SpringerLink
Log in

Lookup Arguments: Improvements, Extensions and Applications to Zero-Knowledge Decision Trees

  • Conference paper
  • First Online:
Public-Key Cryptography – PKC 2024 (PKC 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14602))

Included in the following conference series:

  • 361 Accesses

Abstract

Lookup arguments allow to prove that the elements of a committed vector come from a (bigger) committed table. They enable novel approaches to reduce the prover complexity of general-purpose zkSNARKs, implementing “non-arithmetic operations" such as range checks, XOR and AND more efficiently. We extend the notion of lookup arguments along two directions and improve their efficiency: (1) we extend vector lookups to matrix lookups (where we can prove that a committed matrix is a submatrix of a committed table). (2) We consider the notion of zero-knowledge lookup argument that keeps the privacy of both the sub-vector/sub-matrix and the table. (3) We present new zero-knowledge lookup arguments, dubbed cq+, zkcq+ and cq++, more efficient than the state of the art, namely the recent work by Eagen, Fiore and Gabizon named cq. Finally, we give a novel application of zero-knowledge matrix lookup argument to the domain of zero-knowledge decision tree where the model provider releases a commitment to a decision tree and can prove zero-knowledge statistics over the committed data structure. Our scheme based on lookup arguments has succinct verification, prover’s time complexity asymptotically better than the state of the art, and is secure in a strong security model where the commitment to the decision tree can be malicious.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 119.83
Price includes VAT (Germany)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 139.09
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This is due to the fact that \(\textsf {cq} \) assumes an SRS of the same size as the table \(\boldsymbol{\textbf{t}}\), and this allows avoiding a degree check. This condition, though, is often not guaranteed (e.g., in a SNARK for constraint systems larger than such a table).

  2. 2.

    Specifically, giving up only to the privacy of the structure of the decision tree while kee** private the values of the thresholds and labels.

  3. 3.

    Recently, Setty, Thaler and Wahby [35] introduced a new lookup argument for a restricted subclass of tables. Their work is extremely efficient, and in particular more efficient than \(\textsf {cq} \), for such a restricted class of tables. On the other hand, \(\textsf {cq} \) can handle arbitrary tables. For this reason, we refer to \(\textsf {cq} \) as the state-of-art for arbitrary tables.

  4. 4.

    We believe that this does not pose any problems neither for correctness nor for soundness, as indeed, one could argue this is a feature rather than a bug.

  5. 5.

    As a bottleneck, the dependency [40] has on the hash function is one that is hard to remove. Applying a hash function optimized for SNARK constraints, e.g. the one we used to experimentally run [40]—SWIFFT—nonetheless yields high constants in practice regardless of the proof system used as a backend.

  6. 6.

    As argued in [8], we can define a vacuous CP-SNARK for opening in the AGM where the prover does nothing and the verifier checks that the commitment is a valid group element. However, Lipmaa et al. [28] recently defined AGMOS, a more realistic variant of the AGM where the algebraic adversary can obliviously sample group elements. They pointed out that KZG is only extractable after the prover has successfully opened the commitment at some point. In this case, such a vacuous CP-SNARK is not sufficient. We leave it to further work to prove the security of our protocols in AGMOS.

  7. 7.

    Alternatively, one could define one single algorithm \(\textsf{Der}\) that handles both public and private data. In this case, one needs to redefine the Universal SNARK’s framework to handle zero knowledge correctly. Our definition instead is only functional as we require that \(\textsf{Preproc}\), \(\textsf{Prove}\) form a two-step prover algorithm for a Universal SNARK.

  8. 8.

    Alternatively, we can consider the same subgroup used for the matrix commitment and thus \(|{\mathbb {H}}| = N_{\textsf{tot}}\cdot d\).

  9. 9.

    The idea is to consider the table \(\boldsymbol{\textbf{b}} = (j)_{j\in [B]}\) and prove, through a lookup argument, that that \(\boldsymbol{\mathbf {\bar{x}}} \prec \boldsymbol{\textbf{b}}\) where \(\boldsymbol{\mathbf {\bar{x}}}\) is the vectorization of \(\boldsymbol{\textbf{X}}\).

