{"id":"https://openalex.org/W2890168350","doi":"https://doi.org/10.1145/3243734.3243845","title":"Lattice-Based zk-SNARKs from Square Span Programs","display_name":"Lattice-Based zk-SNARKs from Square Span Programs","publication_year":2018,"publication_date":"2018-10-15","ids":{"openalex":"https://openalex.org/W2890168350","doi":"https://doi.org/10.1145/3243734.3243845","mag":"2890168350"},"language":"en","primary_location":{"id":"doi:10.1145/3243734.3243845","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3243734.3243845","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://hal.science/hal-01743360","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013831409","display_name":"Rosario Gennaro","orcid":null},"institutions":[{"id":"https://openalex.org/I125687163","display_name":"City College of New York","ror":"https://ror.org/00wmhkr98","country_code":"US","type":"education","lineage":["https://openalex.org/I125687163"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Rosario Gennaro","raw_affiliation_strings":["City College of New York, New York, NY, USA","City College of New York  New York NY USA"],"affiliations":[{"raw_affiliation_string":"City College of New York, New York, NY, USA","institution_ids":["https://openalex.org/I125687163"]},{"raw_affiliation_string":"City College of New York  New York NY USA","institution_ids":["https://openalex.org/I125687163"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070463661","display_name":"Michele Minelli","orcid":null},"institutions":[{"id":"https://openalex.org/I4210162280","display_name":"Laboratoire de G\u00e9ologie de l\u2019\u00c9cole Normale Sup\u00e9rieure","ror":"https://ror.org/05vg9cw43","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I2746051580","https://openalex.org/I29607241","https://openalex.org/I4210148025","https://openalex.org/I4210162280"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Michele Minelli","raw_affiliation_strings":["\u00c9cole Normale Sup\u00e9rieure, Paris, France",",\u00c9cole Normale Sup\u00e9rieure, Paris, France#TAB#"],"affiliations":[{"raw_affiliation_string":"\u00c9cole Normale Sup\u00e9rieure, Paris, France","institution_ids":["https://openalex.org/I4210162280"]},{"raw_affiliation_string":",\u00c9cole Normale Sup\u00e9rieure, Paris, France#TAB#","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027422809","display_name":"Anca Nitulescu","orcid":"https://orcid.org/0000-0001-9149-2036"},"institutions":[{"id":"https://openalex.org/I4210162280","display_name":"Laboratoire de G\u00e9ologie de l\u2019\u00c9cole Normale Sup\u00e9rieure","ror":"https://ror.org/05vg9cw43","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I2746051580","https://openalex.org/I29607241","https://openalex.org/I4210148025","https://openalex.org/I4210162280"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Anca Nitulescu","raw_affiliation_strings":["\u00c9cole Normale Sup\u00e9rieure, Paris, France",",\u00c9cole Normale Sup\u00e9rieure, Paris, France#TAB#"],"affiliations":[{"raw_affiliation_string":"\u00c9cole Normale Sup\u00e9rieure, Paris, France","institution_ids":["https://openalex.org/I4210162280"]},{"raw_affiliation_string":",\u00c9cole Normale Sup\u00e9rieure, Paris, France#TAB#","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089391677","display_name":"Michele Orr\u00f9","orcid":"https://orcid.org/0000-0001-6518-2712"},"institutions":[{"id":"https://openalex.org/I4210162280","display_name":"Laboratoire de G\u00e9ologie de l\u2019\u00c9cole Normale Sup\u00e9rieure","ror":"https://ror.org/05vg9cw43","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I2746051580","https://openalex.org/I29607241","https://openalex.org/I4210148025","https://openalex.org/I4210162280"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Michele Orr\u00f9","raw_affiliation_strings":["\u00c9cole Normale Sup\u00e9rieure, Paris, France",",\u00c9cole Normale Sup\u00e9rieure, Paris, France#TAB#"],"affiliations":[{"raw_affiliation_string":"\u00c9cole Normale Sup\u00e9rieure, Paris, France","institution_ids":["https://openalex.org/I4210162280"]},{"raw_affiliation_string":",\u00c9cole Normale Sup\u00e9rieure, Paris, France#TAB#","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5013831409"],"corresponding_institution_ids":["https://openalex.org/I125687163"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.09785782,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"556","last_page":"573"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9810000061988831,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.7560020685195923},{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.7175226211547852},{"id":"https://openalex.org/keywords/zero-knowledge-proof","display_name":"Zero-knowledge proof","score":0.7150677442550659},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.616212785243988},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.5153847932815552},{"id":"https://openalex.org/keywords/discrete-mathematics","display_name":"Discrete mathematics","score":0.5134371519088745},{"id":"https://openalex.org/keywords/quantum-computer","display_name":"Quantum computer","score":0.5075558423995972},{"id":"https://openalex.org/keywords/generalization","display_name":"Generalization","score":0.504679799079895},{"id":"https://openalex.org/keywords/lattice","display_name":"Lattice (music)","score":0.4958733022212982},{"id":"https://openalex.org/keywords/homomorphic-encryption","display_name":"Homomorphic