. 9563, pp. 33\u201364. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49099-0_2"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., et al.: Zerocash: decentralized anonymous payments from Bitcoin. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, SP 2014, pp. 459\u2013474 (2014)","DOI":"10.1109\/SP.2014.36"},{"key":"4_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1007\/978-3-642-40084-1_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"E Ben-Sasson","year":"2013","unstructured":"Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 90\u2013108. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40084-1_6"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., Chiesa, A., Green, M., Tromer, E., Virza, M.: Secure sampling of public parameters for succinct zero knowledge proofs. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, S&P 2015, pp. 287\u2013304 (2015)","DOI":"10.1109\/SP.2015.25"},{"key":"4_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-662-53644-5_2","volume-title":"Theory of Cryptography","author":"E Ben-Sasson","year":"2016","unstructured":"Ben-Sasson, E., Chiesa, A., Spooner, N.: Interactive Oracle proofs. In: Hirt, M., Smith, A. (eds.) TCC 2016-B. LNCS, vol. 9986, pp. 31\u201360. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53644-5_2"},{"key":"4_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"276","DOI":"10.1007\/978-3-662-44381-1_16","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"E Ben-Sasson","year":"2014","unstructured":"Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Scalable zero knowledge via cycles of elliptic curves. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 276\u2013294. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44381-1_16. Extended version at http:\/\/eprint.iacr.org\/2014\/595"},{"key":"4_CR23","unstructured":"Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Succinct non-interactive zero knowledge for a von Neumann architecture. In: Proceedings of the 23rd USENIX Security Symposium, Security 2014, pp. 781\u2013796 (2014). Extended version at http:\/\/eprint.iacr.org\/2013\/879"},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., Kaplan, Y., Kopparty, S., Meir, O., Stichtenoth, H.: Constant rate PCPs for Circuit-SAT with sublinear query complexity. In: Proceedings of the 54th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2013, pp. 320\u2013329 (2013)","DOI":"10.1109\/FOCS.2013.42"},{"key":"4_CR25","unstructured":"Ben-Sasson, E., Kopparty, S., Saraf, S.: Worst-case to average case reductions for the distance to a code. In: Proceedings of the 33rd ACM Conference on Computer and Communications Security, CCS 2018, pp. 24:1\u201324:23 (2018)"},{"issue":"4","key":"4_CR26","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1002\/rsa.20120","volume":"28","author":"E Ben-Sasson","year":"2006","unstructured":"Ben-Sasson, E., Sudan, M.: Robust locally testable codes and products of codes. Random Struct. Algorithms 28(4), 387\u2013402 (2006)","journal-title":"Random Struct. Algorithms"},{"issue":"2","key":"4_CR27","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1137\/050646445","volume":"38","author":"E Ben-Sasson","year":"2008","unstructured":"Ben-Sasson, E., Sudan, M.: Short PCPs with Polylog query complexity. SIAM J. Comput. 38(2), 551\u2013607 (2008). Preliminary version appeared in STOC 2005","journal-title":"SIAM J. Comput."},{"key":"4_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1007\/978-3-319-13051-4_6","volume-title":"Selected Areas in Cryptography \u2013 SAC 2014","author":"DJ Bernstein","year":"2014","unstructured":"Bernstein, D.J., Chou, T.: Faster binary-field multiplication and faster binary-field MACs. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 92\u2013111. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-13051-4_6"},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/978-3-642-36594-2_18","volume-title":"Theory of Cryptography","author":"N Bitansky","year":"2013","unstructured":"Bitansky, N., Chiesa, A., Ishai, Y., Paneth, O., Ostrovsky, R.: Succinct non-interactive arguments via linear interactive proofs. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 315\u2013333. