Zero-Knowledge Elementary Databases with More Expressive Queries

  • Benoît Libert
  • Khoa Nguyen
  • Benjamin Hong Meng TanEmail author
  • Huaxiong Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11442)


Zero-knowledge elementary databases (ZK-EDBs) are cryptographic schemes that allow a prover to commit to a set \(\mathsf {D}\) of key-value pairs so as to be able to prove statements such as “x belongs to the support of \(\mathsf {D}\) and \(\mathsf {D}(x)=y\)” or “x is not in the support of \(\mathsf {D}\)”. Importantly, proofs should leak no information beyond the proven statement and even the size of \(\mathsf {D}\) should remain private. Chase et al. (Eurocrypt’05) showed that ZK-EDBs are implied by a special flavor of non-interactive commitment, called mercurial commitment, which enables efficient instantiations based on standard number theoretic assumptions. On the other hand, the resulting ZK-EDBs are only known to support proofs for simple statements like (non-)membership and value assignments. In this paper, we show that mercurial commitments actually enable significantly richer queries. We show that, modulo an additional security property met by all known efficient constructions, they actually enable range queries over keys and values – even for ranges of super-polynomial size – as well as membership/non-membership queries over the space of values. Beyond that, we exploit the range queries to realize richer queries such as \(k\)-nearest neighbors and revealing the \(k\) smallest or largest records within a given range. In addition, we provide a new realization of trapdoor mercurial commitment from standard lattice assumptions, thus obtaining the most expressive quantum-safe ZK-EDB construction so far.


Zero-knowledge databases Expressive queries Lattice-based commitments 



Part of this research was funded by Singapore Ministry of Education under Research Grant MOE2016-T2-2-014(S). Another part was funded by BPI-France in the context of the national project RISQ (P141580). This work was also supported in part by the European Union PROMETHEUS project (Horizon 2020 Research and Innovation Program, grant 780701). Khoa Nguyen was also supported by the Gopalakrishnan – NTU Presidential Postdoctoral Fellowship 2018. Huaxiong Wang was also supported by the National Research Foundation, Prime Minister’s Office, Singapore under its Strategic Capability Research Centres Funding Initiative.


