One-way accumulators: a decentralized alternative to digital signatures
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Universal Accumulators with Efficient Nonmembership Proofs
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
A secure and optimally efficient multi-authority election scheme
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Collision-free accumulators and fail-stop signature schemes without trees
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Secure accumulators from euclidean rings without trusted setup
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
PPREM: Privacy Preserving REvocation Mechanism for Vehicular Ad Hoc Networks
Computer Standards & Interfaces
Hi-index | 0.00 |
Accumulator schemes were introduced in order to represent a large set of values as one short value called the accumulator. These schemes allow one to generate membership proofs, i.e. short witnesses that a certain value belongs to the set. In universal accumulator schemes, efficient proofs of non-membership can also be created. Li, Li and Xue [11], building on the work of Camenisch and Lysyanskaya [5], proposed an efficient accumulator scheme which relies on a trusted accumulator manager. Specifically, a manager that correctly performs accumulator updates.In this work we introduce the notion of strong universal accumulator schemeswhich are similar in functionality to universal accumulator schemes, but do not assume the accumulator manager is trusted. We also formalize the security requirements for such schemes. We then give a simple construction of a strong universal accumulator scheme which is provably secure under the assumption that collision-resistant hash functions exist. The weaker requirement on the accumulator manager comes at a price; our scheme is less efficient than known universal accumulator schemes -- the size of (non)membership witnesses is logarithmic in the size of the accumulated set in contrast to constant in the scheme of Camenisch and Lysyanskaya.Finally, we show how to use strong universal accumulators to solve a practical concern, the so called e-Invoice Factoring Problem.