{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T19:26:39Z","timestamp":1757618799006,"version":"3.44.0"},"publisher-location":"Cham","reference-count":51,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031972591"},{"type":"electronic","value":"9783031972607"}],"license":[{"start":{"date-parts":[[2025,7,2]],"date-time":"2025-07-02T00:00:00Z","timestamp":1751414400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,7,2]],"date-time":"2025-07-02T00:00:00Z","timestamp":1751414400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-031-97260-7_16","type":"book-chapter","created":{"date-parts":[[2025,7,14]],"date-time":"2025-07-14T05:21:04Z","timestamp":1752470464000},"page":"343-369","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Behemoth: Transparent Polynomial Commitment Scheme with\u00a0Constant Opening Proof Size and\u00a0Verifier Time"],"prefix":"10.1007","author":[{"given":"Istv\u00e1n Andr\u00e1s","family":"Seres","sequence":"first","affiliation":[]},{"given":"P\u00e9ter","family":"Burcsi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,7,2]]},"reference":[{"issue":"11","key":"16_CR1","doi-asserted-by":"publisher","first-page":"6251","DOI":"10.1109\/TIT.2016.2594197","volume":"62","author":"D Aggarwal","year":"2016","unstructured":"Aggarwal, D., Maurer, U.: Breaking RSA generically is equivalent to factoring. IEEE Trans. Inf. Theory 62(11), 6251\u20136259 (2016)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"16_CR2","doi-asserted-by":"crossref","unstructured":"Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: lightweight sublinear arguments without a trusted setup. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2087\u20132104 (2017)","DOI":"10.1145\/3133956.3134104"},{"key":"16_CR3","unstructured":"Arun, A., Ganesh, C., Lokam, S., Mopuri, T., Sridhar, S.: Dew: transparent constant-sized zksnarks. Cryptology ePrint Archive (2022)"},{"key":"16_CR4","unstructured":"van Baarsen, A.: Imaginary quadratic class groups and a survey of time-lock cryptographic applications (2023)"},{"key":"16_CR5","doi-asserted-by":"crossref","unstructured":"van Baarsen, A., Stevens, M.: On time-lock cryptographic assumptions in abelian hidden-order groups. In: Advances in Cryptology\u2013ASIACRYPT 2021: 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, 6\u201310 December 2021, Proceedings, Part II 27, pp. 367\u2013397. Springer (2021)","DOI":"10.1007\/978-3-030-92075-3_13"},{"key":"16_CR6","doi-asserted-by":"crossref","unstructured":"Bari\u0107, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 480\u2013494. Springer (1997)","DOI":"10.1007\/3-540-69053-0_33"},{"key":"16_CR7","unstructured":"Ben-Sasson, E., Bentov, I., Horesh, Y., Riabzev, M.: Fast reed-solomon interactive oracle proofs of proximity. In: 45th International Colloquium on Automata, Languages, and Programming (ICALP 2018). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2018)"},{"key":"16_CR8","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., Chiesa, A., Green, M., Tromer, E., Virza, M.: Secure sampling of public parameters for succinct zero knowledge proofs. In: 2015 IEEE Symposium on Security and Privacy, pp. 287\u2013304. IEEE (2015)","DOI":"10.1109\/SP.2015.25"},{"key":"16_CR9","doi-asserted-by":"crossref","unstructured":"Ben-Sasson, E., Chiesa, A., Spooner, N.: Interactive oracle proofs. In: Theory of Cryptography Conference, pp. 31\u201360. Springer (2016)","DOI":"10.1007\/978-3-662-53644-5_2"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Block, A.R., Holmgren, J., Rosen, A., Rothblum, R.D., Soni, P.: Time-and space-efficient arguments from groups of unknown order. In: Advances in Cryptology\u2013CRYPTO 2021: 41st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, 16\u201320 August 2021, Proceedings, Part IV 41, pp. 123\u2013152. Springer (2021)","DOI":"10.1007\/978-3-030-84259-8_5"},{"key":"16_CR11","unstructured":"Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications. In: Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, pp. 329\u2013349. ACM (2019)"},{"key":"16_CR12","doi-asserted-by":"crossref","unstructured":"Boneh, D., Bonneau, J., B\u00fcnz, B., Fisch, B.: Verifiable delay functions. In: Annual International Cryptology Conference, pp. 757\u2013788. Springer (2018)","DOI":"10.1007\/978-3-319-96884-1_25"},{"key":"16_CR13","doi-asserted-by":"crossref","unstructured":"Boneh, D., B\u00fcnz, B., Fisch, B.: Batching techniques for accumulators with applications to IOPs and stateless blockchains. In: Annual International Cryptology Conference, pp. 561\u2013586. Springer (2019)","DOI":"10.1007\/978-3-030-26948-7_20"},{"key":"16_CR14","unstructured":"Boneh, D., Drake, J., Fisch, B., Gabizon, A.: