Efficient Asynchronous Accumulators for Distributed PKI
Cryptographic accumulators are a tool for compact set representation and secure set membership proofs. When an element is added to a set by means of an accumulator, a membership witness is generated. This witness can later be used to prove the membership of the element. Typically, the membership witness has to be synchronized with the accumulator value: it has to be updated every time another element is added to the accumulator, and it cannot be used with outdated accumulator values. However, in many distributed applications (such as blockchain-based public key infrastructures), requiring strict synchronization is prohibitive. We define low update frequency, which means that a witness only needs to be updated a small number of times, and old-accumulator compatibility, which means that a witness can be used with outdated accumulator values. Finally, we propose an accumulator that achieves both of those properties.
This research is supported, in part, by US NSF grants CNS-1012910, CNS-1012798, and CNS-1422965. Leonid Reyzin gratefully acknowledges the hospitality of IST Austria and École normale supérieure, where part of this work was performed.
The authors would like to thank Dimitris Papadopoulos and Foteini Baldimtsi for their insightful feedback.
- 4.Buldas, A., Laud, P., Lipmaa, H.: Accountable certificate management using undeniable attestations. In: Proceedings of the 7th ACM Conference on Computer and Communications Security, CCS 2000, pp. 9–17. ACM, New York (2000)Google Scholar
- 6.Camacho, P.: On the impossibility of batch update for cryptographic accumulators. Cryptology ePrint Archive, Report 2009/612 (2009)Google Scholar
- 9.Crosby, S.A., Wallach, D.S.: Efficient data structures for tamper-evident logging. In: Proceedings of the 18th Conference on USENIX Security Symposium, SSYM 2009, pp. 317–334. USENIX Association, Berkeley (2009)Google Scholar
- 10.Damgrd, I., Triandopoulos, N.: Supporting non-membership proofs with bilinear-map accumulators. Cryptology ePrint Archive, Report 2008/538 (2008)Google Scholar
- 11.Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 127–144. Springer, Heidelberg (2015)Google Scholar
- 12.Fazio, N., Nicolosi, A.: Cryptographic accumulators: definitions, constructions and applications (2003)Google Scholar
- 13.Garman, C., Green, M., Miers, I.: Decentralized anonymous credentials. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 February 2014Google Scholar
- 15.Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)Google Scholar
- 16.Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)Google Scholar
- 17.Namecoin. https://www.namecoin.org/
- 19.Reyzin, L., Yakoubov, S.: Efficient asynchronous accumulators for distributed PKI. Cryptology ePrint Archive, Report 2015/718 (2015). http://eprint.iacr.org/
- 21.Slepak, G.: Dnschain + okturtles (2013). http://okturtles.com/other/dnschain_okturtles_overview.pdf
- 22.Yakoubov, S., Fromknecht, C., Velicanu, D.: Certcoin: a namecoin based decentralized authentication system (2014)Google Scholar