encryption","score":0.45405226945877075},{"id":"https://openalex.org/keywords/square","display_name":"Square (algebra)","score":0.4539872705936432},{"id":"https://openalex.org/keywords/square-lattice","display_name":"Square lattice","score":0.43343454599380493},{"id":"https://openalex.org/keywords/secure-multi-party-computation","display_name":"Secure multi-party computation","score":0.4277363419532776},{"id":"https://openalex.org/keywords/learning-with-errors","display_name":"Learning with errors","score":0.41817474365234375},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.41748809814453125},{"id":"https://openalex.org/keywords/quantum","display_name":"Quantum","score":0.382260799407959},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.3365901708602905},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.23934918642044067},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.21659839153289795},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.13040894269943237},{"id":"https://openalex.org/keywords/ising-model","display_name":"Ising model","score":0.11865270137786865},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.10290151834487915},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.0940624475479126},{"id":"https://openalex.org/keywords/quantum-mechanics","display_name":"Quantum mechanics","score":0.09085041284561157},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.09033763408660889}],"concepts":[{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.7560020685195923},{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.7175226211547852},{"id":"https://openalex.org/C176329583","wikidata":"https://www.wikidata.org/wiki/Q191943","display_name":"Zero-knowledge proof","level":3,"score":0.7150677442550659},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.616212785243988},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.5153847932815552},{"id":"https://openalex.org/C118615104","wikidata":"https://www.wikidata.org/wiki/Q121416","display_name":"Discrete mathematics","level":1,"score":0.5134371519088745},{"id":"https://openalex.org/C58053490","wikidata":"https://www.wikidata.org/wiki/Q176555","display_name":"Quantum computer","level":3,"score":0.5075558423995972},{"id":"https://openalex.org/C177148314","wikidata":"https://www.wikidata.org/wiki/Q170084","display_name":"Generalization","level":2,"score":0.504679799079895},{"id":"https://openalex.org/C2781204021","wikidata":"https://www.wikidata.org/wiki/Q6497091","display_name":"Lattice (music)","level":2,"score":0.4958733022212982},{"id":"https://openalex.org/C158338273","wikidata":"https://www.wikidata.org/wiki/Q2154943","display_name":"Homomorphic encryption","level":3,"score":0.45405226945877075},{"id":"https://openalex.org/C135692309","wikidata":"https://www.wikidata.org/wiki/Q111124","display_name":"Square (algebra)","level":2,"score":0.4539872705936432},{"id":"https://openalex.org/C2777620828","wikidata":"https://www.wikidata.org/wiki/Q7582067","display_name":"Square lattice","level":3,"score":0.43343454599380493},{"id":"https://openalex.org/C18396474","wikidata":"https://www.wikidata.org/wiki/Q2465888","display_name":"Secure multi-party computation","level":3,"score":0.4277363419532776},{"id":"https://openalex.org/C2779014939","wikidata":"https://www.wikidata.org/wiki/Q6510239","display_name":"Learning with errors","level":3,"score":0.41817474365234375},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.41748809814453125},{"id":"https://openalex.org/C84114770","wikidata":"https://www.wikidata.org/wiki/Q46344","display_name":"Quantum","level":2,"score":0.382260799407959},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.3365901708602905},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.23934918642044067},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.21659839153289795},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.13040894269943237},{"id":"https://openalex.org/C51329190","wikidata":"https://www.wikidata.org/wiki/Q1076349","display_name":"Ising model","level":2,"score":0.11865270137786865},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.10290151834487915},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0940624475479126},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.09085041284561157},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.09033763408660889},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C24890656","wikidata":"https://www.wikidata.org/wiki/Q82811","display_name":"Acoustics","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3243734.3243845","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3243734.3243845","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-01743360v1","is_oa":true,"landing_page_url":"https://hal.science/hal-01743360","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ACM CCS 2018, Oct 2018, Toronto, Canada","raw_type":"Conference papers"},{"id":"pmh:oai:zenodo.org:2594587","is_oa":true,"landing_page_url":"https://zenodo.org/record/2594587","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/conferencePaper"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-01743360v1","is_oa":true,"landing_page_url":"https://hal.science/hal-01743360","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ACM CCS 2018, Oct 2018, Toronto, Canada","raw_type":"Conference