zkday in paris
An informal event in Paris about zero-knowledge and post-quantum.
9AM-10AM: breakfast and snacks
10AM-11AM: On the Fiat–Shamir Security of Succinct Arguments from Functional Commitments by Christian Knabenhans, EPFL
SNARGs are fundamental cryptographic primitives with wide-ranging applications. A common approach to build SNARGs is to combine probabilistic proofs with commitment schemes. We study the security of such SNARGs, closing a key security gap left open by prior work. Our analysis implies a security proof of Plonk, a commonly used SNARG in practice, based on a falsifiable assumption. Based on joint work (https://eprint.iacr.org/2025/902) with Alessandro Chiesa, Ziyi Guan, and Zihan Yu.
11AM - 12PM: Zero-Knowledge from Vector Oblivious Linear Evaluation: VOLE-in-the-Head and Mixed Arithmetic by Lennart Braun, IRIF
We start with an introduction to zero-knowledge (ZK) proof systems based on vector oblivious linear evaluation (VOLE), a recent paradigm for interactive designated-verifier ZK proofs. Here, VOLE is used to create interactive linearly homomorphic commitments which are combined with lightweight multiplication checks to create scalable, low-overhead proof systems with linear time and communication. Then, we introduce the VOLE-in-the-Head method to transform these designated-verifier proofs into public-coin protocols which can be made publicly verifiable and non-interactive via Fiat-Shamir. The resulting ZK protocols are simpler, smaller and faster than related approaches based on MPC-in-the-Head and have applications to post-quantum signatures (e.g. FAEST). Finally, we present a recent work on VOLE-based ZK for circuits that mix arithmetic and Boolean operations. In contrast to previous works using cut-and-choose methods, we combine proofs of higher-degree polynomial constraints with low-degree pseudorandom generators to generate doubly-authenticated bits with low communication. This simplifies conversions and improves the efficiency of tasks such as fixed point arithmetic, comparisons, and range proofs.
12PM-1PM lunch
1PM-2PM: Quantum Rewinding for IOP-Based Succinct Arguments by Ziyi Guan, EPFL
We analyze the post-quantum security of succinct interactive arguments constructed from interactive oracle proofs (IOPs) and vector commitment schemes. In particular, we prove that such arguments are secure in the standard model against quantum adversaries when the vector commitment scheme is collapsing.
As an application of our results, we obtain post-quantum secure succinct arguments, in the standard model (no oracles), with the best asymptotic complexity known. Based on joint work (https://eprint.iacr.org/2025/947) with Alessandro Chiesa, Marcel Dall’Agnol, Zijing Di, and Nick Spooner.
2PM - 3PM: Commit-and-open zero-knowledge protocols for QMA by Alex Beradol Grilo, LiP6
In this talk, I will discuss how to achieve simple zero-knowledge protocols for QMA (the quantum analog of NP). For that, I will begin with a detour into quantum complexity theory and introduce a new QMA-complete problem. Then, I will show how this problem can be leveraged to design zero-knowledge protocols that are conceptually simple and reminiscent of classical protocols such as graph coloring.