Paper 2023/097
Circuit-Succinct Universally-Composable NIZKs with Updatable CRS
Abstract
Non-interactive zero-knowledge proofs (NIZKs) and in particular succinct NIZK arguments of knowledge (zk-SNARKs) increasingly see real-world adoption in large and complex systems. Many zk-SNARKs require a trusted setup, i.e., a common reference string (CRS), and for practical use it is desirable to reduce the trust in the CRS generation. The latter can be achieved via the notions of subversion or updatable CRS. Another important property when deployed in large systems is the ability to securely compose them to obtain more complex protocols, e.g., via the Universal Composability (UC) framework. Relying on the UC framework allows arbitrary and secure composition of protocols in a modular way. In this work, we investigate whether zk-SNARKs can provide updatability and composability simultaneously. This is a challenging task as the UC framework rules out several natural techniques for such a construction. As our main result, we show that it is indeed possible to achieve these properties in a generic and modular way if we relax the succinctness properties of zk-SNARKs slightly to those of a circuit-succinct NIZK which is not witness-succinct, i.e., by increasing the proof size of the underlying zk-SNARK by the size of the witness $w$. We argue that for various practical applications of zk-SNARKs this overhead is acceptable. Our starting point is the Lamassu framework (ACM CCS'20), which we extend in several directions. Our new generic compiler adds only minimal overhead, which we demonstrate by benchmarking its application to the Sonic proof system (ACM CCS'19).
Note: Small edits and changing keypair notation for clarity
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Minor revision. CSF 2024
- Keywords
- non-interactive zero knowledgeUniversal Composabilityupdatable CRS
- Contact author(s)
-
behzad abdolmaleki @ sheffield ac uk
nglaeser @ umd edu
sebastian ramacher @ ait ac at
daniel slamanig @ unibw de - History
- 2024-02-16: last of 3 revisions
- 2023-01-26: received
- See all versions
- Short URL
- https://ia.cr/2023/097
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/097, author = {Behzad Abdolmaleki and Noemi Glaeser and Sebastian Ramacher and Daniel Slamanig}, title = {Circuit-Succinct Universally-Composable {NIZKs} with Updatable {CRS}}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/097}, year = {2023}, url = {https://eprint.iacr.org/2023/097} }