papers"},"sustainable_development_goals":[{"score":0.6800000071525574,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G4081842544","display_name":null,"funder_award_id":"339563","funder_id":"https://openalex.org/F4320338352","funder_display_name":"FP7 Ideas: European Research Council"},{"id":"https://openalex.org/G7681671140","display_name":null,"funder_award_id":"639554","funder_id":"https://openalex.org/F4320338335","funder_display_name":"H2020 European Research Council"},{"id":"https://openalex.org/G8718877093","display_name":null,"funder_award_id":"H2020-MSCA-ITN-2014-64316","funder_id":"https://openalex.org/F4320335254","funder_display_name":"Horizon 2020"}],"funders":[{"id":"https://openalex.org/F4320335254","display_name":"Horizon 2020","ror":null},{"id":"https://openalex.org/F4320338335","display_name":"H2020 European Research Council","ror":"https://ror.org/0472cxd90"},{"id":"https://openalex.org/F4320338352","display_name":"FP7 Ideas: European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":51,"referenced_works":["https://openalex.org/W4180724","https://openalex.org/W22402230","https://openalex.org/W70060353","https://openalex.org/W103647506","https://openalex.org/W190530026","https://openalex.org/W198033559","https://openalex.org/W913176383","https://openalex.org/W945570858","https://openalex.org/W1525737403","https://openalex.org/W1538440442","https://openalex.org/W1540469777","https://openalex.org/W1577653766","https://openalex.org/W1760474993","https://openalex.org/W1836725053","https://openalex.org/W1890128745","https://openalex.org/W1953288577","https://openalex.org/W1970606468","https://openalex.org/W1992282993","https://openalex.org/W2015880590","https://openalex.org/W2018746447","https://openalex.org/W2031533839","https://openalex.org/W2043007983","https://openalex.org/W2061949491","https://openalex.org/W2067047774","https://openalex.org/W2067596507","https://openalex.org/W2070189400","https://openalex.org/W2079913403","https://openalex.org/W2106970188","https://openalex.org/W2116556172","https://openalex.org/W2120551550","https://openalex.org/W2144238522","https://openalex.org/W2151433956","https://openalex.org/W2162903136","https://openalex.org/W2166670067","https://openalex.org/W2171337840","https://openalex.org/W2293021588","https://openalex.org/W2400700555","https://openalex.org/W2529173666","https://openalex.org/W2549584611","https://openalex.org/W2551644914","https://openalex.org/W2554750353","https://openalex.org/W2593939958","https://openalex.org/W2603155476","https://openalex.org/W2725135237","https://openalex.org/W2766522683","https://openalex.org/W2794524511","https://openalex.org/W2794982701","https://openalex.org/W3028607946","https://openalex.org/W3203084829","https://openalex.org/W3203441933","https://openalex.org/W6629831822"],"related_works":["https://openalex.org/W2949097903","https://openalex.org/W2232878900","https://openalex.org/W2145801920","https://openalex.org/W2952720749","https://openalex.org/W1541197910","https://openalex.org/W1794218264","https://openalex.org/W1973137277","https://openalex.org/W2951673915","https://openalex.org/W2950609069","https://openalex.org/W2890168350"],"abstract_inverted_index":{"Zero-knowledge":[0],"SNARKs":[1,57],"(zk-SNARKs)":[2],"are":[3,43,67,93],"non-interactive":[4],"proof":[5,145],"systems":[6],"with":[7],"short":[8],"and":[9,21,51,127,138],"efficiently":[10],"verifiable":[11],"proofs.":[12],"They":[13],"elegantly":[14],"resolve":[15],"the":[16,75,84,104,112],"juxtaposition":[17],"of":[18,29,32,106,114,147,157],"individual":[19],"privacy":[20],"public":[22],"trust,":[23],"by":[24],"providing":[25],"an":[26],"efficient":[27],"way":[28],"demonstrating":[30],"knowledge":[31],"secret":[33],"information":[34],"without":[35],"actually":[36],"revealing":[37],"it.":[38],"To":[39],"this":[40,65,80],"day,":[41],"zk-SNARKs":[42],"being":[44],"used":[45],"for":[46,64],"delegating":[47],"computation,":[48],"electronic":[49],"cryptocurrencies,":[50],"anonymous":[52],"credentials.":[53],"However,":[54],"all":[55],"current":[56],"implementations":[58],"rely":[59],"on":[60,89,122,129,135,164],"pre-quantum":[61],"assumptions":[62],"and,":[63],"reason,":[66],"not":[68],"expected":[69],"to":[70,95,111],"withstand":[71],"cryptanalitic":[72],"efforts":[73],"over":[74],"next":[76],"few":[77],"decades.":[78],"In":[79],"work,":[81],"we":[82],"introduce":[83],"first":[85],"designated-verifier":[86,136],"zk-SNARK":[87],"based":[88,121],"lattice":[90],"assumptions,":[91],"which":[92,143],"believed":[94],"be":[96],"post-quantum":[97],"secure.":[98],"We":[99,133,152],"provide":[100,153],"a":[101,140,144,154,165],"generalization":[102],"in":[103,142],"spirit":[105],"Gennaro":[107],"et":[108,116],"al.":[109,117],"(Eurocrypt'13)":[110],"SNARK":[113],"Danezis":[115],"(Asiacrypt'14)":[118],"that":[119,169],"is":[120,172],"Square":[123],"Span":[124],"Programs":[125],"(SSPs)":[126],"relies":[128],"weaker":[130],"computational":[131],"assumptions.":[132],"focus":[134],"proofs":[137],"propose":[139],"protocol":[141],"consists":[146],"just":[148],"5":[149],"LWE":[150],"encodings.":[151],"concrete":[155],"choice":[156],"parameters":[158],"as":[159,161],"well":[160],"extensive":[162],"benchmarks":[163],"C":[166],"implementation,":[167],"showing":[168],"our":[170],"construction":[171],"practically":[173],"instantiable.":[174]},"counts_by_year":[],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}