Paper 2023/097

Circuit-Succinct Universally-Composable NIZKs with Updatable CRS

Behzad Abdolmaleki, University of Sheffield, UK
Noemi Glaeser, University of Maryland, College Park, Max Planck Institute for Security and Privacy
Sebastian Ramacher, Austrian Institute of Technology
Daniel Slamanig, Bundeswehr University Munich

Non-interactive zero-knowledge proofs (NIZKs) and in particular succinct NIZK arguments of knowledge (zk-SNARKs) increasingly see real-world adoption in large and complex systems. Many zk-SNARKs require a trusted setup, i.e., a common reference string (CRS), and for practical use it is desirable to reduce the trust in the CRS generation. The latter can be achieved via the notions of subversion or updatable CRS. Another important property when deployed in large systems is the ability to securely compose them to obtain more complex protocols, e.g., via the Universal Composability (UC) framework. Relying on the UC framework allows arbitrary and secure composition of protocols in a modular way. In this work, we investigate whether zk-SNARKs can provide updatability and composability simultaneously. This is a challenging task as the UC framework rules out several natural techniques for such a construction. As our main result, we show that it is indeed possible to achieve these properties in a generic and modular way if we relax the succinctness properties of zk-SNARKs slightly to those of a circuit-succinct NIZK which is not witness-succinct, i.e., by increasing the proof size of the underlying zk-SNARK by the size of the witness $w$. We argue that for various practical applications of zk-SNARKs this overhead is acceptable. Our starting point is the Lamassu framework (ACM CCS'20), which we extend in several directions. Our new generic compiler adds only minimal overhead, which we demonstrate by benchmarking its application to the Sonic proof system (ACM CCS'19).

Note: Small edits and changing keypair notation for clarity

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. CSF 2024
non-interactive zero knowledgeUniversal Composabilityupdatable CRS
Contact author(s)
behzad abdolmaleki @ sheffield ac uk
nglaeser @ umd edu
sebastian ramacher @ ait ac at
daniel slamanig @ unibw de
2024-02-16: last of 3 revisions
2023-01-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Behzad Abdolmaleki and Noemi Glaeser and Sebastian Ramacher and Daniel Slamanig},
      title = {Circuit-Succinct Universally-Composable NIZKs with Updatable CRS},
      howpublished = {Cryptology ePrint Archive, Paper 2023/097},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.