IMDEA Software

IMDEA initiative

Home > Events > Invited Talks > 2023 > How to make SNARKs non-malleable

Mahak Pancholi

Wednesday, June 14, 2023

11:00 Meeting room 302 & Zoom3 (pass: @s3)

Mahak Pancholi, PhD Student, Aarhus University, Denmark

How to make SNARKs non-malleable


Non-Interactive Zero-Knowledge proofs (NIZKs) allow a prover to convince a verifier about the validity of a claim without revealing any additional information about the claim. Most commonly, the security of NIZKs is analysed in isolation, under stand-alone security properties, such as zero knowledge and knowledge soundness. However, NIZKs do not exists in isolation, and are inherently transferable, i.e., one can take an existing valid proof and prove a new statement (even an invalid one) by reusing or modifying the observed proof. Such attacks are called malleability attacks, and, stand-alone properties give no guarantees against these attacks. This talk is about the recent developments in analysing non-malleability of a useful calls of NIZKs, called SNARKs. We present a compiler that lifts any SNARK to one that is secure in the Universal Composability framework (which rules out non-malleability attacks). Interestingly, this compiler preserves the efficiency guarantees of the underlying SNARK. Thus, using this compiler along with existing SNARKs with constant proof sizes, we obtain the first SNARK that is simultaneously UC-secure and has constant sized proofs.