zkDaily - 2026-02-24

零知识证明 zkDaily

ZKP Frontier Tracker 🎯

Tue

02.24

2026

SPRINT: New Isogeny Proofs of Knowledge and Isogeny-Based Signatures

Paper

https://eprint.iacr.org/2026/364

Thomas den Hollander Isogeny DeepFold

Hollander et al. proposed SPRINT, a polynomial IOP-based isogeny proof of knowledge system in their paper, achieving significant performance improvements with DeepFold PCS and constructing a new signature scheme based on the isogeny path problem.

Notes

SPRINT encodes radical 2-isogeny formulas into multivariate polynomials, combined with DeepFold PCS for efficient proofs.
For NIST security level I, proving and verification take only milliseconds with ~80kB proof sizes.
Achieves 1.1-8x prover speedup, 4.4-24x verifier speedup, and 1.2-2.3x smaller proofs vs. prior works.
Studies weak simulation extractability (wSE), enabling modular signature construction.
Builds new signature family based solely on the isogeny path problem using SPRINT and wSE.
Prototype performance matches optimized SQIsign NIST spec, relies on weaker assumptions with flexible framework.

Collected by @icerdesign

零知识证明 zkDaily

Q&A Deep Dive 💬

Tue

02.24

2026

Why do existing signature schemes need to migrate to isogeny-based cryptography?

Existing classical cryptography is vulnerable to quantum computer attacks. Isogeny-based cryptography, such as schemes relying on the l-isogeny path problem, provides post-quantum security. These schemes maintain a relatively small proof size and do not rely on a trusted setup, making them ideal alternatives in the post-quantum era.

What specific role do multivariate polynomials play in SPRINT's architecture?

SPRINT encodes radical 2-isogeny formulas into a system of multivariate polynomials to build an efficient Polynomial IOP. By leveraging underlying algebraic techniques similar to sum-check protocols, this representation allows the prover to efficiently convince the verifier of the correct isogeny path without revealing any details.

What is the main engineering challenge when arithmetizing radical 2-isogeny formulas into a multivariate polynomial system?

The main challenge lies in efficiently expressing highly non-linear isogeny group operations. By introducing sum-check-like protocols and carefully designed polynomial constraints, researchers can reduce the dimension of massive algebraic computations. This allows the system to ensure the zero-knowledge property of the l-isogeny path problem while maintaining minimal verification overhead.

Prompted by @icerdesign