reverie-zk
| Crates.io | reverie-zk |
| lib.rs | reverie-zk |
| version | 0.3.2 |
| source | src |
| created_at | 2020-12-03 16:22:42.135539 |
| updated_at | 2022-11-01 20:23:22.456584 |
| description | An efficient implementation of the NIZKPoK outlined in KKW 2018 |
| homepage | https://github.com/trailofbits/reverie |
| repository | https://github.com/trailofbits/reverie |
| max_upload_size | |
| id | 319327 |
| size | 213,057 |
trailofbits (github:trailofbits:trailofbits)
documentation
README
Reverie
An efficient implementation of the NIZKPoK outlined in KKW 2018
Reverie is an implementation (prover and verifier) of the MPC-in-the-head NIZKPoK outlined in Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures. Reverie seeks to offer concrete prover efficiency (linear proving time with small constants) for complex predicates. The implementation seeks to offer 128-bits of (classical) security and support arbitrary rings, most efficiently Z2 and Z64.
Reverie provides both a library (with a simplified and a streaming interface), in addition to a CLI program for proving/verifying statements specified in Bristol format to enable easy experimentation.
Running
Reverie requires a relatively recent nightly Rust.
Using SSE+AESNI
time RUSTFLAGS="-C target-cpu=native -C target-feature=+aes,+ssse3,+sse2" cargo run --release
Or even better with AVX2+AESNI
time RUSTFLAGS="-C target-cpu=native -C target-feature=+aes,+ssse3,+sse2,+avx2" cargo run --release
Improvements in 0.3+
- Pack 8 instances of 8 players over GF(2) into a single 64-bit integer (see gist for details).
- Switch to AES with AESNI
- Just-in-time preprocessing to condense proving into a single pass