noir-lang
PPP: Practical Privacy-Perserving ZKP Outsourcing via TEEs and 2PC #6343
Replies: 2 comments 1 reply
-
|
Hi @bunny-sleepy, thank you for submitting the proposal! Great if a contact channel(s) to the team and links to the works under EF's ZK Grants and/or Matter Labs' ZK Fellowship mentioned could be supplemented. |
Beta Was this translation helpful? Give feedback.
-
|
Hi @Savio-Sou, thank you for your message and for taking the time to review the proposal! Here is my email and telegram. Additionally, here are the links to the works Matter Labs' ZK Fellowship that were mentioned: Prooφ paper and talk at ZK Summit 11. Regarding EF's ZK Grants, we are currently working on our project Cirrus. You can find the abstract of our project in this announcement. We are in the process of wrapping up the work and plan to finish by early November. If you need any further information or additional details, feel free to let me know. I will be happy to provide whatever is necessary! |
Beta Was this translation helpful? Give feedback.
-
|
Deadline to update proposals is now extended to October 28th, 2024 if it helps buy a bit of extra time to supplement details. Good luck! |
Beta Was this translation helpful? Give feedback.
-
Summary
We propose to design and develop PPP (Practical Privacy-Perserving ZKP Outsourcing), a secure and efficient protocol for outsourcing zk-SNARK generation using Trusted Execution Environments (TEEs). PPP addresses the inefficiencies of current solutions (e.g., the use of heavy cryptographic primitives such as MPC) by leveraging TEEs to safeguard secret inputs throughout the proof generation process. PPP can be directly integrated with Noir on the server side.
First, we aim to benchmark the performance across different TEE platforms to evaluate their capacity for handling resource-intensive zk-SNARK protocols. To enhance security, PPP introduces a secure two-party computation (2PC) protocol that allows TEEs of different architectures (e.g., Intel and AMD) to work together, mitigating risks such as side-channel attacks and TEE compromises. Lastly, if time permits, PPP would incorporate memory-efficient distributed ZK-SNARK techniques, optimizing performance and ensuring that the protocol remains practical and scalable. This hybrid approach offers both privacy and efficiency in ZK-SNARK outsourcing.
Methodology
We propose PPP, a secure an efficient protocol for outsourcing zk-SNARK generation using TEEs of different architectures. It is practical and prevents the secret inputs of the user from being leaked. PPP will be designed to be robost against side-channels, and is secure even if one TEE is compromised. To make our protocol secure, we leverage secure 2PC to let two TEEs of different architectures to jointly compute the proof. In this way, the user's secret remains secure even if one TEE is completely compromised. We mitigate side-channels by having our protocol structured in a “circuit-like” manner for secret inputs, so that memory access patterns and execution flows are made consistent for all inputs. We also introduce a technique based on distributed SNARK schemes to reduce memory access outside the enclave (which causes a large overhead), making our protocol more efficient for large circuits.
Secure 2PC
Outsourcing zk-SNARK generation to a single TEE is vulnerable to compromise if the TEE is exploited. In our protocol, we incorporate 2PC schemes to share the secret and complete the zk-SNARK proof generation through garbled-circuit and oblivious-transfers. To enhance security, PPP incorporates a secure two-party computation (2PC) scheme that enables two TEEs of different architectures (e.g., Intel and AMD) to collaboratively generate the zk-SNARK proof. In our approach, the user's secret input is securely shared between the two TEEs, ensuring that no single TEE has full access to the input data.
The 2PC scheme can be built using garbled circuits and oblivious transfers, which allow the TEEs to jointly compute the zk-SNARK proof without directly sharing the secret information. Garbled circuits ensure that the computation is performed in an encrypted manner, where one TEE can evaluate the circuit without learning the specific inputs. Oblivious transfers are used to securely exchange data between the TEEs, ensuring that each party only obtains the necessary information to complete the computation without gaining access to the full input. By splitting the computation across two TEEs and leveraging 2PC techniques, our protocol remains secure even if one of the TEEs is completely compromised, providing robust protection for the user's secret data.
Reducing Thrashing in TEEs
The straightforward use of TEEs for generating zk-SNARKs faces significant performance challenges due to the high memory demands of the computation. zk-SNARK generation often involves memory-intensive cryptographic operations, such as exponentiations and polynomial evaluations, which require substantial memory resources. Intel SGX, for instance, provides limited secure memory enclaves (typically 128 MB or less), and the large size of zk-SNARK computations can quickly exhaust this capacity. Once the enclave's memory is exceeded, frequent page thrashing occurs, where memory pages are swapped between secure and untrusted memory. This could drastically increase latency, especially since zk-SNARK generation requires constant memory integrity, making memory evictions a costly overhead. Studies indicate that this page thrashing can severely degrade performance, with memory evictions increasing execution times by orders of magnitude as the memory limits of the enclave are surpassed.
To address these bottlenecks, recent research has introduced distributed zk-SNARK schemes that significantly reduce memory consumption during proof generation. We propose integrating these memory-efficient techniques into our TEE-based zk-SNARK outsourcing protocol. By combining the parallel processing strengths of distributed SNARK approaches, such as Pianist, with the secure computation environment provided by TEEs, our solution mitigates memory constraints while ensuring the protection of secret inputs. This hybrid approach allows for scalable and secure zk-SNARK outsourcing, overcoming the memory limitations of TEEs while maintaining privacy guarantees.
Assumption
Trust Assumption
Timeline and Deliverables
The preferred start date is Nov. 16, 2024.
1st Month:
Port popular zk-SNARK implementation (e.g., PLONK arithmetization and KZG polynomial commitment, Nior's default backend Barretenberg, Jellyfish PLONK, etc.) to run in a variety of TEEs (e.g., Intel TDX, Intel SGX, AMD SEV and Amazon Nitro), and evaluate the performance of outsoucing circuits of various sizes.
Deliverable: An open-source repo with server setup instructions, TEE-specific implementations (if any), and benchmarking results.
2nd Month:
Design the efficient 2-party computation (2PC) protocol for the PLONK zk-SNARK to run between two TEEs.
Deliverable: A technical report of the 2PC technique with necessary security analysis.
3rd Month:
Implement the efficient 2-party computation (2PC) protocol to enable two TEEs of different designs (e.g., Intel TDX and AMD SEV) to collaborate to generate the proof.
Deliverable: An open-source implementation of the 2PC protocol working with two TEEs, and a demo of proving Noir programs.
Extra Milestone (if time permits):
Develop and implement the performance boost scheme based on distributed SNARK.
Deliverable: A technical report of the distributed SNARK protocol and how it combines with the 2PC protocol.
Team
Wenhao Wang:
Wenhao Wang is a 2nd year PhD student at Department of Computer Science, Yale University. He is advised by Prof. Fan Zhang. His research involves topics in efficient zero-knowledge proof protocols, ZKP marketplace fee mechanism (Prooφ), and secure multi-party computation. Wenhao Wang is the recipient of ZK Fellowship from Matter Labs and Ethereum Foundation ZKGrant.
Roshan Palakkal:
Roshan is a junior undergraduate student at Yale studying math and computer science. He took time off from college to be a ZK engineer at Axiom and has been working with Flashbots on TEE applications.
Prof. Fan Zhang:
Fan Zhang is an Assistant Professor in the Department of Computer Science at Yale University. His research aims to solve real-world security problems leveraging decentralized consensus (aka blockchains), cryptography, game theory, and even trusted execution environments (TEEs).
Beta Was this translation helpful? Give feedback.
All reactions