ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange

Yun Li; Cun Ye; Yuguang Hu; Ivring Morpheus; Yu Guo; Chao Zhang; Yupeng Zhang; Zhipeng Sun; Yiwen Lu; Haodi Wang

doi:10.1145/3460120.3484558

ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange

Yun Li
, Cun Ye
, Yuguang Hu
, Ivring Morpheus
, Yu Guo
, Chao Zhang^*
, Yupeng Zhang
, Zhipeng Sun
, Yiwen Lu
, Haodi Wang

^*Corresponding author for this work

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

30 Citations (Scopus)

Abstract

Devising a fair-exchange protocol for digital goods has been an appealing line of research in the past decades. The Zero-Knowledge Contingent Payment (ZKCP) protocol first achieves fair exchange in a trustless manner with the aid of the Bitcoin network and zero-knowledge proofs. However, it incurs setup issues and substantial proving overhead, and has difficulties handling complicated validation of large-scale data.

In this paper, we propose an improved solution ZKCPlus for practical and flexible fair exchange. ZKCPlus incorporates a new commit-and-prove non-interactive zero-knowledge (CP-NIZK) argument of knowledge under standard discrete logarithmic assumption, which is prover-efficient for data-parallel computations. With this argument we avoid the setup issues of ZKCP and reduce seller's proving overhead, more importantly enable the protocol to handle complicated data validations.

We have implemented a prototype of ZKCPlus and built several applications atop it. We rework a ZKCP's classic application of trading sudoku solutions, and ZKCPlus achieves 21-67 times improvement in seller efficiency than ZKCP, with only milliseconds of setup time and 1 MB public parameters. In particular, our CP-NIZK argument shows an order of magnitude higher proving efficiency than the zkSNARK adopted by ZKCP. We also built a realistic application of trading trained CNN models. For a 3-layer CNN containing 8,620 parameters, it takes less than 1 second to prove and verify an inference computation, and also about 1 second to deliver the parameters, which is very promising for practical use.

© 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.

Original language	English
Title of host publication	CCS '21
Subtitle of host publication	Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	3002-3021
Number of pages	20
ISBN (Print)	978-1-4503-8454-4
DOIs	https://doi.org/10.1145/3460120.3484558
Publication status	Published - Nov 2021
Externally published	Yes
Event	27th ACM Annual Conference on Computer and Communication Security (CCS 2021) - Virtual, Korea, Republic of Duration: 15 Nov 2021 → 19 Nov 2021

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Conference

Conference	27th ACM Annual Conference on Computer and Communication Security (CCS 2021)
Abbreviated title	ACM CCS 2021
Place	Korea, Republic of
Period	15/11/21 → 19/11/21

Funding

This work was supported by: donations from Nervos Foundation and HashKey, National Natural Science Foundation of China under Grant 61772308, 61972224 and U1736209, and BNRist Network and Software Security Research Program under Grant BNR2019TD01004 and BNR2019RC01009. Yupeng Zhang is supported by DARPA under Contract No. HR001120C0087. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA.

Research Keywords

commit-and-prove
fair exchange
zero-knowledge argument

Access Output

10.1145/3460120.3484558

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

Li, Y., Ye, C., Hu, Y., Morpheus, I., Guo, Y., Zhang, C., Zhang, Y., Sun, Z., Lu, Y., & Wang, H. (2021). ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange. In CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (pp. 3002-3021). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3460120.3484558

@inproceedings{6915cbc1f7f7464ab898b8c988f84302,

title = "ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange",

abstract = "Devising a fair-exchange protocol for digital goods has been an appealing line of research in the past decades. The Zero-Knowledge Contingent Payment (ZKCP) protocol first achieves fair exchange in a trustless manner with the aid of the Bitcoin network and zero-knowledge proofs. However, it incurs setup issues and substantial proving overhead, and has difficulties handling complicated validation of large-scale data. In this paper, we propose an improved solution ZKCPlus for practical and flexible fair exchange. ZKCPlus incorporates a new commit-and-prove non-interactive zero-knowledge (CP-NIZK) argument of knowledge under standard discrete logarithmic assumption, which is prover-efficient for data-parallel computations. With this argument we avoid the setup issues of ZKCP and reduce seller's proving overhead, more importantly enable the protocol to handle complicated data validations. We have implemented a prototype of ZKCPlus and built several applications atop it. We rework a ZKCP's classic application of trading sudoku solutions, and ZKCPlus achieves 21-67 times improvement in seller efficiency than ZKCP, with only milliseconds of setup time and 1 MB public parameters. In particular, our CP-NIZK argument shows an order of magnitude higher proving efficiency than the zkSNARK adopted by ZKCP. We also built a realistic application of trading trained CNN models. For a 3-layer CNN containing 8,620 parameters, it takes less than 1 second to prove and verify an inference computation, and also about 1 second to deliver the parameters, which is very promising for practical use. {\textcopyright} 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.",

keywords = "commit-and-prove, fair exchange, zero-knowledge argument",

author = "Yun Li and Cun Ye and Yuguang Hu and Ivring Morpheus and Yu Guo and Chao Zhang and Yupeng Zhang and Zhipeng Sun and Yiwen Lu and Haodi Wang",

year = "2021",

month = nov,

doi = "10.1145/3460120.3484558",

language = "English",

isbn = "978-1-4503-8454-4",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "3002--3021",

booktitle = "CCS '21",

address = "United States",

note = "27th ACM Annual Conference on Computer and Communication Security (CCS 2021), ACM CCS 2021 ; Conference date: 15-11-2021 Through 19-11-2021",