Efficient polynomial commitment schemes for multiple points and polynomials. Cryptology ePrint Archive (2020)"},{"key":"16_CR15","doi-asserted-by":"crossref","unstructured":"Boneh, D., Drake, J., Fisch, B., Gabizon, A.: Halo infinite: proof-carrying data from additive polynomial commitments. In: Annual International Cryptology Conference, pp. 649\u2013680. Springer (2021)","DOI":"10.1007\/978-3-030-84242-0_23"},{"key":"16_CR16","doi-asserted-by":"crossref","unstructured":"Bootle, J., Cerulli, A., Chaidos, P., Groth, J., Petit, C.: Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 327\u2013357. Springer (2016)","DOI":"10.1007\/978-3-662-49896-5_12"},{"key":"16_CR17","unstructured":"Bowe, S., Gabizon, A., Miers, I.: Scalable multi-party computation for ZK-snark parameters in the random beacon model. Cryptology ePrint Archive (2017)"},{"key":"16_CR18","doi-asserted-by":"crossref","unstructured":"B\u00fcnz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 315\u2013334. IEEE (2018)","DOI":"10.1109\/SP.2018.00020"},{"key":"16_CR19","doi-asserted-by":"crossref","unstructured":"B\u00fcnz, B., Fisch, B., Szepieniec, A.: Transparent snarks from dark compilers. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 677\u2013706. Springer (2020)","DOI":"10.1007\/978-3-030-45721-1_24"},{"key":"16_CR20","doi-asserted-by":"crossref","unstructured":"B\u00fcnz, B., Mopuri, T., Shirzad, A., Sridhar, S.: Dewtwo: a transparent pcs with quasi-linear prover, logarithmic verifier and 4.5 kb proofs from falsifiable assumptions. Cryptology ePrint Archive (2025)","DOI":"10.1007\/978-3-032-01887-8_18"},{"key":"16_CR21","doi-asserted-by":"crossref","unstructured":"Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Annual International Cryptology Conference, pp. 89\u2013105. Springer (1992)","DOI":"10.1007\/3-540-48071-4_7"},{"key":"16_CR22","doi-asserted-by":"crossref","unstructured":"Chiesa, A., Hu, Y., Maller, M., Mishra, P., Vesely, N., Ward, N.: Marlin: preprocessing zksnarks with universal and updatable SRS. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 738\u2013768. Springer (2020)","DOI":"10.1007\/978-3-030-45721-1_26"},{"key":"16_CR23","doi-asserted-by":"crossref","unstructured":"Chu, H., Fiore, D., Kolonelos, D., Schr\u00f6der, D.: Inner product functional commitments with constant-size public parameters and openings. Cryptology ePrint Archive (2022)","DOI":"10.1007\/978-3-031-14791-3_28"},{"key":"16_CR24","doi-asserted-by":"crossref","unstructured":"Damg\u00e5rd, I., Koprowski, M.: Generic lower bounds for root extraction and signature schemes in general groups. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 256\u2013271. Springer (2002)","DOI":"10.1007\/3-540-46035-7_17"},{"key":"16_CR25","unstructured":"Das, S., Xiang, Z., Ren, L.: Powers of tau in asynchrony. Cryptology ePrint Archive (2022)"},{"key":"16_CR26","unstructured":"Dobson, S., Galbraith, S.D., Smith, B.: Trustless unknown-order groups. Cryptology ePrint Archive (2020)"},{"key":"16_CR27","unstructured":"Erd\u0151s, P., R\u00e9nyi, A.: On a classical problem of probability theory. Magyar Tud. Akad. Mat. Kutat\u00f3 Int. K\u00f6zl 6(1), 215\u2013220 (1961)"},{"key":"16_CR28","unstructured":"Feist, D., Khovratovich, D.: Fast amortized KZG proofs. Cryptology ePrint Archive (2023)"},{"key":"16_CR29","doi-asserted-by":"crossref","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Conference on the Theory and Application of Cryptographic Techniques, pp. 186\u2013194. Springer (1986)","DOI":"10.1007\/3-540-47721-7_12"},{"issue":"4","key":"16_CR30","doi-asserted-by":"publisher","first-page":"837","DOI":"10.1090\/S0894-0347-1989-1002631-0","volume":"2","author":"JL Hafner","year":"1989","unstructured":"Hafner, J.L., McCurley, K.S.: A rigorous subexponential algorithm for computation of class groups. J. Am. Math. Soc. 2(4), 837\u2013850 (1989)","journal-title":"J. Am. Math. Soc."},{"key":"16_CR31","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1007\/s00145-012-9120-y","volume":"26","author":"T Jager","year":"2013","unstructured":"Jager, T., Schwenk, J.: On the analysis of cryptographic assumptions in the generic ring model. J. Cryptol. 26, 225\u2013245 (2013)","journal-title":"J. Cryptol."},{"key":"16_CR32","doi-asserted-by":"crossref","unstructured":"Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 177\u2013194. Springer (2010)","DOI":"10.1007\/978-3-642-17373-8_11"},{"key":"16_CR33","unstructured":"Kattis, A., Panarin, K., Vlasov, A.: Redshift: transparent snarks from list polynomial commitment IOPs. Cryptology ePrint Archive (2019)"},{"key":"16_CR34","doi-asserted-by":"crossref","unstructured":"Kohlweiss, M., Maller, M., Siim, J., Volkhov, M.: Snarky ceremonies. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 98\u2013127. Springer (2021)","DOI":"10.1007\/978-3-030-92078-4_4"},{"key":"16_CR35","unstructured":"Kuszmaul, J.: Verkle trees. Verkle trees 1 (2019)"},{"issue":"2","key":"16_CR36","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1016\/0196-6774(80)90021-8","volume":"1","author":"JC Lagarias","year":"1980","unstructured":"Lagarias, J.C.: Worst-case complexity bounds for algorithms in the theory of integral quadratic forms. J. Algorithms 1(2), 142\u2013186 (1980)","journal-title":"J. Algorithms"},{"key":"16_CR37","doi-asserted-by":"crossref","unstructured":"Lee, J.: Dory: efficient, transparent arguments for generalised inner products and polynomial commitments. In: Theory of Cryptography Conference, pp. 1\u201334. Springer (2021)","DOI":"10.1007\/978-3-030-90453-1_1"},{"key":"16_CR38","unstructured":"Mert, A.C., Ozturk, E., Savas, E.: Low-latency ASIC algorithms of modular squaring of large integers for VDF evaluation. IEEE Trans. Comput. (2020)"},{"key":"16_CR39","unstructured":"Nikolaenko, V., Ragsdale, S., Bonneau, J., Boneh, D.: Powers-of-tau to the people: decentralizing setup ceremonies. Cryptology ePrint Archive (2022)"},{"key":"16_CR40","unstructured":"Pietrzak, K.: Simple verifiable delay functions. In: 10th Innovations in Theoretical Computer Science Conference (ITCS 2019). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2018)"},{"key":"16_CR41","first-page":"A15","volume":"18","author":"P Pollack","year":"2018","unstructured":"Pollack, P., Trevi\u00f1o, E.: Finding the four squares in lagrange\u2019s theorem. Integers 18, A15 (2018)","journal-title":"Integers"},{"key":"16_CR42","unstructured":"Rivest, R.L.: Description of the LCS35 time capsule crypto-puzzle (1999)"},{"key":"16_CR43","doi-asserted-by":"crossref","unstructured":"Rotem, L., Segev, G.: Generically speeding-up repeated squaring is equivalent to factoring: sharp thresholds for all generic-ring delay functions. In: Annual International Cryptology Conference, pp. 481\u2013509. Springer (2020)","DOI":"10.1007\/978-3-030-56877-1_17"},{"key":"16_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_18"},{"key":"16_CR45","unstructured":"Sutherland, A.V.: Order computations in generic groups. Ph.D. thesis, Massachusetts Institute of Technology (2007)"},{"key":"16_CR46","unstructured":"Thakur, S.: Batching non-membership proofs with bilinear accumulators. Cryptology ePrint Archive (2019)"},{"key":"16_CR47","unstructured":"Thakur, S.: Arguments of knowledge via hidden order groups. Cryptology ePrint Archive (2020)"},{"key":"16_CR48","unstructured":"Thakur, S.: Constructing hidden order groups using genus three jacobians. Cryptology ePrint Archive (2020)"},{"key":"16_CR49","doi-asserted-by":"crossref","unstructured":"Wahby, R.S., Tzialla, I., Shelat, A., Thaler, J., Walfish, M.: Doubly-efficient zksnarks without trusted setup. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 926\u2013943. IEEE (2018)","DOI":"10.1109\/SP.2018.00060"},{"key":"16_CR50","doi-asserted-by":"crossref","unstructured":"Wesolowski, B.: Efficient verifiable delay functions. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 379\u2013407. Springer (2019)","DOI":"10.1007\/978-3-030-17659-4_13"},{"issue":"2014","key":"16_CR51","first-page":"1","volume":"151","author":"G Wood","year":"2014","unstructured":"Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014), 1\u201332 (2014)","journal-title":"Ethereum Project Yellow Paper"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology - AFRICACRYPT 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-97260-7_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,7]],"date-time":"2025-09-07T08:34:01Z","timestamp":1757234041000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-97260-7_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,7,2]]},"ISBN":["9783031972591","9783031972607"],"references-count":51,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-97260-7_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025,7,2]]},"assertion":[{"value":"2 July 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"AFRICACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology in Africa","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rabat","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Morocco","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 July 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 July 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"africacrypt2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/africacrypt2025.sciencesconf.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}