Abstract
Vector commitments (VC) and their variants attract a lot of attention due to their wide range of usage in applications such as blockchain and accumulator. Mercurial vector commitment (MVC), as one of the important variants of VC, is the core technique for building more complicated cryptographic applications, such as the zero-knowledge set (ZKS) and zero-knowledge elementary database (ZK-EDB). However, to the best of our knowledge, the only post-quantum MVC construction is trivially implied by a generic framework proposed by Catalano and Fiore (PKC ’13) with lattice-based components which causes large auxiliary information and cannot satisfy any additional advanced properties, that is, updatable and aggregatable.
A major difficulty in constructing a non-black-box lattice-based MVC is that it is not trivial to construct a lattice-based VC that satisfies a critical property called “mercurial hiding”. In this paper, we identify some specific features of a new falsifiable family of basis-augmented SIS assumption (\(\textsf{BASIS}\)) proposed by Wee and Wu (EUROCRYPT ’23) that can be utilized to construct the mercurial vector commitment from lattice satisfying updatability and aggregatability with smaller auxiliary information. We first extend stateless update and differential update to the mercurial vector commitment and define a new property, named updatable mercurial hiding. Then, we show how to modify our constructions to obtain the updatable mercurial vector commitment that satisfies these properties. To aggregate the openings, our constructions perfectly inherit the ability to aggregate in the \(\textsf{BASIS}\) assumption, which can break the limitation of weak binding in the current aggregatable MVCs. In the end, we show that our constructions can be used to build the various kinds of lattice-based ZKS and ZK-EDB directly within the existing framework.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
Note that since an updated commitment is always a hard commitment, we are interested only in \(\mathsf {Hcom\_Hopen\ Equivocation }\) and \(\mathsf {Hcom\_Sopen\ Equivocation}\) for the updated commitment.
- 3.
For the structure of building the updatable ZK-EDB [21], the committed messages are the commitments itself.
References
Agrawal, S., Kirshanova, E., Stehlé, D., Yadav, A.: Can round-optimal lattice-based blind signatures be practical? IACR Cryptol. ePrint Arch. 2021, 1565 (2021)
Ajtai, M.: Generating hard instances of lattice problems. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, pp. 99–108 (1996)
Albrecht, M.R., Cini, V., Lai, R.W., Malavolta, G., Thyagarajan, S.A.: Lattice-based SNARKs: publicly verifiable, preprocessing, and recursively composable. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology–CRYPTO 2022: 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, 15–18 August 2022, Proceedings, Part II, pp. 102–132. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15979-4_4
Albrecht, M.R., Fenzi, G., Lapiha, O., Nguyen, N.K.: SLAP: succinct lattice-based polynomial commitments from standard assumptions. Cryptology ePrint Archive (2023)
Balbás, D., Catalano, D., Fiore, D., Lai, R.W.: Chainable functional commitments for unbounded-depth circuits. In: Rothblum, G., Wee, H. (eds.) Theory of Cryptography Conference, TCC 2023. LNCS, vol. 14371, pp. 363–393. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-48621-0_13
de Castro, L., Peikert, C.: Functional commitments for all functions, with transparent setup and from SIS. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology–EUROCRYPT 2023: 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, 23–27 April 2023, Proceedings, Part III, vol. 14006, pp. 287–320. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30620-4_10
Catalano, D., Dodis, Y., Visconti, I.: Mercurial commitments: minimal assumptions and efficient constructions. In: Halevi, S., Rabin, T. (eds.) Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006, New York, NY, USA, 4–7 March 2006, Proceedings 3, vol. 3876, pp. 120–144. Springer, Cham (2006). https://doi.org/10.1007/11681878_7
Catalano, D., Fiore, D.: Vector commitments and their applications. In: Kurosawa, K., Hanaoka, G. (eds.) Public-Key Cryptography–PKC 2013: 16th International Conference on Practice and Theory in Public-Key Cryptography, Nara, Japan, 26 February–1 March 2013, Proceedings 16, vol. 7778, pp. 55–72. Springer, Cham (2013). https://doi.org/10.1007/978-3-642-36362-7_5
Chase, M., Healy, A., Lysyanskaya, A., Malkin, T., Reyzin, L.: Mercurial commitments with applications to zero-knowledge sets. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 422–439. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_25
Chase, M., Healy, A., Lysyanskaya, A., Malkin, T., Reyzin, L.: Mercurial commitments with applications to zero-knowledge sets. J. Cryptol. 26, 251–279 (2013)
Cheon, J.H.: Security analysis of the strong Diffie-Hellman problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 1–11. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_1
