Strong Accumulators from Collision-Resistant Hashing

  • Authors:

  • Philippe Camacho;Alejandro Hevia;Marcos Kiwi;Roberto Opazo

  • Affiliations:

  • Dept. of Computer Science, University of Chile, Santiago, Chile;Dept. of Computer Science, University of Chile, Santiago, Chile;Dept. Ing. Matemática & Ctr. de Modelamiento Matemááático, UMI 2807 U. Chile---CNRS,;CEO Acepta.com,

  • Venue:
  • ISC '08 Proceedings of the 11th international conference on Information Security
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Accumulator schemes were introduced in order to represent a large set of values as one short value called the accumulator. These schemes allow one to generate membership proofs, i.e. short witnesses that a certain value belongs to the set. In universal accumulator schemes, efficient proofs of non-membership can also be created. Li, Li and Xue [11], building on the work of Camenisch and Lysyanskaya [5], proposed an efficient accumulator scheme which relies on a trusted accumulator manager. Specifically, a manager that correctly performs accumulator updates.In this work we introduce the notion of strong universal accumulator schemeswhich are similar in functionality to universal accumulator schemes, but do not assume the accumulator manager is trusted. We also formalize the security requirements for such schemes. We then give a simple construction of a strong universal accumulator scheme which is provably secure under the assumption that collision-resistant hash functions exist. The weaker requirement on the accumulator manager comes at a price; our scheme is less efficient than known universal accumulator schemes -- the size of (non)membership witnesses is logarithmic in the size of the accumulated set in contrast to constant in the scheme of Camenisch and Lysyanskaya.Finally, we show how to use strong universal accumulators to solve a practical concern, the so called e-Invoice Factoring Problem.