Cryptology ePrint Archive: Report 2019/333

Key-and-Argument-Updatable QA-NIZKs

Helger Lipmaa

Abstract: There are several new efficient approaches to decrease the trust in the CRS creators in the case of non-interactive zero knowledge (NIZK) in the CRS model. Recently, Groth et al. (CRYPTO 2018) defined the notion of NIZK with updatable CRS (updatable NIZK) and described an updatable SNARK. We consider the same problem in the case of QA-NIZKs. While doing it, we define an important new property: we require that after updating the CRS, one should be able to update a previously generated argument to a new argument that is valid with the new CRS. We propose a general definitional framework for key-and-argument-updatable QA-NIZKs. After that, we describe a key-and-argument-updatable version of the most efficient known QA-NIZK for linear subspaces by Kiltz and Wee. Importantly, for obtaining soundness it suffices to update a universal public key that just consists of a matrix drawn from a KerMDH-hard distribution and thus can be shared by any pairing-based application that relies on the same hardness assumption. After specializing the universal public key to concrete language parameter, one can use the proposed key-and-argument updating algorithms to continue updating to strengthen the soundness guarantee.

Category / Keywords: cryptographic protocols / BPK model, CRS model, QA-NIZK, subversion security, updatable CRS, updatable proof

Date: received 27 Mar 2019, last revised 31 Mar 2019

Contact author: helger lipmaa at gmail com

Available format(s): PDF | BibTeX Citation

Note: The first version of this paper was written in April 2018

Version: 20190403:015726 (All versions of this report)

Short URL: ia.cr/2019/333


[ Cryptology ePrint archive ]