1. Forum
  2. Usenet
  3. SCI.CRYPT

  • [digest] 2025 Week 12 (3/3)

    From IACR ePrint Archive@21:1/5 to All on Mon Mar 24 02:28:37 2025
    [continued from previous message]

    In this paper, we introduce ZKPyTorch, a compiler that seamlessly integrates ML frameworks like PyTorch with ZKP engines like Expander, simplifying the development of ZKML. ZKPyTorch automates the translation of ML operations into optimized ZKP circuits
    through three key components. First, a ZKP preprocessor converts models into structured computational graphs and injects necessary auxiliary information to facilitate proof generation. Second, a ZKP-friendly quantization module introduces an optimized
    quantization strategy that reduces computation bit-widths, enabling efficient ZKP execution within smaller finite fields such as M61. Third, a hierarchical ZKP circuit optimizer employs a multi-level optimization framework at model, operation, and
    circuit levels to improve proof generation efficiency.

    We demonstrate ZKPyTorch effectiveness through end-to-end case studies, successfully converting VGG-16 and Llama-3 models from PyTorch, a leading ML framework, into ZKP-compatible circuits recognizable by Expander, a state-of-the-art ZKP engine. Using
    Expander, we generate zero-knowledge proofs for
    these models, achieving proof generation for the VGG-16 model in 2.2 seconds per CIFAR-10 image for VGG-16 and 150 seconds per token for Llama-3 inference, improving the practical adoption of ZKML.



    ## 2025/536

    * Title: A Fiat-Shamir Transformation From Duplex Sponges
    * Authors: Alessandro Chiesa, Michele Orrù
    * [Permalink](https://eprint.iacr.org/2025/536)
    * [Download](https://eprint.iacr.org/2025/536.pdf)

    ### Abstract

    The Fiat-Shamir transformation underlies numerous non-interactive arguments, with variants that differ in important ways. This paper addresses a gap between variants analyzed by theoreticians and variants implemented (and deployed) by practitioners.
    Specifically, theoretical analyses typically assume parties have access to random oracles with sufficiently large input and output size, while cryptographic hash functions in practice have fixed input and output sizes (pushing practitioners towards other
    variants).

    In this paper we propose and analyze a variant of the Fiat-Shamir transformation that is based on an ideal permutation of fixed size. The transformation relies on the popular duplex sponge paradigm, and minimizes the number of calls to the permutation (
    given the amount of information to absorb and to squeeze). Our variant closely models deployed variants of the Fiat-Shamir transformation, and our analysis provides concrete security bounds that can be used to set security parameters in practice.

    We additionally contribute spongefish, an open-source Rust library implementing our Fiat-Shamir transformation. The library is interoperable across multiple cryptographic frameworks, and works with any choice of permutation. The library comes equipped
    with Keccak and Poseidon permutations, as well as several "codecs" for re-mapping prover and verifier messages to the permutation's domain.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)