  10. 10.

    We approximate the size of field elements with that of \(\mathbb {G}_1\) elements.

  11. 11.

    In typical applications of decision trees the labels are integer values belonging to a small domains, for example, either booleans or bytes.

  12. 12.

    Here expressed as a sum instead of a fraction. Since the size of the sample is public this is equivalent.

  13. 13.

    These estimates refer to running times on an AWS EC2 c5.9xlarge. This architecture is comparable to the one used in [40].

References

  1. Ali, R.E., So, J., Avestimehr, A.S.: On polynomial approximations for privacy-preserving and verifiable RELU networks. ar**v preprint ar**v:2011.05530 (2021)

  2. Aranha, D.F., Bennedsen, E.M., Campanelli, M., Ganesh, C., Orlandi, C., Takahashi, A.: ECLIPSE: enhanced compiling method for Pedersen-committed zkSNARK engines. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) PKC 2022, Part I. LNCS, vol. 13177, pp. 584–614. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-030-97121-2_21

  3. Arun, A., Setty, S., Thaler, J.: Jolt: Snarks for virtual machines via lookups. Cryptology ePrint Archive, Paper 2023/1217 (2023). https://eprint.iacr.org/2023/1217

  4. Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 90–108. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_6

  5. Ben-Sasson, E., Chiesa, A., Riabzev, M., Spooner, N., Virza, M., Ward, N.P.: Aurora: transparent succinct arguments for R1CS. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019, Part I. LNCS, vol. 11476, pp. 103–128. Springer, Heidelberg (2019). https://doi.org/10.1007/978-3-030-17653-2_4

  6. Bootle, J., Cerulli, A., Groth, J., Jakobsen, S.K., Maller, M.: Arya: nearly linear-time zero-knowledge proofs for correct program execution. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018, Part I. LNCS, vol. 11272, pp. 595–626. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-030-03326-2_20

  7. Campanelli, M., Faonio, A., Fiore, D., Li, T., Lipmaa, H.: Lookup arguments: improvements, extensions and applications to zero-knowledge decision trees. Cryptology ePrint Archive, Paper 2023/1518 (2023). https://eprint.iacr.org/2023/1518

  8. Campanelli, M., Faonio, A., Fiore, D., Querol, A., Rodríguez, H.: Lunar: a toolbox for more efficient universal and updatable zkSNARKs and commit-and-prove extensions. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021, Part III. LNCS, vol. 13092, pp. 3–33. Springer, Heidelberg (2021). https://doi.org/10.1007/978-3-030-92078-4_1

  9. Campanelli, M., Fiore, D., Querol, A.: LegoSNARK: modular design and composition of succinct zero-knowledge proofs. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2075–2092. ACM Press (2019). https://doi.org/10.1145/3319535.3339820

  10. Chen, B., Bünz, B., Boneh, D., Zhang, Z.: HyperPlonk: Plonk with linear-time prover and high-degree custom gates. In: EUROCRYPT 2023, Part II. LNCS, vol. 14005, pp. 499–530. Springer, Heidelberg (2023). https://doi.org/10.1007/978-3-031-30617-4_17

  11. Chen, H., Zhang, H., Si, S., Li, Y., Boning, D.S., Hsieh, C.: Robustness verification of tree-based models. In: Wallach, H.M., Larochelle, H., Beygelzimer, A., d’Alché-Buc, F., Fox, E.B., Garnett, R. (eds.) NeurIPS 2019, pp. 12317–12328. Curran Associates, Inc., Red Hook (2019). https://proceedings.neurips.cc/paper/2019/hash/cd9508fdaa5c1390e9cc329001cf1459-Abstract.html

  12. Chiesa, A., Hu, Y., Maller, M., Mishra, P., Vesely, P., Ward, N.P.: Marlin: preprocessing zkSNARKs with universal and updatable SRS. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part I. LNCS, vol. 12105, pp. 738–768. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-45721-1_26

  13. Choudhuri, A.R., Garg, S., Goel, A., Sekar, S., Sinha, R.: Sublonk: sublinear prover plonk. Cryptology ePrint Archive, Paper 2023/902 (2023). https://eprint.iacr.org/2023/902

