In this paper we propose the (keyed) permutation Arion and the hash function ArionHash over $\mathbb{F}_p$ for odd and particularly large primes. The design of Arion is based on the newly introduced Generalized Triangular Dynamical System (GTDS), which provides a new algebraic framework for constructing (keyed) permutation using polynomials over a finite field. At round level Arion is the first design which is instantiated using the new GTDS. We provide extensive security analysis of our construction including algebraic cryptanalysis (e.g. interpolation and Groebner basis attacks) that are particularly decisive in assessing the security of permutations and hash functions over $\mathbb{F}_p$. From a application perspective, ArionHash is aimed for efficient implementation in zkSNARK protocols and Zero-Knowledge proof systems. For this purpose, we exploit that CCZ-equivalence of graphs can lead to a more efficient implementation of Arithmetization-Oriented primitives. We compare the efficiency of ArionHash in R1CS and Plonk settings with other hash functions such as Poseidon, Anemoi and Griffin. For demonstrating the practical efficiency of ArionHash we implemented it with the zkSNARK libraries libsnark and Dusk Network Plonk. Our result shows that ArionHash is significantly faster than Poseidon - a hash function designed for zero-knowledge proof systems. We also found that an aggressive version of ArionHash is considerably faster than Anemoi and Griffin in a practical zkSNARK setting.
翻译:在本文中, 我们提出( 关键) 调和 Arion 和 hash 函数的 Arion Hash, 以 $\ mathbb{ F<unk> p$ 和 hash 快速化分析, 用于奇数和特别大的质谱。 Arion 的设计基于新推出的通用三边动态系统( GTDS), 它提供了一个新的代数框架, 用于在有限字段上使用多式调( 关键) 构建( 关键) 调和调和。 在圆基级 Arien Ariion 是第一个使用新的 GTDS 即时的首个设计。 我们提供广泛的安全分析, 包括对我们的构造进行代数加密分析( 例如, 内插和 Groebner 基础攻击 ), 这在评估变换安全性和多功能方面特别具有决定性意义。 从应用角度看, ArionHash 协议和 Zeroknational 校验系统, 我们利用 CCZ- ral 证明能够更高效地执行 Arichmal- hal 和 Rental lishal 的 Olishal 系统。 我们的 Ral 1 和 Rest sal 的 Rest sal 的系统, 我们在 Veal 和 Restal 和 Restal sal 的 Rest sal 演示中也以 相当的精度展示了另一个的精制了 。</s>