KVaC: Key-Value Commitments for Blockchains and Beyond

As blockchains grow in size, validating new transactions becomes more and more resource intensive. To deal with this, there is a need to discover compact encodings of the (effective) state of a blockchain — an encoding that allows for efficient proofs of membership and updates. In the case of account-based cryptocurrencies, the state can be represented by a key-value map, where keys are the account addresses and values consist of account balance, nonce, etc. We propose a new commitment scheme for key-value maps whose size does not grow with the number of keys, yet proofs of membership are of constant-size. In fact, both the encoding and the proofs consist of just two and three group elements respectively (in groups of unknown order like class groups). Verifying and updating proofs involves just a few group exponentiations. Additive updates to key values enjoy the same level of efficiency too. Key-value commitments can be used to build dynamic accumulators and vector commitments, which find applications in group signatures, anonymous credentials, verifiable databases, interactive oracle proofs, etc. Using our new key-value commitment, we provide the most efficient constructions of (sub)vector commitments to date. ∗Western Digital Research, shashank.agraval@gmail.com. †Visa Research, srirag@mit.edu.

[1]  Dario Fiore,et al.  Vector Commitment Techniques and Applications to Verifiable Decentralized Storage , 2020, IACR Cryptol. ePrint Arch..

[2]  Zhenfei Zhang,et al.  Pointproofs: Aggregating Proofs for Multiple Vector Commitments , 2020, IACR Cryptol. ePrint Arch..

[3]  Ninghui Li,et al.  Universal Accumulators with Efficient Nonmembership Proofs , 2007, ACNS.

[4]  Dario Fiore,et al.  Nearly Optimal Verifiable Data Streaming , 2016, Public Key Cryptography.

[5]  Ittai Abraham,et al.  Aggregatable Subvector Commitments for Stateless Cryptocurrencies , 2020, IACR Cryptol. ePrint Arch..

[6]  Jan Camenisch,et al.  Accumulators with Applications to Anonymity-Preserving Revocation , 2017, 2017 IEEE European Symposium on Security and Privacy (EuroS&P).

[7]  Mehdi Tibouchi,et al.  Close to Uniform Prime Number Generation With Fewer Random Bits , 2014, IEEE Transactions on Information Theory.

[8]  Lan Nguyen,et al.  Accumulators from Bilinear Pairings and Applications , 2005, CT-RSA.

[9]  David Mazières The Stellar Consensus Protocol : A Federated Model for Internet-level Consensus , 2015 .

[10]  Dario Fiore,et al.  Vector Commitments and Their Applications , 2013, Public Key Cryptography.

[11]  Moti Yung,et al.  Concise Mercurial Vector Commitments and Independent Zero-Knowledge Sets with Short Proofs , 2010, TCC.

[12]  Moti Yung,et al.  Functional Commitment Schemes: From Polynomial Commitments to Pairing-Based Accumulators from Simple Assumptions , 2016, ICALP.

[13]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[14]  Marcos A. Kiwi,et al.  Strong accumulators from collision-resistant hashing , 2008, International Journal of Information Security.

[15]  Philippe Camacho,et al.  On the Impossibility of Batch Update for Cryptographic Accumulators , 2010, LATINCRYPT.

[16]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[17]  Thaddeus Dryja,et al.  Utreexo: A dynamic hash-based accumulator optimized for the Bitcoin UTXO set , 2019, IACR Cryptol. ePrint Arch..

[18]  Charalampos Papamanthou,et al.  Edrax: A Cryptocurrency with Stateless Transaction Validation , 2018, IACR Cryptol. ePrint Arch..

[19]  Johannes Buchmann,et al.  A Survey on {IQ} Cryptography , 2001 .

[20]  Giulio Malavolta,et al.  Subvector Commitments with Application to Succinct Arguments , 2019, CRYPTO.

[21]  Bodo Möller,et al.  Security of Cryptosystems Based on Class Groups of Imaginary Quadratic Orders , 2000, ASIACRYPT.

[22]  Dan Boneh,et al.  Batching Techniques for Accumulators with Applications to IOPs and Stateless Blockchains , 2019, IACR Cryptol. ePrint Arch..

[23]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[24]  Brent Waters,et al.  Short and Stateless Signatures from the RSA Assumption , 2009, CRYPTO.