Cryptographic Accumulators: New Definitions, Enhanced Security, and Delegatable Proofs
Pages 94 - 119
Abstract
Cryptographic accumulators, introduced in 1993 by Benaloh and De Mare, represent a set with a concise value and offer proofs of (non-)membership. Accumulators have evolved, becoming essential in anonymous credentials, e-cash, and blockchain applications. Various properties like dynamic and universal emerged for specific needs, leading to multiple accumulator definitions. In 2015, Derler, Hanser, and Slamanig proposed a unified model, but new properties, including zero-knowledge security, have arisen since. We offer a new definition of accumulators, based on Derler et al.’s, that is suitable for all properties. We also introduce a new security property, unforgeability of private evaluation, to protect accumulator from forgery and we verify this property in Barthoulot, Blazy, and Canard’s recent accumulator. Finally we provide discussions on security properties of accumulators and on the delegatable (non-)membership proofs property.
References
[1]
Acar, T., Nguyen, L.: Revocation for delegatable anonymous credentials. Technical Repost MSR-TR-2010-170, Microsoft Research (2010)
[2]
Acar T and Nguyen L Catalano D, Fazio N, Gennaro R, and Nicolosi A Revocation for delegatable anonymous credentials Public Key Cryptography – PKC 2011 2011 Heidelberg Springer 423-440
[3]
Asano T Zheng Y A revocation scheme with minimal storage at receivers Advances in Cryptology — ASIACRYPT 2002 2002 Heidelberg Springer 433-450
[4]
Au MH, Tsang PP, Susilo W, and Mu Y Fischlin M Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems Topics in Cryptology – CT-RSA 2009 2009 Heidelberg Springer 295-308
[5]
Au MH, Wu Q, Susilo W, and Mu Y Abe M Compact E-cash from bounded accumulator Topics in Cryptology – CT-RSA 2007 2006 Heidelberg Springer 178-195
[6]
Ayebie EB and Souidi EM New code-based cryptographic accumulator and fully dynamic group signature DCC 2022 90 12 2861-2891
[7]
Baldimtsi, F., et al.: Accumulators with applications to anonymity-preserving revocation. Cryptology ePrint Archive, Paper 2017/043 (2017). https://eprint.iacr.org/2017/043
[8]
Baldimtsi, F., et al.: Accumulators with applications to anonymity-preserving revocation, pp. 301–315 (2017).
[9]
Badimtsi F, Canetti R, and Yakoubov S Jarecki S Universally composable accumulators Topics in Cryptology – CT-RSA 2020 2020 Cham Springer 638-666
[10]
Baldimtsi F, Karantaidou I, and Raghuraman S Tang Q and Teague V Oblivious accumulators Public-Key Cryptography - PKC 2024 2024 Cham Springer 99-131
[11]
Barić N and Pfitzmann B Fumy W Collision-free accumulators and fail-stop signature schemes without trees Advances in Cryptology — EUROCRYPT ’97 1997 Heidelberg Springer 480-494
[12]
Barthoulot, A., Blazy, O., Canard, S.: Dually computable cryptographic accumulators and their application to attribute based encryption. Cryptology ePrint Archive, Paper 2023/1277 (2023). https://eprint.iacr.org/2023/1277
[13]
Barthoulot, A., Blazy, O., Canard, S.: Locally verifiable signatures and cryptographic accumulators: different names, same thing? (2023)
[14]
Barthoulot, A., Blazy, O., Canard, S.: Cryptographic accumulators: new definitions, enhanced security, and delegatable proofs. Cryptology ePrint Archive, Paper 2024/657 (2024). https://eprint.iacr.org/2024/657
[15]
Benaloh J and de Mare M Helleseth T One-way accumulators: a decentralized alternative to digital signatures Advances in Cryptology — EUROCRYPT ’93 1994 Heidelberg Springer 274-285
[16]
Boneh D, Bünz B, and Fisch B Boldyreva A and Micciancio D Batching techniques for accumulators with applications to IOPs and stateless blockchains Advances in Cryptology – CRYPTO 2019 2019 Cham Springer 561-586
[17]
Buldas A, Laud P, and Lipmaa H Eliminating counterevidence with applications to accountable certificate management J. Comput. Secur. 2002 10 273-296
[18]
Camenisch J, Kohlweiss M, and Soriente C Jarecki S and Tsudik G An accumulator based on bilinear maps and efficient revocation for anonymous credentials Public Key Cryptography – PKC 2009 2009 Heidelberg Springer 481-500
[19]
Camenisch J and Lysyanskaya A Yung M Dynamic accumulators and application to efficient revocation of anonymous credentials Advances in Cryptology — CRYPTO 2002 2002 Heidelberg Springer 61-76
[20]
Campanelli, M., Fiore, D., Han, S., Kim, J., Kolonelos, D., Oh, H.: Succinct zero-knowledge batch proofs for set accumulators. In: Yin, H., Stavrou, A., Cremers, C., Shi, E. (eds.) ACM CCS 2022, pp. 455–469. ACM Press (2022).
