Strong Accumulators from Collision-Resistant Hashing
Accumulator schemes were introduced in order to represent a large set of values as one short value called the accumulator. These schemes allow one to generate membership proofs, i.e. short witnesses that a certain value belongs to the set. In universal accumulator schemes, efficient proofs of non-membership can also be created. Li, Li and Xue , building on the work of Camenisch and Lysyanskaya , proposed an efficient accumulator scheme which relies on a trusted accumulator manager. Specifically, a manager that correctly performs accumulator updates.
In this work we introduce the notion of strong universal accumulator schemes which are similar in functionality to universal accumulator schemes, but do not assume the accumulator manager is trusted. We also formalize the security requirements for such schemes. We then give a simple construction of a strong universal accumulator scheme which is provably secure under the assumption that collision-resistant hash functions exist. The weaker requirement on the accumulator manager comes at a price; our scheme is less efficient than known universal accumulator schemes — the size of (non)membership witnesses is logarithmic in the size of the accumulated set in contrast to constant in the scheme of Camenisch and Lysyanskaya.
Finally, we show how to use strong universal accumulators to solve a practical concern, the so called e-Invoice Factoring Problem.
KeywordsAccumulators Collision-resistant Hashing e-Invoice
Unable to display preview. Download preview PDF.
- 1.Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signed scheme without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)Google Scholar
- 2.Bayer, D., Haber, S., Stornetta, W.S.: Improving the efficiency and reliability of digital time-stamping. In: Capocelli, R.M., DeSantis, A., Vaccaro, U. (eds.) Sequences II: Methods in Communication, Security, and Computer Science, pp. 329–334. Springer, Heidelberg (1993)Google Scholar
- 3.Benaloh, J., De Mare, M.: One-way accumulators: A decentralised alternative to digital signatures. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 274–285. Springer, Heidelberg (1994)Google Scholar
- 6.Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)Google Scholar
- 7.Damgård, I.: Collision free hash functions and public key signature schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203–216. Springer, Heidelberg (1988)Google Scholar
- 8.Servicio de Impuestos Internos. Información sobre factura electrónica [June 19, 2008], https://palena.sii.cl/dte/mn_info.html
- 9.Fazio, N., Nicolisi, A.: Cryptographic accumulators: Definitions, constructions and applications (2003) [June 19, 2008], http://www.cs.nyu.edu/~nicolosi/papers/accumulators.ps
- 11.Li, J., Li, N., Xue, R.: Universal accumulators with efficient nonmembership proofs. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521. Springer, Heidelberg (2007)Google Scholar
- 12.National Institute of Standards and Technology (NIST). FIPS Publication 180: Secure Hash Standard (SHS) (May 1993)Google Scholar
- 13.OpenSSL Project. OpenSSL Package (June 2008) [June 19, 2008], http://www.openssl.org