Post-Quantum zk-SNARK for Arithmetic Circuits using QAPs

In recent years, the zero-knowledge proof and zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) have drawn significant attention as privacy-enhancing technologies in various domains, especially the cryptocurrency industry and verifiable computations. A post-quantum designated verifier type zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) for Boolean circuits was proposed by Gennaro et al. in ACM CCS ‘18. However, this scheme does not include arithmetic circuits. Furthermore, it is difficult to use it in various applications. Their paper described the construction of a post-quantum designated verifier zk-SNARK for arithmetic circuits from quadratic arithmetic programs (QAPs) as an open problem. Recently, Nitulescu proposed a post-quantum designated verifier zk-SNARK for arithmetic circuits using square arithmetic programs (SAPs), which are the special cases of QAPs.In this paper, we give another answer to this problem and propose a post-quantum designated verifier zk-SNARK scheme for arithmetic circuits using QAPs. Our proposal, which employs QAPs, the zero-knowledge proof comprises three learning with errors (LWE) ciphertexts. We implemented our proposed scheme and the other known schemes using the libsnark library. Our experimental results show that our scheme can generate a zero-knowledge proof, which is known as the bottleneck of zk-SNARK, for an arithmetic circuit that comprises 216 gates in a processing time of only 50 s, which is approximately three times faster than that of the post-quantum zk-SNARKs by Gennaro et al. or two times faster than the one by Nitulescu.