Paper 2023/097

Circuit-Succinct Universally-Composable NIZKs with Updatable CRS

Behzad Abdolmaleki, University of Sheffield, UK
Noemi Glaeser, University of Maryland, College Park, Max Planck Institute for Security and Privacy
Sebastian Ramacher, Austrian Institute of Technology
Daniel Slamanig, Austrian Institute of Technology

Non-interactive zero-knowledge proofs (NIZKs) and in particular succinct NIZK arguments of knowledge (zk-SNARKs) increasingly see real-world adoption in large and complex systems. Many zk-SNARKs require a trusted setup, i.e., a common reference string (CRS), and for practical use it is desirable to reduce the trust in the CRS generation. The latter can be achieved via the notions of subversion or updatable CRS. Another important property when deployed in large systems is the ability to securely compose them to obtain more complex protocols, e.g., via the Universal Composability (UC) framework. Relying on the UC framework allows arbitrary and secure composition of protocols in a modular way. In this work, we investigate whether zk-SNARKs can provide updatability and composability simultaneously. This is a challenging task as the UC framework rules out several natural techniques for such a construction. As our main result, we show that it is indeed possible to achieve these properties in a generic and modular way if we relax the succinctness properties of zk-SNARKs slightly to those of a circuit-succinct NIZK which is not witness-succinct, i.e., by increasing the proof size of the underlying zk-SNARK by the size of the witness $w$. We argue that for various practical applications of zk-SNARKs this overhead is acceptable. Our starting point is the Lamassu framework (ACM CCS'20), which we extend in several directions. Our new generic compiler adds only minimal overhead, which we demonstrate by benchmarking its application to the Sonic proof system (ACM CCS'19).

Note: Minor changes; full version of CSF 2024 publication.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. CSF 2024
non-interactive zero knowledgeUniversal Composabilityupdatable CRS
Contact author(s)
abdolmaleki behzad ir @ gmail com
nglaeser @ umd edu
sebastian ramacher @ ait ac at
daniel slamanig @ ait ac at
2023-09-26: last of 2 revisions
2023-01-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Behzad Abdolmaleki and Noemi Glaeser and Sebastian Ramacher and Daniel Slamanig},
      title = {Circuit-Succinct Universally-Composable NIZKs with Updatable CRS},
      howpublished = {Cryptology ePrint Archive, Paper 2023/097},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.