Paper 2022/586

A survey of elliptic curves for proof systems

Diego F. Aranha, Aarhus University
Youssef El Housni, ConsenSys, gnark, Paris, France, LIX, CNRS, École Polytechnique, Institut Polytechnique de Paris, French Institute for Research in Computer Science and Automation
Aurore Guillevic, Aarhus University, Inria Nancy - Grand-Est research centre
Abstract

Elliptic curves have become key ingredients for instantiating zero-knowledge proofs and more generally proof systems. Recently, there have been many tailored constructions of these curves that aim at efficiently implementing different kinds of proof systems. In this survey we provide the reader with a comprehensive overview on existing work and revisit the contributions in terms of efficiency and security. We present an overview at three stages of the process: curves to instantiate a SNARK, curves to instantiate a recursive SNARK, and also curves to express an elliptic-curve related statement. We provide new constructions of curves for SNARKs and generalize the state-of-the-art constructions for recursive SNARKs. We also exhaustively document the existing work and open-source implementations.

Note: https://hal.inria.fr/hal-03667798

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Designs, codes and Cryptography
Keywords
elliptic curves proof systems SNARKs pairings
Contact author(s)
dfaranha @ cs au dk
youssef elhousni @ consensys net
aurore guillevic @ inria fr
History
2022-10-14: revised
2022-05-17: received
See all versions
Short URL
https://ia.cr/2022/586
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/586,
      author = {Diego F.  Aranha and Youssef El Housni and Aurore Guillevic},
      title = {A survey of elliptic curves for proof systems},
      howpublished = {Cryptology ePrint Archive, Paper 2022/586},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/586}},
      url = {https://eprint.iacr.org/2022/586}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.