  14. Eagen, L., Fiore, D., Gabizon, A.: cq: Cached quotients for fast lookups. Cryptology ePrint Archive, Report 2022/1763 (2022). https://eprint.iacr.org/2022/1763

  15. Faust, S., Kohlweiss, M., Marson, G.A., Venturi, D.: On the non-malleability of the Fiat-Shamir transform. In: Galbraith, S.D., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 60–79. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34931-7_5

  16. Feng, B., Qin, L., Zhang, Z., Ding, Y., Chu, S.: ZEN: an optimizing compiler for verifiable, zero-knowledge neural network inferences. Cryptology ePrint Archive, Report 2021/087 (2021). https://eprint.iacr.org/2021/087

  17. Fuchsbauer, G., Kiltz, E., Loss, J.: The algebraic group model and its applications. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 33–62. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-319-96881-0_2

  18. Gabizon, A., Williamson, Z.J.: plookup: a simplified polynomial protocol for lookup tables. Cryptology ePrint Archive, Report 2020/315 (2020). https://eprint.iacr.org/2020/315

  19. Gabizon, A., Williamson, Z.J., Ciobotaru, O.: PLONK: permutations over lagrange-bases for oecumenical noninteractive arguments of knowledge. Cryptology ePrint Archive, Report 2019/953 (2019). https://eprint.iacr.org/2019/953

  20. Ganesh, C., Orlandi, C., Pancholi, M., Takahashi, A., Tschudi, D.: Fiat-Shamir bulletproofs are non-malleable (in the algebraic group model). In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part II. LNCS, vol. 13276, pp. 397–426. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-07085-3_14

  21. Groth, J.: On the size of pairing-based non-interactive arguments. In: Fischlin, M., Coron, J.S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 305–326. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_11

  22. Groth, J., Kohlweiss, M., Maller, M., Meiklejohn, S., Miers, I.: Updatable and universal common reference strings with applications to zk-SNARKs. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part III. LNCS, vol. 10993, pp. 698–728. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-319-96878-0_24

  23. Haböck, U.: Multivariate lookups based on logarithmic derivatives. Cryptology ePrint Archive, Report 2022/1530 (2022). https://eprint.iacr.org/2022/1530

  24. Kang, D., Hashimoto, T., Stoica, I., Sun, Y.: Scaling up trustless DNN inference with zero-knowledge proofs. ar**v preprint ar**v:2210.08674 (2022)

  25. Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_11

  26. Lee, S., Ko, H., Kim, J., Oh, H.: vcnn: Verifiable convolutional neural network based on zk-snarks. IEEE Trans. Depend. Secur. Comput. 1–17 (2023). https://doi.org/10.1109/TDSC.2023.3348760

  27. Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169–189. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28914-9_10

  28. Lipmaa, H., Parisella, R., Siim, J.: Algebraic group model with oblivious sampling. In: Rothblum, G., Wee, H. (eds.) TCC 2023 (4). LNCS, vol. 14372, pp. 363–392. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-48624-1_14

  29. Lipmaa, H., Siim, J., Zajac, M.: Counting vampires: from univariate sumcheck to updatable ZK-SNARK. In: Agrawal, S., Lin, D. (eds.) ASIACRYPT 2022, Part II. LNCS, vol. 13792, pp. 249–278. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-22966-4_9

  30. Liu, T., **e, X., Zhang, Y.: zkCNN: zero knowledge proofs for convolutional neural network predictions and accuracy. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 2968–2985. ACM Press (2021). https://doi.org/10.1145/3460120.3485379

  31. Maller, M., Bowe, S., Kohlweiss, M., Meiklejohn, S.: Sonic: zero-knowledge SNARKs from linear-size universal and updatable structured reference strings. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2111–2128. ACM Press (2019). https://doi.org/10.1145/3319535.3339817

  32. Posen, J., Kattis, A.A.: Caulk+: table-independent lookup arguments. Cryptology ePrint Archive, Report 2022/957 (2022). https://eprint.iacr.org/2022/957