[21]
Canard S and Gouget A Sion R Multiple denominations in E-cash with compact transaction data Financial Cryptography and Data Security 2010 Heidelberg Springer 82-97
[22]
Catalano D and Fiore D Kurosawa K and Hanaoka G Vector commitments and their applications Public-Key Cryptography – PKC 2013 2013 Heidelberg Springer 55-72
[23]
Chen J, Lim HW, Ling S, Wang H, and Wee H Abdalla M and Lange T Shorter IBE and signatures via asymmetric pairings Pairing-Based Cryptography – Pairing 2012 2013 Heidelberg Springer 122-140
[24]
Couteau G, Lipmaa H, Parisella R, and Ødegaard AT Tibouchi M and Wang H Efficient NIZKs for algebraic sets Advances in Cryptology – ASIACRYPT 2021 2021 Cham Springer 128-158
[25]
Damgard, I., Triandopoulos, N.: Supporting non-membership proofs with bilinear-map accumulators. Cryptology ePrint Archive, Report 2008/538 (2008). http://eprint.iacr.org/2008/538
[26]
Derler D, Hanser C, and Slamanig D Nyberg K Revisiting cryptographic accumulators, additional properties and relations to other primitives Topics in Cryptology — CT-RSA 2015 2015 Cham Springer 127-144
[27]
Dodis Y, Kiayias A, Nicolosi A, and Shoup V Cachin C and Camenisch JL Anonymous identification in ad hoc groups Advances in Cryptology - EUROCRYPT 2004 2004 Heidelberg Springer 609-626
[28]
Fazio, N., Nicolosi, A.: Cryptographic accumulators: definitions, constructions and applications (2002)
[29]
Gentry C and Ramzan Z Zhang K and Zheng Y RSA accumulator based broadcast encryption Information Security 2004 Heidelberg Springer 73-86
[30]
Ghosh E, Ohrimenko O, Papadopoulos D, Tamassia R, and Triandopoulos N Cheon JH and Takagi T Zero-knowledge accumulators and set algebra Advances in Cryptology – ASIACRYPT 2016 2016 Heidelberg Springer 67-100
[31]
Groth J Abe M Short pairing-based non-interactive zero-knowledge arguments Advances in Cryptology - ASIACRYPT 2010 2010 Heidelberg Springer 321-340
[32]
Jia, H., Chen, Y., Lan, J., Huang, K., Wang, J.: Efficient revocable hierarchical identity-based encryption using cryptographic accumulators. Int. J. Inf. Secur. (2018)
[33]
Lewko, A.B., Waters, B.: Unbounded HIBE and attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 547–567. Springer, Heidelberg (May 2011).
[34]
Li F, Hu Y, and Zhang C Katz J and Yung M An identity-based signcryption scheme for multi-domain ad hoc networks Applied Cryptography and Network Security 2007 Heidelberg Springer 373-384
[35]
Li J, Li N, and Xue R Katz J and Yung M Universal accumulators with efficient nonmembership proofs Applied Cryptography and Network Security 2007 Heidelberg Springer 253-269
[36]
Libert B, Ling S, Nguyen K, and Wang H Fischlin M and Coron J-S Zero-knowledge arguments for lattice-based accumulators: logarithmic-size ring signatures and group signatures without trapdoors Advances in Cryptology – EUROCRYPT 2016 2016 Heidelberg Springer 1-31
[37]
Libert, B., Ramanna, S.C., Yung, M.: Functional commitment schemes: from polynomial commitments to pairing-based accumulators from simple assumptions. In: Chatzigiannakis, I., Mitzenmacher, M., Rabani, Y., Sangiorgi, D. (eds.) ICALP 2016. LIPIcs, vol. 55, pp. 30:1–30:14. Schloss Dagstuhl (Jul 2016).