}

Li, Y, Ye, C, Hu, Y, Morpheus, I, Guo, Y, Zhang, C, Zhang, Y, Sun, Z, Lu, Y & Wang, H 2021, ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange. in CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 3002-3021, 27th ACM Annual Conference on Computer and Communication Security (CCS 2021), Korea, Republic of, 15/11/21. https://doi.org/10.1145/3460120.3484558

ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange. / Li, Yun; Ye, Cun; Hu, Yuguang et al.
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2021. p. 3002-3021 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review

TY - GEN

T1 - ZKCPlus

T2 - 27th ACM Annual Conference on Computer and Communication Security (CCS 2021)

AU - Li, Yun

AU - Ye, Cun

AU - Hu, Yuguang

AU - Morpheus, Ivring

AU - Guo, Yu

AU - Zhang, Chao

AU - Zhang, Yupeng

AU - Sun, Zhipeng

AU - Lu, Yiwen

AU - Wang, Haodi

PY - 2021/11

Y1 - 2021/11

N2 - Devising a fair-exchange protocol for digital goods has been an appealing line of research in the past decades. The Zero-Knowledge Contingent Payment (ZKCP) protocol first achieves fair exchange in a trustless manner with the aid of the Bitcoin network and zero-knowledge proofs. However, it incurs setup issues and substantial proving overhead, and has difficulties handling complicated validation of large-scale data. In this paper, we propose an improved solution ZKCPlus for practical and flexible fair exchange. ZKCPlus incorporates a new commit-and-prove non-interactive zero-knowledge (CP-NIZK) argument of knowledge under standard discrete logarithmic assumption, which is prover-efficient for data-parallel computations. With this argument we avoid the setup issues of ZKCP and reduce seller's proving overhead, more importantly enable the protocol to handle complicated data validations. We have implemented a prototype of ZKCPlus and built several applications atop it. We rework a ZKCP's classic application of trading sudoku solutions, and ZKCPlus achieves 21-67 times improvement in seller efficiency than ZKCP, with only milliseconds of setup time and 1 MB public parameters. In particular, our CP-NIZK argument shows an order of magnitude higher proving efficiency than the zkSNARK adopted by ZKCP. We also built a realistic application of trading trained CNN models. For a 3-layer CNN containing 8,620 parameters, it takes less than 1 second to prove and verify an inference computation, and also about 1 second to deliver the parameters, which is very promising for practical use. © 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.

AB - Devising a fair-exchange protocol for digital goods has been an appealing line of research in the past decades. The Zero-Knowledge Contingent Payment (ZKCP) protocol first achieves fair exchange in a trustless manner with the aid of the Bitcoin network and zero-knowledge proofs. However, it incurs setup issues and substantial proving overhead, and has difficulties handling complicated validation of large-scale data. In this paper, we propose an improved solution ZKCPlus for practical and flexible fair exchange. ZKCPlus incorporates a new commit-and-prove non-interactive zero-knowledge (CP-NIZK) argument of knowledge under standard discrete logarithmic assumption, which is prover-efficient for data-parallel computations. With this argument we avoid the setup issues of ZKCP and reduce seller's proving overhead, more importantly enable the protocol to handle complicated data validations. We have implemented a prototype of ZKCPlus and built several applications atop it. We rework a ZKCP's classic application of trading sudoku solutions, and ZKCPlus achieves 21-67 times improvement in seller efficiency than ZKCP, with only milliseconds of setup time and 1 MB public parameters. In particular, our CP-NIZK argument shows an order of magnitude higher proving efficiency than the zkSNARK adopted by ZKCP. We also built a realistic application of trading trained CNN models. For a 3-layer CNN containing 8,620 parameters, it takes less than 1 second to prove and verify an inference computation, and also about 1 second to deliver the parameters, which is very promising for practical use. © 2021 Copyright held by the owner/author(s). Publication rights licensed to ACM.

KW - commit-and-prove

KW - fair exchange

KW - zero-knowledge argument

UR - https://www.scopus.com/pages/publications/85119382931

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85119382931&origin=recordpage

U2 - 10.1145/3460120.3484558

DO - 10.1145/3460120.3484558

M3 - RGC 32 - Refereed conference paper (with host publication)

SN - 978-1-4503-8454-4

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 3002

EP - 3021

BT - CCS '21

PB - Association for Computing Machinery

Y2 - 15 November 2021 through 19 November 2021

ER -

Li Y, Ye C, Hu Y, Morpheus I, Guo Y, Zhang C et al. ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange. In CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. 2021. p. 3002-3021. (Proceedings of the ACM Conference on Computer and Communications Security). Epub 2021 Nov 13. doi: 10.1145/3460120.3484558

ZKCPlus: Optimized Fair-exchange Protocol Supporting Practical and Flexible Data Exchange

Abstract

Publication series

Conference

Funding

Research Keywords

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this