Design of Symmetric-Key Primitives for Advanced Cryptographic Protocols

Abdelrahaman Aly, Tomer Ashur, Eli Ben-Sasson, Siemen Dhooghe, Alan Szepieniec

Research output: Contribution to journalArticleAcademicpeer-review

28 Citations (SciVal)
65 Downloads (Pure)


While traditional symmetric algorithms like AES and SHA3 are optimized for efficient hardware and software implementations, a range of emerging applications using advanced cryptographic protocols such as multi-party computation and zero-knowledge proofs require optimization with respect to a different metric: arithmetic complexity. In this paper we study the design of secure cryptographic algorithms optimized to minimize this metric. We begin by identifying the differences in the design space between such arithmetization-oriented ciphers and traditional ones, with particular emphasis on the available tools, efficiency metrics, and relevant cryptanalysis. This discussion highlights a crucial point --- the considerations for designing arithmetization-oriented ciphers are oftentimes different from the considerations arising in the design of software- and hardware-oriented ciphers.

The natural next step is to identify sound principles to securely navigate this new terrain, and to materialize these principles into concrete designs. To this end, we present the Marvellous design strategy which provides a generic way to easily instantiate secure and efficient algorithms for this emerging domain. We then show two examples for families following this approach. These families --- Vision and Rescue --- are benchmarked with respect to three use cases: the ZK-STARK proof system, proof systems based on Rank-One Constraint Satisfaction (R1CS), and Multi-Party Computation (MPC). These benchmarks show that our algorithms achieve a highly compact algebraic description, and thus benefit the advanced cryptographic protocols that employ them. Evidence is provided that this is the case also in real-world implementations.
Original languageEnglish
Pages (from-to)1-45
Number of pages45
JournalIACR Transactions on Symmetric Cryptology
Issue number3
Publication statusPublished - 28 Sept 2020


  • Arithmetization
  • Gröbner basis
  • MPC
  • Marvellous
  • R1CS
  • Rescue
  • Vision
  • Zero-knowledge proof


Dive into the research topics of 'Design of Symmetric-Key Primitives for Advanced Cryptographic Protocols'. Together they form a unique fingerprint.

Cite this