[38]
Lipmaa H Bao F, Samarati P, and Zhou J Secure accumulators from Euclidean rings without trusted setup Applied Cryptography and Network Security 2012 Heidelberg Springer 224-240
[39]
Fauzi P, Lipmaa H, and Zhang B Christin N and Safavi-Naini R Efficient non-interactive zero knowledge arguments for set operations Financial Cryptography and Data Security 2014 Heidelberg Springer 216-233
[40]
Lipmaa, H., Parisella, R.: Set (non-)membership NIZKs from determinantal accumulators. Cryptology ePrint Archive, Paper 2022/1570 (2022). https://eprint.iacr.org/2022/1570
[41]
Jhanwar MP and Safavi-Naini R Chakraborty RS, Schwabe P, and Solworth J Compact accumulator using lattices Security, Privacy, and Applied Cryptography Engineering 2015 Cham Springer 347-358
[42]
de Meer, H., Liedel, M., Pohls, H.C., Posegga, J.: Indistinguishability of one-way accumulators. Technical report MIP-1210, Faculty of Computer Science and Mathematics (FIM), University of Passau (2012)
[43]
de Meer H, Pöhls HC, Posegga J, and Samelin K Obaidat MS and Filipe J Redactable signature schemes for trees with signer-controlled non-leaf-redactions E-Business and Telecommunications 2014 Heidelberg Springer 155-171
[44]
Nguyen K, Tang H, Wang H, and Zeng N Galbraith SD and Moriai S New code-based privacy-preserving cryptographic constructions Advances in Cryptology – ASIACRYPT 2019 2019 Cham Springer 25-55
[45]
Nguyen L Menezes A Accumulators from bilinear pairings and applications Topics in Cryptology – CT-RSA 2005 2005 Heidelberg Springer 275-292
[46]
Nguyen L Menezes A Accumulators from bilinear pairings and applications Topics in Cryptology – CT-RSA 2005 2005 Heidelberg Springer 275-292
[47]
Okamoto T and Takashima K Matsui M Hierarchical predicate encryption for inner-products Advances in Cryptology – ASIACRYPT 2009 2009 Heidelberg Springer 214-231
[48]
Papamanthou C, Shi E, Tamassia R, and Yi K Johansson T and Nguyen PQ Streaming authenticated data structures Advances in Cryptology – EUROCRYPT 2013 2013 Heidelberg Springer 353-370
[49]
Papamanthou C, Tamassia R, and Triandopoulos N Rogaway P Optimal verification of operations on dynamic sets Advances in Cryptology – CRYPTO 2011 2011 Heidelberg Springer 91-110
[50]
Ren Y, Liu X, Wu Q, Wang L, and Zhang W Cryptographic accumulator and its application: a survey Secur. Commun. Netw. 2022 2022 1-13
[51]
Reyzin L and Yakoubov S Zikas V and De Prisco R Efficient asynchronous accumulators for distributed PKI Security and Cryptography for Networks 2016 Cham Springer 292-309
[52]
Reyzin L and Yakoubov S Zikas V and De Prisco R Efficient asynchronous accumulators for distributed PKI Security and Cryptography for Networks 2016 Cham Springer 292-309
[53]
Tomescu, A., Bhupatiraju, V., Papadopoulos, D., Papamanthou, C., Triandopoulos, N., Devadas, S.: Transparency logs via append-only authenticated dictionaries. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 1299–1316. ACM Press (2019).
[54]
Tsudik G and Xu S Laih C-S Accumulating composites and improved group signing Advances in Cryptology - ASIACRYPT 2003 2003 Heidelberg Springer 269-286
[55]
Wang P, Wang H, and Pieprzyk J Qing S, Imai H, and Wang G A new dynamic accumulator for batch updates Information and Communications Security 2007 Heidelberg Springer 98-112
[56]
Wang, X., Chow, S.S.M.: Cross-domain access control encryption: arbitrary-policy, constant-size, efficient. In: 2021 IEEE Symposium on Security and Privacy, pp. 748–761. IEEE Computer Society Press (2021).
Recommendations
Dually Computable Cryptographic Accumulators and Their Application to Attribute Based Encryption
Cryptology and Network SecurityAbstractIn 1993, Benaloh and De Mare introduced cryptographic accumulator, a primitive that allows the representation of a set of values by a short object (the accumulator) and offers the possibility to prove that some input values are in the accumulator. ...
Authenticated Hash Tables Based on Cryptographic Accumulators
Suppose a client stores $$n$$n elements in a hash table that is outsourced to an untrusted server. We address the problem of authenticating the hash table operations, where the goal is to design protocols capable of verifying the correctness of queries ...
On the Security of RSA-PSS in the Wild
SSR'19: Proceedings of the 5th ACM Workshop on Security Standardisation Research WorkshopThe RSA Probabilistic Signature Scheme (RSA-PSS) due to Bellare and Rogaway (EUROCRYPT 1996) is a widely deployed signature scheme. In particular it is a suggested replacement for the deterministic RSA Full Domain Hash (RSA-FDH) by Bellare and Rogaway (...
Comments
Information & Contributors
Information
Published In
Jul 2024
456 pages
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 10 July 2024
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 10 Oct 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in