## In this issue

1. [2024/1661] zkFFT: Extending Halo2 with Vector Commitments & More
2. [2024/1746] Secure and Privacy-preserving CBDC Offline Payments ...
3. [2024/1747] POMS : Proxy Offloading for Multicloud Storage with ...
4. [2024/1748] A Simple Method to Test the Zeros of Riemann Zeta ...
5. [2024/1749] Revisiting the “improving the security of multi- ...
6. [2024/1750] Robust Double Auctions for Resource Allocation
7. [2024/1751] Offline-Online Indifferentiability of Cryptographic ...
8. [2024/1752] DEEP Commitments and Their Applications
9. [2024/1753] HTCNN: High-Throughput Batch CNN Inference with ...
10. [2024/1754] PQNTRU: Acceleration of NTRU-based Schemes via ...
11. [2024/1755] Exponential sums in linear cryptanalysis
12. [2024/1756] $\mathsf{Graphiti}$: Secure Graph Computation Made ...
13. [2024/1757] On the Sample Complexity of Linear Code Equivalence ...
14. [2024/1758] A comprehensive analysis of Regev's quantum algorithm
15. [2024/1759] A Forgery Attack on a Code-based Signature Scheme
16. [2024/1760] Somewhat Homomorphic Encryption from Linear ...
17. [2024/1761] Resilience-Optimal Lightweight High-threshold ...
18. [2024/1762] Homomorphic Matrix Operations under Bicyclic Encoding
19. [2024/1763] Quantum Black-Box Separations: Succinct Non- ...
20. [2024/1764] Fully Homomorphic Encryption with Efficient Public ...
21. [2024/1765] Compact and Tightly Secure (Anonymous) IBE from ...
22. [2024/1766] Critical Round in Multi-Round Proofs: Compositions ...
23. [2024/1767] ECPM Cryptanalysis Resource Estimation
24. [2024/1768] Push-Button Verification for BitVM Implementations
25. [2024/1769] A Closer Look at Falcon
26. [2024/1770] Improved Attacks for SNOVA by Exploiting Stability ...
27. [2024/1771] PRIME: Differentially Private Distributed Mean ...
28. [2024/1772] Byte-wise equal property of ARADI
29. [2024/1773] Universal Adaptor Signatures from Blackbox Multi- ...
30. [2024/1774] PANTHER: Private Approximate Nearest Neighbor ...
31. [2024/1775] zkMarket : Privacy-preserving Digital Data Trade ...
32. [2024/1776] An efficient collision attack on Castryck-Decru- ...
33. [2024/1777] Masking Gaussian Elimination at Arbitrary Order, ...
34. [2024/1778] Construction of quadratic APN functions with ...
35. [2024/1779] Ciphertext-Policy ABE from Inner-Product FE
36. [2024/1780] ABE for Circuits with ...
37. [2024/1781] New results in Share Conversion, with applications ...
38. [2024/1782] The Battery Insertion Attack: Is Periodic Pseudo- ...
39. [2024/1783] PriSrv: Privacy-Enhanced and Highly Usable Service ...
40. [2024/1784] Fine-Grained Non-Interactive Key-Exchange without ...
41. [2024/1785] A General Quantum Duality for Representations of ...
42. [2024/1786] Black-Box Timed Commitments from Time-Lock Puzzles
43. [2024/1787] An Efficient and Secure Boolean Function Evaluation ...
44. [2024/1788] Advanced Transparency System
45. [2024/1789] Stealth and Beyond: Attribute-Driven Accountability ...
46. [2024/1790] Revisiting subgroup membership testing on pairing- ...
47. [2024/1791] Discrete gaussian sampling for BKZ-reduced basis
48. [2024/1792] Towards Explainable Side-Channel Leakage: Unveiling ...
49. [2024/1793] On the Jordan-Gauss graphs and new multivariate ...
50. [2024/1794] How Much Public Randomness Do Modern Consensus ...
51. [2024/1795] How Fast Does the Inverse Walk Approximate a Random ...
52. [2024/1796] Isogeny interpolation and the computation of ...
53. [2024/1797] FLock: Robust and Privacy-Preserving Federated ...
54. [2024/1798] Quantum One-Time Protection of any Randomized Algorithm
55. [2024/1799] Consensus Under Adversary Majority Done Right

## 2024/1661

* Title: zkFFT: Extending Halo2 with Vector Commitments & More
* Authors: Aram Jivanyan, Gohar Hovhannisyan, Hayk Hovhannisyan, Nerses Asaturyan
* [Permalink](https://eprint.iacr.org/2024/1661)
* [Download](https://eprint.iacr.org/2024/1661.pdf)

### Abstract

This paper introduces zkFFT, a novel zero-knowledge argument designed to efficiently generate proofs for FFT (Fast Fourier Transform) relations. Our approach enables the verification that one committed vector is the FFT of another, addressing an efficiency need in general-purpose non-interactive zero-knowledge proof systems where the proof relation utilizes vector commitments inputs.

