Generalized Proof of Liabilities

Proof of liabilities (PoL) allows a prover to prove his/her liabilities to a group of verifiers. This is a cryptographic primitive once used only for proving financial solvency but is also applicable to domains outside finance, including transparent and private donations, new algorithms for disapproval voting and publicly verifiable official reports such as COVID-19 daily cases. These applications share a common nature in incentives: it's not in the prover's interest to increase his/her total liabilities. We generalize PoL for these applications by attempting for the first time to standardize the goals it should achieve from security, privacy and efficiency perspectives. We also propose DAPOL+, a concrete PoL scheme extending the state-of-the-art DAPOL protocol but providing provable security and privacy, with benchmark results demonstrating its practicality. In addition, we explore techniques to provide additional features that might be desired in different applications of PoL and measure the asymptotic probability of failure.

[1]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[2]  Elaine Shi,et al.  Circuit ORAM: On Tightness of the Goldreich-Ostrovsky Lower Bound , 2015, IACR Cryptol. ePrint Arch..

[3]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[4]  Zhenfeng Zhang,et al.  Breaking the Binding: Attacks on the Merkle Approach to Prove Liabilities and its Applications , 2019, IACR Cryptol. ePrint Arch..

[5]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[6]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[7]  Matthew Green,et al.  Decentralized Anonymous Credentials , 2014, NDSS.

[8]  Nancy A. Lynch,et al.  Brewer's conjecture and the feasibility of consistent, available, partition-tolerant web services , 2002, SIGA.

[9]  Ashrujit Ghoshal,et al.  Tight State-Restoration Soundness in the Algebraic Group Model , 2020, IACR Cryptol. ePrint Arch..

[10]  Ariel Gabizon,et al.  PLONK: Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of Knowledge , 2019, IACR Cryptol. ePrint Arch..

[11]  Marcos A. Kiwi,et al.  Strong accumulators from collision-resistant hashing , 2008, International Journal of Information Security.

[12]  Karen A Kitching Audit Value and Charitable Organizations , 2009 .

[13]  T. Tedone Counting injuries and illnesses in the workplace: an international review , 2017 .

[14]  Konstantinos Chalkias,et al.  SoK: Auditability and Accountability in Distributed Payment Systems , 2021, IACR Cryptol. ePrint Arch..

[15]  Aggelos Kiayias,et al.  Stake-Bleeding Attacks on Proof-of-Stake Blockchains , 2018, 2018 Crypto Valley Conference on Blockchain Technology (CVCBT).

[16]  Jeremy Clark,et al.  Provisions: Privacy-preserving Proofs of Solvency for Bitcoin Exchanges , 2015, CCS.

[17]  SEEMless , 2019, Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security.

[18]  Radu Sion,et al.  On the Computational Practicality of Private Information Retrieval , 2006 .

[19]  Konstantinos Chalkias,et al.  Non-interactive half-aggregation of EdDSA and variants of Schnorr signatures , 2021, IACR Cryptol. ePrint Arch..

[20]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[21]  James Heather,et al.  The Append-Only Web Bulletin Board , 2008, Formal Aspects in Security and Trust.

[22]  Tim Roughgarden,et al.  Resource Pools and the CAP Theorem , 2020, ArXiv.

[23]  Yuval Ishai,et al.  Breaking the O(n/sup 1/(2k-1)/) barrier for information-theoretic Private Information Retrieval , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[24]  S. Savage,et al.  Got traffic?: an evaluation of click traffic providers , 2011, WebQuality '11.

[25]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..

[26]  Robert H. Deng,et al.  Private Information Retrieval Using Trusted Hardware , 2006, IACR Cryptol. ePrint Arch..

[27]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[28]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[29]  Tyler Moore,et al.  Beware the Middleman: Empirical Analysis of Bitcoin-Exchange Risk , 2013, Financial Cryptography.

[30]  Ian Goldberg,et al.  Revisiting the Computational Practicality of Private Information Retrieval , 2011, Financial Cryptography.

[31]  Helger Lipmaa,et al.  First CPIR Protocol with Data-Dependent Computation , 2009, ICISC.

[32]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[33]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[34]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[35]  Apoorvaa Deshpande,et al.  SEEMless: Secure End-to-End Encrypted Messaging with less Trust , 2019, CCS.

[36]  Payman Mohassel,et al.  Distributed Auditing Proofs of Liabilities , 2020, IACR Cryptol. ePrint Arch..

[37]  Sean Bowe,et al.  Recursive Proof Composition without a Trusted Setup , 2020 .

[38]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[39]  Elaine Shi,et al.  Path ORAM: an extremely simple oblivious RAM protocol , 2012, CCS.

[40]  Eike Kiltz,et al.  The Algebraic Group Model and its Applications , 2018, IACR Cryptol. ePrint Arch..

[41]  Ronald N. Jacobs The Enron Scandal , 2011 .

[42]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[43]  D. Winslow Where Does the Money Come From , 2008 .

[44]  Yuval Ishai,et al.  Ligero: Lightweight Sublinear Arguments Without a Trusted Setup , 2017, Designs, Codes and Cryptography.

[45]  Josh Benaloh,et al.  The Trash Attack: An Attack on Verifiable Voting Systems and a Simple Mitigation , 2011 .

[46]  Ralf Küsters,et al.  Clash Attacks on the Verifiability of E-Voting Systems , 2012, 2012 IEEE Symposium on Security and Privacy.

[47]  Fan Zhang,et al.  Solidus: Confidential Distributed Ledger Transactions via PVORM , 2017, CCS.