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-36594-2_18"},{"key":"4_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/978-3-319-56617-7_9","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"D Boneh","year":"2017","unstructured":"Boneh, D., Ishai, Y., Sahai, A., Wu, D.J.: Lattice-based SNARGs and their application to more efficient obfuscation. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 247\u2013277. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56617-7_9"},{"key":"4_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-662-49896-5_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"J Bootle","year":"2016","unstructured":"Bootle, J., Cerulli, A., Chaidos, P., Groth, J., Petit, C.: Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 327\u2013357. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5_12"},{"key":"4_CR32","unstructured":"Bowe, S., Gabizon, A., Green, M.: A multi-party protocol for constructing the public parameters of the Pinocchio zk-SNARK. Cryptology ePrint Archive, Report 2017\/602 (2017)"},{"key":"4_CR33","unstructured":"Bowe, S., Gabizon, A., Miers, I.: Scalable multi-party computation for zk-SNARK parameters in the random beacon model. Cryptology ePrint Archive, Report 2017\/1050 (2017)"},{"issue":"2","key":"4_CR34","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1016\/0022-0000(88)90005-0","volume":"37","author":"G Brassard","year":"1988","unstructured":"Brassard, G., Chaum, D., Cr\u00e9peau, C.: Minimum disclosure proofs of knowledge. J. Comput. Syst. Sci. 37(2), 156\u2013189 (1988)","journal-title":"J. Comput. Syst. Sci."},{"key":"4_CR35","doi-asserted-by":"crossref","unstructured":"B\u00fcnz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: Proceedings of the 39th IEEE Symposium on Security and Privacy, S&P 2018, pp. 315\u2013334 (2018)","DOI":"10.1109\/SP.2018.00020"},{"issue":"3","key":"4_CR36","doi-asserted-by":"publisher","first-page":"254","DOI":"10.1006\/ffta.1999.0243","volume":"5","author":"NP Byott","year":"1999","unstructured":"Byott, N.P., Chapman, R.J.: Power sums over finite subspaces of a field. Finite Fields Appl. 5(3), 254\u2013265 (1999)","journal-title":"Finite Fields Appl."},{"issue":"2","key":"4_CR37","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1016\/0097-3165(89)90020-4","volume":"50","author":"DG Cantor","year":"1989","unstructured":"Cantor, D.G.: On arithmetical algorithms over finite fields. J. Comb. Theor. Series A 50(2), 285\u2013300 (1989)","journal-title":"J. Comb. Theor. Series A"},{"key":"4_CR38","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1090\/S0025-5718-1965-0178586-1","volume":"19","author":"JW Cooley","year":"1965","unstructured":"Cooley, J.W., Tukey, J.W.: An algorithm for the machine calculation of complex Fourier series. Math. Comput. 19, 297\u2013301 (1965)","journal-title":"Math. Comput."},{"key":"4_CR39","doi-asserted-by":"crossref","unstructured":"Cormode, G., Mitzenmacher, M., Thaler, J.: Practical verified computation with streaming interactive proofs. In: Proceedings of the 4th Symposium on Innovations in Theoretical Computer Science, ITCS 2012, pp. 90\u2013112 (2012)","DOI":"10.1145\/2090236.2090245"},{"key":"4_CR40","doi-asserted-by":"crossref","unstructured":"Costello, C., et al.: Geppetto: versatile verifiable computation. In: Proceedings of the 36th IEEE Symposium on Security and Privacy, S&P 2015, pp. 250\u2013273 (2015)","DOI":"10.1109\/SP.2015.23"},{"key":"4_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"424","DOI":"10.1007\/BFb0055745","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201998","author":"R Cramer","year":"1998","unstructured":"Cramer, R., Damg\u00e5rd, I.: Zero-knowledge proofs for finite field arithmetic, or: can zero-knowledge be for free? In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 424\u2013441. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055745"},{"key":"4_CR42","unstructured":"eBACS: ECRYPT Benchmarking of Cryptographic Systems: Measurements of hash functions, indexed by machine (2017). https:\/\/bench.cr.yp.to\/results-hash.html"},{"issue":"2","key":"4_CR43","doi-asserted-by":"publisher","first-page":"268","DOI":"10.1145\/226643.226652","volume":"43","author":"U Feige","year":"1996","unstructured":"Feige, U., Goldwasser, S., Lov\u00e1sz, L., Safra, S., Szegedy, M.: Interactive proofs and the hardness of approximating cliques. J. ACM 43(2), 268\u2013292 (1996). Preliminary version in FOCS 1991","journal-title":"J. ACM"},{"issue":"12","key":"4_CR44","doi-asserted-by":"publisher","first-page":"6265","DOI":"10.1109\/TIT.2010.2079016","volume":"56","author":"S Gao","year":"2010","unstructured":"Gao, S., Mateer, T.: Additive fast Fourier transforms over finite fields. IEEE Trans. Inf. Theory 56(12), 6265\u20136272 (2010)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"4_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-38348-9_37","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"R Gennaro","year":"2013","unstructured":"Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626\u2013645. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_37"},{"key":"4_CR46","doi-asserted-by":"crossref","unstructured":"Gentry, C., Wichs, D.: Separating succinct non-interactive arguments from all falsifiable assumptions. In: Proceedings of the 43rd Annual ACM Symposium on Theory of Computing, STOC 2011, pp. 99\u2013108 (2011)","DOI":"10.1145\/1993636.1993651"},{"issue":"4","key":"4_CR47","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1016\/S0020-0190(98)00116-1","volume":"67","author":"O Goldreich","year":"1998","unstructured":"Goldreich, O., H\u00e5stad, J.: On the complexity of interactive proofs with bounded communication. Inf. Process. Lett. 67(4), 205\u2013214 (1998)","journal-title":"Inf. Process. Lett."},{"issue":"4","key":"4_CR48","doi-asserted-by":"publisher","first-page":"27:1","DOI":"10.1145\/2699436","volume":"62","author":"S Goldwasser","year":"2015","unstructured":"Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: Delegating computation: interactive proofs for Muggles. J. ACM 62(4), 27:1\u201327:64 (2015)","journal-title":"J. ACM"},{"issue":"1","key":"4_CR49","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1137\/0218012","volume":"18","author":"S Goldwasser","year":"1989","unstructured":"Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186\u2013208 (1989). Preliminary version appeared in STOC 1985","journal-title":"SIAM J. Comput."},{"key":"4_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-642-17373-8_19","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Groth","year":"2010","unstructured":"Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321\u2013340. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_19"},{"key":"4_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-662-49896-5_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"J Groth","year":"2016","unstructured":"Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 305\u2013326. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49896-5_11"},{"key":"4_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"581","DOI":"10.1007\/978-3-319-63715-0_20","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"J Groth","year":"2017","unstructured":"Groth, J., Maller, M.: Snarky signatures: minimal signatures of knowledge from simulation-extractable SNARKs. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 581\u2013612. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63715-0_20"},{"key":"4_CR53","unstructured":"Gueron, S.: Intel carry-less multiplication instruction and its usage for computing the GCM mode (2011). https:\/\/software.intel.com\/en-us\/articles\/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode"},{"key":"4_CR54","doi-asserted-by":"crossref","unstructured":"Ishai, Y., Kushilevitz, E., Ostrovsky, R.: Efficient arguments without short PCPs. In: Proceedings of the Twenty-Second Annual IEEE Conference on Computational Complexity, CCC 2007, pp. 278\u2013291 (2007)","DOI":"10.1109\/CCC.2007.10"},{"key":"4_CR55","unstructured":"Ishai, Y., Mahmoody, M., Sahai, A., Xiao, D.: On zero-knowledge PCPs: limitations, simplifications, and applications (2015). http:\/\/www.cs.virginia.edu\/~mohammad\/files\/papers\/ZKPCPs-Full.pdf"},{"key":"4_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"536","DOI":"10.1007\/978-3-540-70583-3_44","volume-title":"Automata, Languages and Programming","author":"YT Kalai","year":"2008","unstructured":"Kalai, Y.T., Raz, R.: Interactive PCP. In: Aceto, L., Damg\u00e5rd, I., Goldberg, L.A., Halld\u00f3rsson, M.M., Ing\u00f3lfsd\u00f3ttir, A., Walukiewicz, I. (eds.) ICALP 2008. LNCS, vol. 5126, pp. 536\u2013547. