Corpus ID: 23232690

Bulletproofs : Efficient Range Proofs for Confidential Transactions

@inproceedings{Bnz2017BulletproofsE,
  title={Bulletproofs : Efficient Range Proofs for Confidential Transactions},
  author={Benedikt B{\"u}nz and Jonathan Bootle and D. Boneh and A. Poelstra and Pieter Wuille and Gregory Maxwell},
  year={2017}
}
We propose Bulletproofs, a new non-interactive zero-knowledge proof protocol with very short proofs and without a trusted setup; the proof size is only logarithmic in the witness size. Bulletproofs are especially well suited for efficient range proofs on committed values: they enable proving that a committed value is in a range using only 2 log2pnq ` 9 group and field elements, where n is the bit length of the range. Proof generation and verification times are linear in n. Bulletproofs greatly… Expand

Tables from this paper

How to Prove a Secret: Zero-Knowledge Proofs on Distributed Data via Fully Linear PCPs
TLDR
The notion of fully linear probabilistically checkable proof systems is introduced and it is observed that zero-knowledge proofs on distributed data provide a general-purpose tool for protecting MPC protocols against malicious parties. Expand
Doubly-Efficient zkSNARKs Without Trusted Setup
TLDR
The Fiat-Shamir heuristic is applied to produce a zero-knowledge succinct non-interactive argument of knowledge (zkSNARK) in the random oracle model, based on the discrete log assumption, which is called Hyrax. Expand
An Improved Non-Interactive Zero-Knowledge Range Proof for Decentralized Applications
TLDR
This paper focuses on a particular kind of ZKP, called zero knowledge range proof (ZKRP), that has been applied in blockchain-based payments for banks, and introduces a new ZKRP which has the following remarkable features. Expand
Scalable, transparent, and post-quantum secure computational integrity
TLDR
The first realization of a transparent ZK system (ZK-STARK) in which verification scales exponentially faster than database size is reported, and this exponential speedup in verification is observed concretely for meaningful and sequential computations, described next. Expand
Coloured Ring Confidential Transactions
TLDR
This work proposes a novel transaction type, which enables privacy preserving trading of independent assets on a common block-chain by extending the ring confidential transaction with an additional commitment to a colour and a publicly verifiable proof of conservation. Expand
How to Squeeze a Crowd: Reducing Bandwidth in Mixing Cryptocurrencies
  • A. Chator, Matthew Green
  • Computer Science
  • 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
  • 2018
TLDR
This work proposes a simple technique for efficiently sampling cover traffic from a finite (and public) set of known values, while deriving a compact description of the resulting transaction set, and describes the construction as a recoverable sampling scheme. Expand
ZoKrates - Scalable Privacy-Preserving Off-Chain Computations
  • Jacob Eberhardt, S. Tai
  • Computer Science
  • 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
  • 2018
TLDR
ZoKrates is introduced, a toolbox to specify, integrate and deploy off-chain computations, which hides significant complexity inherent to zero-knowledge proofs, provides a more familiar and higher level of programming abstractions to developers and enables circuit integration, hence fostering adoption. Expand
Aurora: Transparent Succinct Arguments for R1CS
TLDR
A zero knowledge succinct non-interactive argument (SNARG) for Rank-1 Constraint Satisfaction (R1CS), a widely-deployed NP language undergoing standardization, has a transparent setup, is plausibly post-quantum secure, and uses lightweight cryptography. Expand
An Efficient NIZK Scheme for Privacy-Preserving Transactions Over Account-Model Blockchain
TLDR
The NIZK scheme is perfect zero knowledge in the common reference string model, while its soundness holds in the random oracle model, and dramatically improves the time efficiency in generating a proof, at the cost of relatively longer proof size. Expand
PRCash: Centrally-Issued Digital Currency with Privacy and Regulation
TLDR
PRCash is the first digital currency to provide control of money supply, transparency, regulation, and privacy at the same time, and thus make its adoption as a fiat currency feasible. Expand
...
1
2
3
4
...

References

SHOWING 1-10 OF 50 REFERENCES
Efficient Non-interactive Proof Systems for Bilinear Groups
TLDR
The goal of this paper is to spread the use of non-interactive cryptographic proofs from mainly theoretical purposes to the large class of practical cryptographic protocols based on bilinear groups. Expand
Efficient Protocols for Set Membership and Range Proofs
TLDR
Two new approaches to buildingset-membership proofs based on bilinear group assumptions are presented, and a discrete logarithm based setting, which is an order ofmagnitude more efficient than previously known ones. Expand
An Efficient Noninteractive Zero-Knowledge Proof System for NP with General Assumptions
TLDR
It is shown how to prove that an n -gate circuit is satisfiable, with error probability 1/nO(1) , using only O(n lg n) random committed bits, which matches to within a constant factor the number of committed bits required by the most efficient known interactive proof systems. Expand
Proofs-of-delay and randomness beacons in Ethereum
Blockchains generated using a proofof-work consensus protocol, such as Bitcoin or Ethereum, are promising sources of public randomness. However, the randomness is subject to manipulation by theExpand
Recursive composition and bootstrapping for SNARKS and proof-carrying data
TLDR
This work constructs the first fully-succinct publicly-verifiable SNARK, and recursively compose the SNARK to obtain a "weak" PCD system for shallow distributed computations, and uses the PCD framework to attain stronger notions of SNARKs and PCD systems. Expand
A verifiable secret shuffle and its application to e-voting
TLDR
A mathematical construct which provides a cryptographic protocol to verifiably shuffle a sequence of k modular integers is presented, and its application to secure, universally verifiable, multi-authority election schemes is discussed and shown to be honest-verifier zeroknowledge in a special case and in general. Expand
On the Size of Pairing-Based Non-interactive Arguments
  • Jens Groth
  • Computer Science, Mathematics
  • EUROCRYPT
  • 2016
TLDR
It is shown that linear interactive proofs cannot have a linear decision procedure, and it follows that SNARGs where the prover and verifier use generic asymmetric bilinear group operations cannot consist of a single group element. Expand
Borromean Ring Signatures ∗
In 2002, Abe, Ohkubo, and Suzuki developed a new type of ring signature based on the discrete logarithm problem, which used a novel commitment structure to gain significant savings in size andExpand
From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again
TLDR
This work forms a general and relatively natural notion of an extractable collision-resistant hash function (ECRH) and shows that, if ECRHs exist, then a modified version of Di Crescenzo and Lipmaa's protocol is a succinct non-interactive argument for NP. Expand
Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation
In this paper we show that any two-party functionality can be securely computed in a constant number of rounds, where security is obtained against malicious adversaries that may arbitrarily deviateExpand
...
1
2
3
4
5
...