Fisch, B., Liu, Z., Vesely, P.: Orbweaver: succinct linear functional commitments from lattices. In: Handschuh, H., Lysyanskaya, A. (eds.) Advances in Cryptology – CRYPTO 2023. CRYPTO 2023. LNCS, vol. 14082, pp. 106–131. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-38545-2_4
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, pp. 197–206 (2008)
Gorbunov, S., Reyzin, L., Wee, H., Zhang, Z.: Pointproofs: aggregating proofs for multiple vector commitments. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 2007–2023 (2020)
Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)
Lai, R.W., Malavolta, G.: Subvector commitments with application to succinct arguments. In: Boldyreva, A., Micciancio, D. (eds.) Advances in Cryptology–CRYPTO 2019: 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, 18–22 August 2019, Proceedings, Part I 39, vol. 11692, pp. 530–560. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_19
Li, Y., Susilo, W., Yang, G., Phuong, T.V.X., Yu, Y., Liu, D.: Concise mercurial subvector commitments: definitions and constructions. In: Baek, J., Ruj, S. (eds.) Information Security and Privacy: 26th Australasian Conference, ACISP 2021, Virtual Event, 1–3 December 2021, Proceedings 26, vol. 13083, pp. 353–371. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90567-5_18
Libert, B., Nguyen, K., Tan, B.H.M., Wang, H.: Zero-knowledge elementary databases with more expressive queries. In: Lin, D., Sako, K. (eds.) Public-Key Cryptography – PKC 2019. PKC 2019. LNCS, vol. 11442, pp. 255–285. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17253-4_9
Libert, B., Ramanna, S.C., et al.: Functional commitment schemes: from polynomial commitments to pairing-based accumulators from simple assumptions. In: 43rd International Colloquium on Automata, Languages and Programming (ICALP 2016) (2016)
Libert, B., Yung, M.: Concise mercurial vector commitments and independent zero-knowledge sets with short proofs. In: Micciancio, D. (eds.) Theory of Cryptography: 7th Theory of Cryptography Conference, TCC 2010, Zurich, Switzerland, 9–11 February 2010, Proceedings 7, vol. 5978, pp. 499–517. Springer, Cham (2010). https://doi.org/10.1007/978-3-642-11799-2_30
Liskov, M.: Updatable zero-knowledge databases. In: Roy, B. (eds.) Advances in Cryptology-ASIACRYPT 2005: 11th International Conference on the Theory and Application of Cryptology and Information Security, Chennai, India, 4–8 December 2005, Proceedings 11, vol. 3788, pp. 174–198. Springer, Cham (2005). https://doi.org/10.1007/11593447_10
Micali, S., Rabin, M., Kilian, J.: Zero-knowledge sets. In: 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings, pp. 80–91. IEEE (2003)
Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700–718. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_41
Naor, M.: On cryptographic assumptions and challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96–109. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_6
Peikert, C., Pepin, Z., Sharp, C.: Vector and functional commitments from lattices. In: Nissim, K., Waters, B. (eds.) TCC 2021. LNCS, vol. 13044, pp. 480–511. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90456-2_16
Tas, E.N., Boneh, D.: Vector commitments with efficient updates. arXiv preprint arXiv:2307.04085 (2023)
Wang, H., Yiu, S.M., Zhao, Y., Jiang, Z.L.: Updatable, aggregatable, succinct mercurial vector commitment from lattice. Cryptology ePrint Archive (2024)
Wee, H., Wu, D.J.: Succinct vector, polynomial, and functional commitments from lattices. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology–EUROCRYPT 2023: 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, 23–27 April 2023, Proceedings, Part III, pp. 385–416. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30620-4_13
Acknowledgements
This work is supported by National Natural Science Foundation of China (No. 62202023, No. 62272131), HKU-SCF FinTech Academy, Shenzhen-Hong Kong-Macao Science and Technology Plan Project (Category C Project: SGDX20210823103537030), Theme-based Research Scheme of RGC, Hong Kong (T35-710/20-R), and Shenzhen Science and Technology Major Project (No. KJZD20230923114908017). We would like to thank the anonymous reviewers for their constructive and informative feedback on this work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 International Association for Cryptologic Research
About this paper
Cite this paper
Wang, H., Yiu, SM., Zhao, Y., Jiang, Z.L. (2024). Updatable, Aggregatable, Succinct Mercurial Vector Commitment from Lattice. In: Tang, Q., Teague, V. (eds) Public-Key Cryptography – PKC 2024. PKC 2024. Lecture Notes in Computer Science, vol 14602. Springer, Cham. https://doi.org/10.1007/978-3-031-57722-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-57722-2_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57721-5
Online ISBN: 978-3-031-57722-2
eBook Packages: Computer ScienceComputer Science (R0)