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-70583-3_44"},{"key":"4_CR57","doi-asserted-by":"crossref","unstructured":"Kilian, J.: A note on efficient zero-knowledge proofs and arguments. In: Proceedings of the 24th Annual ACM Symposium on Theory of Computing, STOC 1992, pp. 723\u2013732 (1992)","DOI":"10.1145\/129712.129782"},{"issue":"10","key":"4_CR58","doi-asserted-by":"publisher","first-page":"5343","DOI":"10.1109\/TIT.2016.2600417","volume":"62","author":"S Lin","year":"2016","unstructured":"Lin, S., Al-Naffouri, T.Y., Han, Y.S.: FFT algorithm for binary extension finite fields and its application to Reed-Solomon codes. IEEE Trans. Inf. Theory 62(10), 5343\u20135358 (2016)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"4_CR59","doi-asserted-by":"crossref","unstructured":"Lin, S., Chung, W.H., Han, Y.S.: Novel polynomial basis and its application to Reed-Solomon erasure codes. In: Proceedings of the 55th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2014, pp. 316\u2013325 (2014)","DOI":"10.1109\/FOCS.2014.41"},{"key":"4_CR60","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-42033-7_3","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"H Lipmaa","year":"2013","unstructured":"Lipmaa, H.: Succinct non-interactive zero knowledge arguments from span programs and linear error-correcting codes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 41\u201360. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-42033-7_3"},{"issue":"4","key":"4_CR61","doi-asserted-by":"publisher","first-page":"859","DOI":"10.1145\/146585.146605","volume":"39","author":"C Lund","year":"1992","unstructured":"Lund, C., Fortnow, L., Karloff, H.J., Nisan, N.: Algebraic methods for interactive proof systems. J. ACM 39(4), 859\u2013868 (1992)","journal-title":"J. ACM"},{"key":"4_CR62","doi-asserted-by":"crossref","unstructured":"Meir, O.: Combinatorial PCPs with short proofs. In: Proceedings of the 26th Annual IEEE Conference on Computational Complexity, CCC 2012 (2012)","DOI":"10.1109\/CCC.2012.14"},{"issue":"4","key":"4_CR63","doi-asserted-by":"publisher","first-page":"1253","DOI":"10.1137\/S0097539795284959","volume":"30","author":"S Micali","year":"2000","unstructured":"Micali, S.: Computationally sound proofs. SIAM J. Comput. 30(4), 1253\u20131298 (2000). Preliminary version appeared in FOCS 1994","journal-title":"SIAM J. Comput."},{"issue":"170","key":"4_CR64","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1090\/S0025-5718-1985-0777282-X","volume":"44","author":"PL Montgomery","year":"1985","unstructured":"Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519\u2013521 (1985)","journal-title":"Math. Comput."},{"key":"4_CR65","unstructured":"Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2009). http:\/\/www.bitcoin.org\/bitcoin.pdf"},{"key":"4_CR66","unstructured":"NIST: Post-quantum cryptography (2016). https:\/\/csrc.nist.gov\/Projects\/Post-Quantum-Cryptography"},{"key":"4_CR67","doi-asserted-by":"crossref","unstructured":"Parno, B., Gentry, C., Howell, J., Raykova, M.: Pinocchio: Nearly practical verifiable computation. In: 2013 Proceedings of the 34th IEEE Symposium on Security and Privacy, Oakland, pp. 238\u2013252 (2013)","DOI":"10.1109\/SP.2013.47"},{"key":"4_CR68","doi-asserted-by":"crossref","unstructured":"Polishchuk, A., Spielman, D.A.: Nearly-linear size holographic proofs. In: Proceedings of the 26th Annual ACM Symposium on Theory of Computing, STOC 1994, pp. 194\u2013203 (1994)","DOI":"10.1145\/195058.195132"},{"key":"4_CR69","doi-asserted-by":"crossref","unstructured":"Reingold, O., Rothblum, R., Rothblum, G.: Constant-round interactive proofs for delegating computation. In: Proceedings of the 48th ACM Symposium on the Theory of Computing, STOC 2016, pp. 49\u201362 (2016)","DOI":"10.1145\/2897518.2897652"},{"key":"4_CR70","unstructured":"SCIPR Lab: libsnark: a C++ library for zkSNARK proofs. https:\/\/github.com\/scipr-lab\/libsnark"},{"key":"4_CR71","doi-asserted-by":"crossref","unstructured":"Setty, S., Braun, B., Vu, V., Blumberg, A.J., Parno, B., Walfish, M.: Resolving the conflict between generality and plausibility in verified computation. In: Proceedings of the 8th EuoroSys Conference, EuroSys 2013, pp. 71\u201384 (2013)","DOI":"10.1145\/2465351.2465359"},{"issue":"4","key":"4_CR72","doi-asserted-by":"publisher","first-page":"869","DOI":"10.1145\/146585.146609","volume":"39","author":"A Shamir","year":"1992","unstructured":"Shamir, A.: IP = PSPACE. J. ACM 39(4), 869\u2013877 (1992)","journal-title":"J. ACM"},{"key":"4_CR73","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-642-40084-1_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"J Thaler","year":"2013","unstructured":"Thaler, J.: Time-optimal interactive proofs for circuit evaluation. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 71\u201389. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40084-1_5"},{"key":"4_CR74","unstructured":"Thaler, J.: A note on the GKR protocol (2015). http:\/\/people.cs.georgetown.edu\/jthaler\/GKRNote.pdf"},{"key":"4_CR75","unstructured":"Thaler, J., Roberts, M., Mitzenmacher, M., Pfister, H.: Verifiable computation with massively parallel interactive proofs. CoRR abs\/1202.1350 (2012)"},{"key":"4_CR76","doi-asserted-by":"crossref","unstructured":"Wahby, R.S., Howald, M., Garg, S.J., Shelat, A., Walfish, M.: Verifiable ASICs. In: Proceedings of the 37th IEEE Symposium on Security and Privacy, S&P \u201916, pp. 759\u2013778 (2016)","DOI":"10.1109\/SP.2016.51"},{"key":"4_CR77","doi-asserted-by":"crossref","unstructured":"Wahby, R.S., et al.: Full accounting for verifiable outsourcing. In: Proceedings of the 24th ACM Conference on Computer and Communications Security, CCS 2017 , pp. 2071\u20132086 (2017)","DOI":"10.1145\/3133956.3133984"},{"key":"4_CR78","doi-asserted-by":"crossref","unstructured":"Wahby, R.S., Setty, S., Ren, Z., Blumberg, A.J., Walfish, M.: Efficient RAM and control flow in verifiable outsourced computation. In: Proceedings of the 22nd Annual Network and Distributed System Security Symposium, NDSS 2015 (2015)","DOI":"10.14722\/ndss.2015.23097"},{"key":"4_CR79","doi-asserted-by":"crossref","unstructured":"Wahby, R.S., Tzialla, I., Shelat, A., Thaler, J., Walfish, M.: Doubly-efficient zkSNARKs without trusted setup. Cryptology ePrint Archive, Report 2017\/1132 (2017)","DOI":"10.1109\/SP.2018.00060"},{"issue":"2","key":"4_CR80","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1145\/2641562","volume":"58","author":"M Walfish","year":"2015","unstructured":"Walfish, M., Blumberg, A.J.: Verifying computations without reexecuting them. Commun. ACM 58(2), 74\u201384 (2015)","journal-title":"Commun. ACM"},{"key":"4_CR81","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1007\/11523468_12","volume-title":"Automata, Languages and Programming","author":"H Wee","year":"2005","unstructured":"Wee, H.: On round-efficient argument systems. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 140\u2013152. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11523468_12"},{"key":"4_CR82","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Genkin, D., Katz, J., Papadopoulos, D., Papamanthou, C.: vSQL: verifying arbitrary SQL queries over dynamic outsourced databases. In: Proceedings of the 38th IEEE Symposium on Security and Privacy, S&P 2017, pp. 863\u2013880 (2017)","DOI":"10.1109\/SP.2017.43"},{"key":"4_CR83","unstructured":"Zhang, Y., Genkin, D., Katz, J., Papadopoulos, D., Papamanthou, C.: A zero-knowledge version of VSQL. Cryptology ePrint Archive, Report 2017\/1146 (2017)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-17653-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,7]],"date-time":"2024-03-07T17:48:56Z","timestamp":1709833736000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-17653-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030176525","9783030176532"],"references-count":83,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-17653-2_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"18 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Darmstadt","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 May 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 May 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"IACR websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"327","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"76","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}