Fractal Merkle Tree Representation and Traversal
We introduce a technique for traversal of Merkle trees, and propose an efficient algorithm that generates a sequence of leaves along with their associated authentication paths. For one choice of parameters, and a total of N leaves, our technique requires a worst-case computational effort of 2 logN/loglog N hash function evaluations per output, and a total storage capacity of less than 1.5 log2 N/loglogN hash values. This is a simultaneous improvement both in space and time complexity over any previously published algorithm.
KeywordsAmortization authentication fractal Merkle tree
Unable to display preview. Download preview PDF.
- D. Coppersmith and M. Jakobsson, “Almost Optimal Hash Sequence Traversal,” Financial Crypto’ 02. Available at http://www.markus-jakobsson.com. 315
- Y.-C. Hu, A. Perrig, and D. B. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks,” Proceedings of the Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2003), IEEE, San Francisco, CA, April 2003, to appear 315Google Scholar
- M. Jakobsson, “Fractal Hash Sequence Representation and Traversal,” ISIT’ 02, p. 437. Available at http://www.markus-jakobsson.com. 315
- C. Jutla and M. Yung, “PayTree: amortized-signature for flexible micropayments,” 2nd USENIX Workshop on Electronic Commerce, pp. 213–221, 1996. 315Google Scholar
- L. Lamport, “Constructing Digital Signatures from a One Way Function,” SRI International Technical Report CSL-98 (October 1979). 315Google Scholar
- R. Merkle, “Secrecy, Authentication, and Public Key Systems,” UMI Research Press, 1982. Also appears as a Stanford Ph.D. thesis in 1979. 315Google Scholar
- R. Merkle, “A digital signature based on a conventional encryption function,” Proceedings of Crypto’ 87, pp. 369–378. 314, 315, 317Google Scholar
- S. Micali, “Efficient Certificate Revocation,” Proceedings of RSA’ 97, and U. S. Patent No. 5,666,416. 315Google Scholar
- K. S. J. Pister, J. M. Kahn and B. E. Boser, “Smart Dust: Wireless Networks of Millimeter-Scale Sensor Nodes. Highlight Article in 1999 Electronics Research Laboratory Research Summary.”, 1999. Available at http://robotics.eecs.berkeley.edu/~pister/SmartDust/ 314
- FIPS PUB 180-1, “Secure Hash Standard, SHA-1”. Available at http://www.itl.nist.gov/fipspubs/fip180-1.htm 316
- Y. Sella, “Traversing Hash Chain with Constant Computation,” To appear in Financial Crypto’ 03. 315Google Scholar
- S. Vaudenay, “One-time identification with low memory,” EUROCODE’92, CISM Course and Lecture 339, pp. 217–228, Springer-Verlag 1993 315Google Scholar