We present a concrete enhancement to the Halo2 proving system, demonstrating how zkFFT optimizes proofs in scenarios where the proof relation includes one or more vector commitments. Specifically, zkFFT incorporates streamlined logic within Halo2 and similar systems, augmenting proof and verification complexity by only $O(\text{log}N)$, where $N$ is the vector size. This represents a substantial improvement over conventional approach, which often necessitates specific circuit extensions to validate the integrity of vector commitments and their corresponding private values in the arithmetic framework of the proof relation. The proposed zkFFT method supports multiple vector commitments with only a logarithmic increase in extension costs, making it highly scalable. This capability is pivotal for practical applications involving multiple pre-committed values within proof statements.

Apart from Halo2, our technique can be adapted to any other zero-knowledge proof system that relies on arithmetization, where each column is treated as an evaluation of a polynomial over a specified domain, computes this polynomial via FFT, and subsequently commits to the resulting polynomial using a polynomial commitment scheme based on inner-product arguments. Along with efficient lookup and permutation arguments, zkFFT will streamline and significantly optimize the generation of zero-knowledge proofs for arbitrary relations.

Beyond the applications in augmenting zero-knowledge proof systems, we believe that the formalized zkFFT argument can be of independent interest.

## 2024/1746

* Title: Secure and Privacy-preserving CBDC Offline Payments using a Secure Element
* Authors: Elli Androulaki, Angelo De Caro, Kaoutar El Khiyaoui, Romain Gay, Rebekah Mercer, Alessandro Sorniotti
* [Permalink](https://eprint.iacr.org/2024/1746)
* [Download](https://eprint.iacr.org/2024/1746.pdf)

### Abstract

Offline payments present an opportunity for central bank digital currency to address the lack of digital financial inclusion plaguing existing digital payment solutions. However, the design of secure offline payments is a complex undertaking; for example, the lack of connectivity during the payments renders double spending attacks trivial. While the identification of double spenders and penal sanctions may curb attacks by individuals, they may not be sufficient against concerted efforts by states or well-funded institutions. It is hence important to also rely on preventive measures that reduce the scale of such attacks. An example of such a measure is secure elements. These however are limited in compute and storage, making the design of solutions that offer comparable privacy guarantees to those of physical cash challenging.
We address this with a protocol that offloads most of the payment computation to the user’s mobile device and restricts the computation on the secure element to deleting spent tokens, and generating a signature with a computation equivalent to that of ECDSA. We claim that the use of mobile devices or enhanced smart card-based devices are required for secure consumer-to-consumer payments. To further harden the protocol, we enable the efficient identification of double spenders on the off-chance an attacker successfully double spends. Finally, we prove its security in the ideal/real world paradigm, and evaluate its performance to demonstrate its practicality.

## 2024/1747

* Title: POMS : Proxy Offloading for Multicloud Storage with Keyword Search
* Authors: Adam Oumar Abdel-Rahman, Sofiane Azogagh, Zelma Aubin Birba, Arthur Tran Van
* [Permalink](https://eprint.iacr.org/2024/1747)
* [Download](https://eprint.iacr.org/2024/1747.pdf)

### Abstract

Cloud storage offers convenient data access and sharing, but security concerns remain. Existing secure cloud storage solutions often lack essential features like data integrity, multi-cloud support, user-friendly file sharing, and efficient search. This paper proposes a novel secure cloud storage system that addresses these limitations. Our system uses distributed storage and attribute-based encryption to enhance data availability, access control, and user experience. It also enables private and efficient file search and data retrievability verification. This approach overcomes the trade-offs present in prior work, offering a secure and user-friendly solution for cloud data management.

## 2024/1748

* Title: A Simple Method to Test the Zeros of Riemann Zeta Function
* Authors: Zhengjun Cao
* [Permalink](https://eprint.iacr.org/2024/1748)
* [Download](https://eprint.iacr.org/2024/1748.pdf)

### Abstract

The zeta function $\zeta(z)=\sum_{n=1}^{\infty} \frac{1}{n^z}$ is convergent only for $\text{Re}(z)>1$. The Riemann-Siegel function is $Z(t)=e^{i\vartheta(t)}\zeta(\frac{1}{2}+it)$. If $Z(t_1)$ and $Z(t_2)$ have opposite signs, $Z(t)$ vanishes between $t_1$ and $t_2$, and $\zeta(z)$ has a zero on the critical line between $\frac{1}{2}+it_1$ and $\frac{1}{2}+it_2$. This method to test zeros is too hard to practice for newcomers. The eta function $\eta(z)=\sum_{n=1}^{\infty}\frac{(-1)^{n-1}}{n^z}$ is convergent for $\text{Re}(z)>0$, and $\eta(z)=\left(1-\frac{2}{2^z}\right)\zeta(z)$ for the critical strip $0<\text{Re}(z)<1$. So, $\eta(z)$ and the analytic continuation of $\zeta(z)$ have the same zeros in the critical strip, and the alternating series can be directly used to test the zeros.