Impossibilities in Succinct Arguments: Black-box Extraction and More [article]

Matteo Campanelli, Chaya Ganesh, Hamidreza Khoshakhlagh, Janno Siim
2022 IACR Cryptology ePrint Archive  
The celebrated result by Gentry and Wichs established a theoretical barrier for succinct non-interactive arguments (SNARGs), showing that for (expressive enough) hard-on-average languages we must assume non-falsifiable assumptions. We further investigate those barriers by showing new negative and positive results related to extractability and to the preprocessing model. 1. We first ask the question "are there further barriers to SNARGs that are knowledge-sound (SNARKs) and with a black-box
more » ... ctor ?". We show it is impossible to have such SNARKs in the standard model. This separates SNARKs in the random oracle model (which can have black-box extraction) and those in the standard model. 2. We find positive results regarding the same question in the non-adaptive setting. Under the existence of SNARGs (without extractability) and from standard assumptions, it is possible to build SNARKs with black-box extractability for a non-trivial subset of NP. 3. On the other hand, we show that (under some mild assumptions) all NP languages cannot have SNARKs with black-box extractability even in the non-adaptive setting. 4. The Gentry-Wichs result does not account for the preprocessing model, under which fall several efficient constructions. We show that also in the preprocessing model it is impossible to construct SNARGs that rely on falsifiable assumptions in a black-box way. Along the way, we identify a class of non-trivial languages, which we dub "trapdoor languages", that bypass some of these impossibility results.
dblp:journals/iacr/CampanelliGKS22 fatcat:5t52djd5j5b7xffx2cgsjaqqjm