Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits
Circuit-based zero-knowledge proofs have arose as a solution to the implementation of privacy in blockchain applications, and to current scalability problems that blockchains suffer from. The most efficient circuit-based zero-knowledge proofs use a pairing-friendly elliptic curve to generate and val...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2021-11-01
|
| Series: | Mathematics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2227-7390/9/23/3022 |
| _version_ | 1797507427606724608 |
|---|---|
| author | Marta Bellés-Muñoz Barry Whitehat Jordi Baylina Vanesa Daza Jose Luis Muñoz-Tapia |
| author_facet | Marta Bellés-Muñoz Barry Whitehat Jordi Baylina Vanesa Daza Jose Luis Muñoz-Tapia |
| author_sort | Marta Bellés-Muñoz |
| collection | DOAJ |
| description | Circuit-based zero-knowledge proofs have arose as a solution to the implementation of privacy in blockchain applications, and to current scalability problems that blockchains suffer from. The most efficient circuit-based zero-knowledge proofs use a pairing-friendly elliptic curve to generate and validate proofs. In particular, the circuits are built connecting wires that carry elements from a large prime field, whose order is determined by the number of elements of the pairing-friendly elliptic curve. In this context, it is important to generate an inner curve using this field, because it allows to create circuits that can verify public-key cryptography primitives, such as digital signatures and encryption schemes. To this purpose, in this article, we present a deterministic algorithm for generating twisted Edwards elliptic curves defined over a given prime field. We also provide an algorithm for checking the resilience of this type of curve against most common security attacks. Additionally, we use our algorithms to generate Baby Jubjub, a curve that can be used to implement elliptic-curve cryptography in circuits that can be validated in the Ethereum blockchain. |
| first_indexed | 2024-03-10T04:48:20Z |
| format | Article |
| id | doaj.art-6367eb51d2164710bb0b8feb08e71c1b |
| institution | Directory Open Access Journal |
| issn | 2227-7390 |
| language | English |
| last_indexed | 2024-03-10T04:48:20Z |
| publishDate | 2021-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Mathematics |
| spelling | doaj.art-6367eb51d2164710bb0b8feb08e71c1b2023-11-23T02:44:55ZengMDPI AGMathematics2227-73902021-11-01923302210.3390/math9233022Twisted Edwards Elliptic Curves for Zero-Knowledge CircuitsMarta Bellés-Muñoz0Barry Whitehat1Jordi Baylina2Vanesa Daza3Jose Luis Muñoz-Tapia4Department of Information and Communications Technology, Pompeu Fabra University, Tànger Building, 08018 Barcelona, SpainIndependent Researcher, 6300 Zug, Switzerland0KIMS, Eschenring 11, 6300 Zug, SwitzerlandDepartment of Information and Communications Technology, Pompeu Fabra University, Tànger Building, 08018 Barcelona, SpainDepartment of Network Engineering, Campus Nord, Polytechnic University of Catalonia, 08034 Barcelona, SpainCircuit-based zero-knowledge proofs have arose as a solution to the implementation of privacy in blockchain applications, and to current scalability problems that blockchains suffer from. The most efficient circuit-based zero-knowledge proofs use a pairing-friendly elliptic curve to generate and validate proofs. In particular, the circuits are built connecting wires that carry elements from a large prime field, whose order is determined by the number of elements of the pairing-friendly elliptic curve. In this context, it is important to generate an inner curve using this field, because it allows to create circuits that can verify public-key cryptography primitives, such as digital signatures and encryption schemes. To this purpose, in this article, we present a deterministic algorithm for generating twisted Edwards elliptic curves defined over a given prime field. We also provide an algorithm for checking the resilience of this type of curve against most common security attacks. Additionally, we use our algorithms to generate Baby Jubjub, a curve that can be used to implement elliptic-curve cryptography in circuits that can be validated in the Ethereum blockchain.https://www.mdpi.com/2227-7390/9/23/3022zero-knowledge proofelliptic curveblockchainprivacy |
| spellingShingle | Marta Bellés-Muñoz Barry Whitehat Jordi Baylina Vanesa Daza Jose Luis Muñoz-Tapia Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits Mathematics zero-knowledge proof elliptic curve blockchain privacy |
| title | Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits |
| title_full | Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits |
| title_fullStr | Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits |
| title_full_unstemmed | Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits |
| title_short | Twisted Edwards Elliptic Curves for Zero-Knowledge Circuits |
| title_sort | twisted edwards elliptic curves for zero knowledge circuits |
| topic | zero-knowledge proof elliptic curve blockchain privacy |
| url | https://www.mdpi.com/2227-7390/9/23/3022 |
| work_keys_str_mv | AT martabellesmunoz twistededwardsellipticcurvesforzeroknowledgecircuits AT barrywhitehat twistededwardsellipticcurvesforzeroknowledgecircuits AT jordibaylina twistededwardsellipticcurvesforzeroknowledgecircuits AT vanesadaza twistededwardsellipticcurvesforzeroknowledgecircuits AT joseluismunoztapia twistededwardsellipticcurvesforzeroknowledgecircuits |