Paper 2024/207

NIZKs with Maliciously Chosen CRS: Subversion Advice-ZK and Accountable Soundness

Prabhanjan Ananth, UC Santa Barbara
Gilad Asharov, Bar-Ilan University
Vipul Goyal, Carnegie Mellon University, NTT Research
Hadar Kaner, Bar-Ilan University
Pratik Soni, University of Utah
Brent Waters, UT Austin, NTT Research

Trusted setup is commonly used for non-interactive proof and argument systems. However, there is no guarantee that the setup parameters in these systems are generated in a trustworthy manner. Building upon previous works, we conduct a systematic study of non-interactive zero-knowledge arguments in the common reference string model where the authority running the trusted setup might be corrupted. We explore both zero-knowledge and soundness properties in this setting.  - We consider a new notion of NIZK called subversion advice-ZK NIZK that strengthens the notion of zero-knowledge with malicious authority security considered by Ananth, Asharov, Dahari and Goyal (EUROCRYPT'21), and present a construction of a subversion advice-ZK NIZK from the sub-exponential hardness of learning with errors. - We introduce a new notion that strengthens the traditional definition of soundness, called accountable soundness, and present generic compilers that lift any NIZK for interesting languages in NP to additionally achieve accountable soundness. - Finally, we combine our results for both subversion advice-ZK and accountable soundness to achieve a subversion advice-ZK NIZK that also satisfies accountable soundness. This results in the first NIZK construction that satisfies meaningful notions of both soundness and zero-knowledge even for maliciously chosen CRS.

Available format(s)
Publication info
non-interactive zero-knowledgesubversion securityaccountability
Contact author(s)
prabhanjan @ cs ucsb edu
gilad asharov @ biu ac il
vipul @ cmu edu
kanerha @ biu ac il
psoni @ cs utah edu
bwaters @ cs utexas edu
2024-02-12: approved
2024-02-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Prabhanjan Ananth and Gilad Asharov and Vipul Goyal and Hadar Kaner and Pratik Soni and Brent Waters},
      title = {NIZKs with Maliciously Chosen CRS: Subversion Advice-ZK  and Accountable Soundness},
      howpublished = {Cryptology ePrint Archive, Paper 2024/207},
      year = {2024},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.