  1. 1.
    Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications. In: STOC, pp. 103–112. ACM (1988)Google Scholar
  2. 2.
    Catalano, D., Dodis, Y., Visconti, I.: Mercurial commitments: minimal assumptions and efficient constructions. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 120–144. Springer, Heidelberg (2006). Scholar
  3. 3.
    Catalano, D., Fiore, D.: Vector commitments and their applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 55–72. Springer, Heidelberg (2013). Scholar
  4. 4.
    Catalano, D., Fiore, D., Messina, M.: Zero-knowledge sets with short proofs. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 433–450. Springer, Heidelberg (2008). Scholar
  5. 5.
    Chase, M., Healy, A., Lysyanskaya, A., Malkin, T., Reyzin, L.: Mercurial commitments with applications to zero-knowledge sets. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 422–439. Springer, Heidelberg (2005). Scholar
  6. 6.
    Chase, M., Healy, A., Lysyanskaya, A., Malkin, T., Reyzin, L.: Mercurial commitments with applications to zero-knowledge sets. J. Cryptology 26(2), 251–279 (2013)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Chase, M., Visconti, I.: Secure database commitments and universal arguments of quasi knowledge. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 236–254. Springer, Heidelberg (2012). Scholar
  8. 8.
    Ducas, L., Micciancio, D.: Improved short lattice signatures in the standard model. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 335–352. Springer, Heidelberg (2014). Scholar
  9. 9.
    Gennaro, R., Micali, S.: Independent zero-knowledge sets. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 34–45. Springer, Heidelberg (2006). Scholar
  10. 10.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC 2008 (2008)Google Scholar
  11. 11.
    Ghosh, E., Ohrimenko, O., Tamassia, R.: Verifiable order queries and order statistics on a list in zero-knowledge. In: ACNS (2015)Google Scholar
  12. 12.
    Ghosh, E., Ohrimenko, O., Tamassia, R.: Efficient verifiable range and closest point queries in zero-knowledge. PoPETs 2016(4), 373–388 (2016)Google Scholar
  13. 13.
    Goyal, V., Ostrovsky, R., Scafuro, A., Visconti, I.: Black-box non-black-box zero knowledge. In: STOC (2014)Google Scholar
  14. 14.
    Ishai, Y., Kushilevitz, E., Ostrovksy, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: STOC (2007)Google Scholar
  15. 15.
    Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 177–194. Springer, Heidelberg (2010). Scholar
  16. 16.
    Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372–389. Springer, Heidelberg (2008). Scholar
  17. 17.
    Libert, B., Yung, M.: Concise mercurial vector commitments and independent zero-knowledge sets with short proofs. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 499–517. Springer, Heidelberg (2010). Scholar
  18. 18.
    Liskov, M.: Updatable zero-knowledge databases. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 174–198. Springer, Heidelberg (2005). Scholar
  19. 19.
    Lyubashevsky, V.: Fiat-shamir with aborts: applications to lattice and factoring-based signatures. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 598–616. Springer, Heidelberg (2009). Scholar
  20. 20.
    Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). Scholar
  21. 21.
    Micali, S., Rabin, M.O., Kilian, J.: Zero-knowledge sets. In: 44th FOCS (2003)Google Scholar
  22. 22.
    Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700–718. Springer, Heidelberg (2012). Scholar
  23. 23.
    Micciancio, D., Peikert, C.: Hardness of SIS and LWE with small parameters. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 21–39. Springer, Heidelberg (2013). Scholar
  24. 24.
    Micciancio, D., Regev, O.: Worst-case to average-case reductions based on gaussian measures. SIAM J. Comput. 37(1), 267–302 (2007)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). Scholar
  26. 26.
    Naor, M., Nissim, K.: Certificate revocation and certificate update. In: 7th USENIX Security Symposium (1998)Google Scholar
  27. 27.
    Naor, M., Ziv, A.: Primary-secondary-resolver membership proof systems. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 199–228. Springer, Heidelberg (2015). Scholar
  28. 28.
    Ostrovsky, R., Rackoff, C., Smith, A.: Efficient consistency proofs for generalized queries on a committed database. In: Díaz, J., Karhumäki, J., Lepistö, A., Sannella, D. (eds.) ICALP 2004. LNCS, vol. 3142, pp. 1041–1053. Springer, Heidelberg (2004). Scholar
  29. 29.
    Papadopoulos, D., Papadopoulos, S., Triandopoulos, N.: Taking authenticated range queries to arbitrary dimensions. In: ACM-CCS (2014)Google Scholar
  30. 30.
    Papamanthou, C., Tamassia, R., Triandopoulos, N.: Optimal verification of operations on dynamic sets. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 91–110. Springer, Heidelberg (2011). Scholar
  31. 31.
    Prabhakaran, M., Xue, R.: Statistically hiding sets. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 100–116. Springer, Heidelberg (2009). Scholar
  32. 32.
    Tamassia, R.: Authenticated data structures. In: Di Battista, G., Zwick, U. (eds.) ESA 2003. LNCS, vol. 2832, pp. 2–5. Springer, Heidelberg (2003). Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  • Benoît Libert
    • 1
    • 2
  • Khoa Nguyen
    • 3
  • Benjamin Hong Meng Tan
    • 3
    • 4
    Email author
  • Huaxiong Wang
    • 3
  1. 1.CNRS, Laboratoire LIPLyonFrance
  2. 2.ENS de Lyon, Laboratoire LIP (U. Lyon, CNRS, ENSL, Inria, UCBL)LyonFrance
  3. 3.School of Physical and Mathematical SciencesNanyang Technological UniversitySingaporeSingapore
  4. 4.Institute for Infocomm Research, A*STARSingaporeSingapore

Personalised recommendations