  33. Ràfols, C., Zapico, A.: An algebraic framework for universal and updatable SNARKs. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part I. LNCS, vol. 12825, pp. 774–804. Springer, Heidelberg, Virtual Event (2021). https://doi.org/10.1007/978-3-030-84242-0_27

  34. Setty, S.: Spartan: efficient and general-purpose zkSNARKs without trusted setup. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part III. LNCS, vol. 12172, pp. 704–737. Springer, Heidelberg (2020). https://doi.org/10.1007/978-3-030-56877-1_25

  35. Setty, S., Thaler, J., Wahby, R.: Unlocking the lookup singularity with lasso. Cryptology ePrint Archive, Paper 2023/1216 (2023). https://eprint.iacr.org/2023/1216

  36. Wang, H., Hoang, T.: ezdps: an efficient and zero-knowledge machine learning inference pipeline. PoPETs 2023(2), 430–448 (2023). https://doi.org/10.56553/popets-2023-0061

  37. Weng, J., Weng, J., Tang, G., Yang, A., Li, M., Liu, J.: PVCNN: privacy-preserving and verifiable convolutional neural network testing. IEEE Trans. Inf. Forens. Secur. 18, 2218–2233 (2023). https://doi.org/10.1109/TIFS.2023.3262932

    Article  Google Scholar 

  38. Zapico, A., Buterin, V., Khovratovich, D., Maller, M., Nitulescu, A., Simkin, M.: Caulk: lookup arguments in sublinear time. In: Yin, H., Stavrou, A., Cremers, C., Shi, E. (eds.) ACM CCS 2022, pp. 3121–3134. ACM Press (2022). https://doi.org/10.1145/3548606.3560646

  39. Zapico, A., Gabizon, A., Khovratovich, D., Maller, M., Ràfols, C.: Baloo: nearly optimal lookup arguments. Cryptology ePrint Archive, Report 2022/1565 (2022). https://eprint.iacr.org/2022/1565

  40. Zhang, J., Fang, Z., Zhang, Y., Song, D.: Zero knowledge proofs for decision tree predictions and accuracy. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) ACM CCS 2020, pp. 2039–2053. ACM Press (2020). https://doi.org/10.1145/3372297.3417278

Download references

Acknowledgements

This work has received funding from the MESRI-BMBF French-German joint project named PROPOLIS (ANR-20-CYAL-0004-01), the Dutch Research Council (NWO) under Project Spark! Living Lab (439.18.453B), the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme under project PICOCRYPT (grant agreement No. 101001283), and from the Spanish Government MCIN/AEI/ 10.13039/501100011033/ under projects PRODIGY (TED2021-132464B-I00) and ESPADA (PID2022-142290OB-I00). The last two projects are co-funded by European Union FEDER and NextGenerationEU/PRTR funds.

We thank Melek Onën for her contributions during the early stages of this project.

Author information

Authors and Affiliations

  1. Protocol Labs, Aarhus, Denmark

    Matteo Campanelli

  2. EURECOM, Sophia Antipolis, France

    Antonio Faonio

  3. IMDEA Software Institute, Madrid, Spain

    Dario Fiore

  4. Delft University of Technology, Delft, Netherlands

    Tianyu Li

  5. University of Tartu, Tartu, Estonia

    Helger Lipmaa

Authors
  1. Matteo Campanelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antonio Faonio
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dario Fiore
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tianyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Helger Lipmaa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Antonio Faonio or Tianyu Li .

Editor information

Editors and Affiliations

  1. The University of Sydney, Sydney, NSW, Australia

    Qiang Tang

  2. The Australian National University, Acton, ACT, Australia

    Vanessa Teague

Rights and permissions

Reprints and permissions

Copyright information

© 2024 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Campanelli, M., Faonio, A., Fiore, D., Li, T., Lipmaa, H. (2024). Lookup Arguments: Improvements, Extensions and Applications to Zero-Knowledge Decision Trees. In: Tang, Q., Teague, V. (eds) Public-Key Cryptography – PKC 2024. PKC 2024. Lecture Notes in Computer Science, vol 14602. Springer, Cham. https://doi.org/10.1007/978-3-031-57722-2_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-57722-2_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-57721-5

  • Online ISBN: 978-3-031-57722-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation