Cryptographic accumulators: new definitions, enhanced security, and delegatable proofs
发表信息
作者
- Anaïs Barthoulot
- Olivier Blazy
- Sébastien Canard
笔记
Cryptographic accumulators, introduced in 1993 by Benaloh and De Mare, represent a set with a concise value and offer proofs of (non-)membership. Accumulators have evolved, becoming essential in anonymous credentials, e-cash, and blockchain applications. Various properties like dynamic and universal emerged for specific needs, leading to multiple accumulator definitions. In 2015, Derler, Hanser, and Slamanig proposed a unified model, but new properties, including zero-knowledge security, have arisen since. We offer a new definition of accumulators, based on Derler et al.’s, that is suitable for all properties. We also introduce a new security property, unforgeability of private evaluation, to protect accumulator from forgery and we verify this property in Barthoulot, Blazy, and Canard’s recent accumulator. Finally we provide discussions on security properties of accumulators and on the delegatable (non-)membership proofs property.
以下是中文翻译:
密码学累加器(cryptographic accumulators)由Benaloh和De Mare在1993年首次提出,它可以用一个简洁的值来表示一个集合,并提供成员资格和非成员资格的证明。累加器不断发展,已成为匿名凭证(anonymous credentials)、电子现金(e-cash)和区块链应用中的重要组成部分。为满足特定需求,各种特性如动态性(dynamic)和通用性(universal)相继出现,这导致了多种累加器定义的产生。2015年,Derler、Hanser和Slamanig提出了一个统一模型,但此后又出现了包括零知识安全性在内的新特性。我们提出了一个基于Derler等人工作的新累加器定义,该定义适用于所有特性。我们还引入了一个新的安全性质——私有评估的不可伪造性(unforgeability of private evaluation),用于防止累加器被伪造,并验证了这一性质在Barthoulot、Blazy和Canard最近提出的累加器中的应用。最后,我们对累加器的安全性质以及可委托的成员资格和非成员资格证明特性进行了讨论。