## Cryptology ePrint Archive: Report 2019/696

Black-Box Language Extension of Non-Interactive Zero-Knowledge Arguments

Masayuki Abe and Miguel Ambrona and Miyako Ohkubo

Abstract: Highly efficient non-interactive zero-knowledge arguments (NIZK) are often constructed for limited languages and it is not known how to extend them to cover wider classes of languages in general. In this paper we initiate a study on black-box language extensions for conjunctive and disjunctive relations, that is, building a NIZK system for ${\cal L} \diamond \hat{{\cal L}}$ (with $\diamond \in \{\land, \lor\}$) based on NIZK systems for languages ${\cal L}$ and $\hat{{\cal L}}$. While the conjunctive extension of NIZKs is straightforward by simply executing the given NIZKs in parallel, it is not known how disjunctive extensions could be achieved in a black-box manner. Besides, observe that the simple conjunctive extension does not work in the case of simulation-sound NIZKs (SS-NIZKs), as pointed out by Sahai (Sahai, FOCS 1999). Our main contribution is an impossibility result that negates the existence of the above extensions and implies other non-trivial separations among NIZKs, SS-NIZKs, and labelled SS-NIZKs. Motivated by the difficulty of such transformations, we additionally present an efficient construction of signature schemes based on unbounded simulation-sound NIZKs (USS-NIZKs) for any language without language extensions.

Category / Keywords: public-key cryptography / NIZK, USS-NIZK, black-box construction, impossibility