Malleable SNARKs and Their Applications

Suvradip  Chakraborty; Dennis Hofheinz; Roman Langrehr; Jesper Buus  Nielsen; Christoph Striecks; Daniele Venturi

doi:10.1007/978-3-031-91134-7_7

Malleable SNARKs and Their Applications

Suvradip Chakraborty
, Dennis Hofheinz
, Roman Langrehr (Autor:in und Vortragende:r)
, Jesper Buus Nielsen
, Christoph Striecks
, Daniele Venturi

Publikation: Beitrag in Buch oder Tagungsband › Vortrag mit Beitrag in Tagungsband › Begutachtung

Abstract

Succinct non-interactive arguments of knowledge (SNARKs) are variants of non-interactive zero-knowledge proofs (NIZKs) in which complex statements can be proven in a compact way. SNARKs have had tremendous impact in several areas of cryptography, including verifiable computing, blockchains, and anonymous communication. A recurring concept in many applications is the concept of recursive SNARKs, in which a proof references a previous proof to show an evolved statement.

In this work, we investigate malleable SNARKs, a generalization of this concept of recursion. An adaptation of the existing concept of malleable NIZKs, malleable SNARKs allow to modify SNARK proofs to show related statements, but such that such mauled proofs are indistinguishable from “properly generated” fresh proofs of the related statement. We show how to instantiate malleable SNARKs for universal languages and relations, and give a number of applications: the first post-quantum RCCA-secure rerandomizable and updatable encryption schemes, a generic construction of reverse firewalls, and an unlinkable (i.e., computation-hiding) targeted malleable homomorphic encryption scheme.

Technically, our malleable SNARK construction relies on recursive proofs, but with a twist: in order to support the strong indistinguishability properties of mauled and fresh SNARK proofs, we need to allow an unbounded recursion depth. To still allow for a reasonable notion of extractability in this setting (and in particular to guarantee that extraction eventually finishes with a “proper” witness that does not refer to a previous SNARK proof), we rely on a new and generic computational primitive called adversarial one-way function (AOWF) that may be of independent interest. We give an AOWF candidate and prove it secure in the random oracle model.

Originalsprache	Englisch
Titel	Advances in Cryptology – EUROCRYPT 2025
Untertitel	44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Madrid, Spain, May 4–8, 2025, Proceedings, Part IV
Redakteure/-innen	Serge Fehr, Pierre-Alain Fouque
Seiten	184–213
Seitenumfang	29
Band	15604
Auflage	1
ISBN (elektronisch)	978-3-031-91134-7
DOIs	https://doi.org/10.1007/978-3-031-91134-7_7
Publikationsstatus	Veröffentlicht - 27 Apr. 2025
Veranstaltung	44th Annual International Conference on the Theory and Applications of Cryptographic Techniques - EUROCRYPT 2025 Affiliated Events - Madrid, Spanien Dauer: 4 Mai 2025 → 8 Mai 2025 https://eurocrypt.iacr.org/2025/

Publikationsreihe

Name	Lecture Notes in Computer Science
Herausgeber (Verlag)	Springer
Band	15604
ISSN (Print)	0302-9743
ISSN (elektronisch)	1611-3349

Konferenz

Konferenz	44th Annual International Conference on the Theory and Applications of Cryptographic Techniques - EUROCRYPT 2025 Affiliated Events
Land/Gebiet	Spanien
Stadt	Madrid
Zeitraum	4/05/25 → 8/05/25
Internetadresse	https://eurocrypt.iacr.org/2025/

Research Field

Cyber Security

Zugriff auf Dokument

10.1007/978-3-031-91134-7_7

Diese Publikation zitieren

Chakraborty, S., Hofheinz, D., Langrehr, R., Nielsen , J. B., Striecks, C., & Venturi , D. (2025). Malleable SNARKs and Their Applications. in S. Fehr, & P.-A. Fouque (Hrsg.), Advances in Cryptology – EUROCRYPT 2025: 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Madrid, Spain, May 4–8, 2025, Proceedings, Part IV (1 Aufl., Band 15604, S. 184–213). (Lecture Notes in Computer Science; Band 15604). https://doi.org/10.1007/978-3-031-91134-7_7

Chakraborty, Suvradip ; Hofheinz, Dennis ; Langrehr, Roman et al. / Malleable SNARKs and Their Applications. Advances in Cryptology – EUROCRYPT 2025: 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Madrid, Spain, May 4–8, 2025, Proceedings, Part IV. Hrsg. / Serge Fehr ; Pierre-Alain Fouque. Band 15604 1. Aufl. 2025. S. 184–213 (Lecture Notes in Computer Science).

