Paper 2024/1259

Efficient (Non-)Membership Tree from Multicollision-Resistance with Applications to Zero-Knowledge Proofs

Maksym Petkus, National Aviation University, Chronicled Inc.
Abstract

Many applications rely on accumulators and authenticated dictionaries, from timestamping certificate transparency and memory checking to blockchains and privacy-preserving decentralized electronic money, while Merkle tree and its variants are efficient for arbitrary element membership proofs, non-membership proofs, i.e., universal accumulators, and key-based membership proofs may require trees up to 256 levels for 128 bits of security, assuming binary tree, which makes it inefficient in practice, particularly in the context of zero-knowledge proofs. Building on the hardness of multi-collision we introduce a novel (non-)membership, optionally key-value, accumulator with up to 2x smaller tree depth while preserving the same security level, as well as multiple application-specific versions with even shallower trees, up to 6x smaller depth, that rely on the low-entropy source. Moreover, solving for special case of adversarial attacks we introduce key index variants which might be a stepping stone for an entropy-free accumulator. Notably, unlike other constructions, this work, although may, doesn't depend on the dynamic depth of the tree which is simpler and more suitable for constant-size ZKP circuits, while ensuring a substantially smaller upper bound on depth. Efficient in practice construction in the adversarial context, e.g. blockchain, where the tree manager doesn't need to be trusted, i.e., operations can be carried out by an untrusted party and verified by anyone, is the primary goal. Example instantiations are considered, where special treatment is given to the application of representing serial numbers, aka nullifiers. Nevertheless, the constructions are self-sufficient and can be used in other contexts, without blockchain and/or zero-knowledge proofs, including non-adversarial contexts. Furthermore, our findings might be of independent interest for other use cases, such as hash tables, databases and other data structures.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
dictionaryaccumulatortreemulti-collisionzero-knowledge proofblockchainhash tablememory checking
Contact author(s)
maksym @ petkus info
History
2024-08-09: approved
2024-08-08: received
See all versions
Short URL
https://ia.cr/2024/1259
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1259,
      author = {Maksym Petkus},
      title = {Efficient (Non-)Membership Tree from Multicollision-Resistance with Applications to Zero-Knowledge Proofs},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1259},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1259}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.