3 unstable releases
0.3.2 | Nov 1, 2022 |
---|---|
0.2.1-rc.4 | Apr 6, 2021 |
0.2.1-rc.3 | Dec 3, 2020 |
#2363 in Cryptography
145KB
4K
SLoC
Reverie
An efficient implementation of the NIZKPoK outlined in KKW 2018
Reverie is an implementation (prover and verifier) of the MPC-in-the-head NIZKPoK outlined in Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures. Reverie seeks to offer concrete prover efficiency (linear proving time with small constants) for complex predicates. The implementation seeks to offer 128-bits of (classical) security and support arbitrary rings, most efficiently Z2 and Z64.
Reverie provides both a library (with a simplified and a streaming interface), in addition to a CLI program for proving/verifying statements specified in Bristol format to enable easy experimentation.
Running
Reverie requires a relatively recent nightly
Rust.
Using SSE+AESNI
time RUSTFLAGS="-C target-cpu=native -C target-feature=+aes,+ssse3,+sse2" cargo run --release
Or even better with AVX2+AESNI
time RUSTFLAGS="-C target-cpu=native -C target-feature=+aes,+ssse3,+sse2,+avx2" cargo run --release
Improvements in 0.3+
- Pack 8 instances of 8 players over GF(2) into a single 64-bit integer (see gist for details).
- Switch to AES with AESNI
- Just-in-time preprocessing to condense proving into a single pass
Dependencies
~21–32MB
~586K SLoC