@inproceedings{448d856148fd4f9ba4438510b6d9bc89,

title = "Malleable SNARKs and Their Applications",

abstract = "Succinct non-interactive arguments of knowledge (SNARKs) are variants of non-interactive zero-knowledge proofs (NIZKs) in which complex statements can be proven in a compact way. SNARKs have had tremendous impact in several areas of cryptography, including verifiable computing, blockchains, and anonymous communication. A recurring concept in many applications is the concept of recursive SNARKs, in which a proof references a previous proof to show an evolved statement. In this work, we investigate malleable SNARKs, a generalization of this concept of recursion. An adaptation of the existing concept of malleable NIZKs, malleable SNARKs allow to modify SNARK proofs to show related statements, but such that such mauled proofs are indistinguishable from “properly generated” fresh proofs of the related statement. We show how to instantiate malleable SNARKs for universal languages and relations, and give a number of applications: the first post-quantum RCCA-secure rerandomizable and updatable encryption schemes, a generic construction of reverse firewalls, and an unlinkable (i.e., computation-hiding) targeted malleable homomorphic encryption scheme. Technically, our malleable SNARK construction relies on recursive proofs, but with a twist: in order to support the strong indistinguishability properties of mauled and fresh SNARK proofs, we need to allow an unbounded recursion depth. To still allow for a reasonable notion of extractability in this setting (and in particular to guarantee that extraction eventually finishes with a “proper” witness that does not refer to a previous SNARK proof), we rely on a new and generic computational primitive called adversarial one-way function (AOWF) that may be of independent interest. We give an AOWF candidate and prove it secure in the random oracle model.",

author = "Suvradip Chakraborty and Dennis Hofheinz and Roman Langrehr and Nielsen, \{Jesper Buus\} and Christoph Striecks and Daniele Venturi",

year = "2025",

month = apr,

day = "27",

doi = "10.1007/978-3-031-91134-7\_7",

language = "English",

isbn = "978-3-031-91133-0",

volume = "15604",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "184–213",

editor = "Fehr, \{Serge \} and Pierre-Alain Fouque",

booktitle = "Advances in Cryptology – EUROCRYPT 2025",

edition = "1",

note = "44th Annual International Conference on the Theory and Applications of Cryptographic Techniques - EUROCRYPT 2025 Affiliated Events ; Conference date: 04-05-2025 Through 08-05-2025",

url = "https://eurocrypt.iacr.org/2025/",

}

Chakraborty, S, Hofheinz, D, Langrehr, R, Nielsen , JB, Striecks, C & Venturi , D 2025, Malleable SNARKs and Their Applications. in S Fehr & P-A Fouque (Hrsg.), Advances in Cryptology – EUROCRYPT 2025: 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Madrid, Spain, May 4–8, 2025, Proceedings, Part IV. 1 Aufl., Bd. 15604, Lecture Notes in Computer Science, Bd. 15604, S. 184–213, 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques - EUROCRYPT 2025 Affiliated Events, Madrid, Spanien, 4/05/25. https://doi.org/10.1007/978-3-031-91134-7_7

Malleable SNARKs and Their Applications. / Chakraborty, Suvradip ; Hofheinz, Dennis; Langrehr, Roman (Autor:in und Vortragende:r) et al.
Advances in Cryptology – EUROCRYPT 2025: 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Madrid, Spain, May 4–8, 2025, Proceedings, Part IV. Hrsg. / Serge Fehr; Pierre-Alain Fouque. Band 15604 1. Aufl. 2025. S. 184–213 (Lecture Notes in Computer Science; Band 15604).

