Paper 2020/364

Subversion-Resistant Quasi-Adaptive NIZK and Applications to Modular zk-SNARKs

Behzad Abdolmaleki and Daniel Slamanig


Quasi-adaptive non-interactive zero-knowledge (QA-NIZK) arguments are NIZK arguments where the common reference string (CRS) is allowed to depend on the language and they can be very efficient for specific languages. Thus, they are for instance used within the modular LegoSNARK toolbox by Campanelli et al. (ACM CCS'19) as succinct NIZKs (aka zkSNARKs) for linear subspace languages. Such modular frameworks are interesting, as they provide gadgets for a flexible design of privacy-preserving blockchain applications. Recently, there has been an increasing interest to reduce the trust required in the generator of the CRS. One important line of work in this direction is subversion zero-knowledge by Bellare et al. (ASIACRYPT'16), where the zero-knowledge property even holds when the CRS is generated maliciously. In this paper, we firstly analyze the security of the most efficient QA-NIZK constructions of Kiltz and Wee (EUROCRYPT'15) and the asymmetric QA-NIZKs by Gonzalez et al. (ASIACRYPT'15) when the CRS is subverted and propose subversion versions of them. Secondly, for the first time, we construct unbounded (strong) true-simulation extractable (tSE) variants of them. Thirdly, we show how to integrate our subversion QA-NIZKs into the LegoSNARK toolbox, which so far does not consider subversion resistance. Our results together with existing results on (SE) subversion zk-SNARKS represent an important step towards a subversion variant of the LegoSNARK toolbox.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.CANS 2021
QA-NIZKsubversion zero-knowledgemodular zk-SNARKs
Contact author(s)
behzad abdolmaleki @ csp mpg de
daniel slamanig @ ait ac at
2021-10-08: revised
2020-03-28: received
See all versions
Short URL
Creative Commons Attribution


      author = {Behzad Abdolmaleki and Daniel Slamanig},
      title = {Subversion-Resistant Quasi-Adaptive NIZK and Applications to Modular zk-SNARKs},
      howpublished = {Cryptology ePrint Archive, Paper 2020/364},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.