Publikation: Beitrag in Buch oder Tagungsband › Vortrag mit Beitrag in Tagungsband › Begutachtung

TY - GEN

T1 - Malleable SNARKs and Their Applications

AU - Chakraborty, Suvradip

AU - Hofheinz, Dennis

AU - Nielsen , Jesper Buus

AU - Striecks, Christoph

AU - Venturi , Daniele

A2 - Langrehr, Roman

A2 - Fehr, Serge

A2 - Fouque, Pierre-Alain

PY - 2025/4/27

Y1 - 2025/4/27

N2 - Succinct non-interactive arguments of knowledge (SNARKs) are variants of non-interactive zero-knowledge proofs (NIZKs) in which complex statements can be proven in a compact way. SNARKs have had tremendous impact in several areas of cryptography, including verifiable computing, blockchains, and anonymous communication. A recurring concept in many applications is the concept of recursive SNARKs, in which a proof references a previous proof to show an evolved statement. In this work, we investigate malleable SNARKs, a generalization of this concept of recursion. An adaptation of the existing concept of malleable NIZKs, malleable SNARKs allow to modify SNARK proofs to show related statements, but such that such mauled proofs are indistinguishable from “properly generated” fresh proofs of the related statement. We show how to instantiate malleable SNARKs for universal languages and relations, and give a number of applications: the first post-quantum RCCA-secure rerandomizable and updatable encryption schemes, a generic construction of reverse firewalls, and an unlinkable (i.e., computation-hiding) targeted malleable homomorphic encryption scheme. Technically, our malleable SNARK construction relies on recursive proofs, but with a twist: in order to support the strong indistinguishability properties of mauled and fresh SNARK proofs, we need to allow an unbounded recursion depth. To still allow for a reasonable notion of extractability in this setting (and in particular to guarantee that extraction eventually finishes with a “proper” witness that does not refer to a previous SNARK proof), we rely on a new and generic computational primitive called adversarial one-way function (AOWF) that may be of independent interest. We give an AOWF candidate and prove it secure in the random oracle model.

AB - Succinct non-interactive arguments of knowledge (SNARKs) are variants of non-interactive zero-knowledge proofs (NIZKs) in which complex statements can be proven in a compact way. SNARKs have had tremendous impact in several areas of cryptography, including verifiable computing, blockchains, and anonymous communication. A recurring concept in many applications is the concept of recursive SNARKs, in which a proof references a previous proof to show an evolved statement. In this work, we investigate malleable SNARKs, a generalization of this concept of recursion. An adaptation of the existing concept of malleable NIZKs, malleable SNARKs allow to modify SNARK proofs to show related statements, but such that such mauled proofs are indistinguishable from “properly generated” fresh proofs of the related statement. We show how to instantiate malleable SNARKs for universal languages and relations, and give a number of applications: the first post-quantum RCCA-secure rerandomizable and updatable encryption schemes, a generic construction of reverse firewalls, and an unlinkable (i.e., computation-hiding) targeted malleable homomorphic encryption scheme. Technically, our malleable SNARK construction relies on recursive proofs, but with a twist: in order to support the strong indistinguishability properties of mauled and fresh SNARK proofs, we need to allow an unbounded recursion depth. To still allow for a reasonable notion of extractability in this setting (and in particular to guarantee that extraction eventually finishes with a “proper” witness that does not refer to a previous SNARK proof), we rely on a new and generic computational primitive called adversarial one-way function (AOWF) that may be of independent interest. We give an AOWF candidate and prove it secure in the random oracle model.

U2 - 10.1007/978-3-031-91134-7_7

DO - 10.1007/978-3-031-91134-7_7

M3 - Conference Proceedings with Oral Presentation

SN - 978-3-031-91133-0

VL - 15604

T3 - Lecture Notes in Computer Science

SP - 184

EP - 213

BT - Advances in Cryptology – EUROCRYPT 2025

T2 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques - EUROCRYPT 2025 Affiliated Events

Y2 - 4 May 2025 through 8 May 2025

ER -

Chakraborty S, Hofheinz D, Langrehr R, Nielsen JB, Striecks C, Venturi D. Malleable SNARKs and Their Applications. in Fehr S, Fouque PA, Hrsg., Advances in Cryptology – EUROCRYPT 2025: 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Madrid, Spain, May 4–8, 2025, Proceedings, Part IV. 1 Aufl. Band 15604. 2025. S. 184–213. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-91134-7_7