Title | Concise UC Zero-Knowledge Proofs for Oblivious Updatable Databases |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Camenisch, Jan, Dubovitskaya, Maria, Rial, Alfredo |
Conference Name | 2021 IEEE 34th Computer Security Foundations Symposium (CSF) |
Date Published | jun |
Keywords | Aggregates, composability, computer security, Databases, Protocols, pubcrawl, Task Analysis, universal composability, Vector commitments, Writing, ZK proofs of knowledge |
Abstract | We propose an ideal functionality FCD and a construction PCD for oblivious and updatable committed databases. FCD allows a prover P to read, write, and update values in a database and to prove to a verifier V in zero-knowledge (ZK) that a value is read from or written into a certain position. The following properties must hold: (1) values stored in the database remain hidden from V; (2) a value read from a certain position is equal to the value previously written into that position; (3) (obliviousness) both the value read or written and its position remain hidden from V.PCD is based on vector commitments. After the initialization phase, the cost of read and write operations is independent of the database size, outperforming other techniques that achieve cost sublinear in the dataset size for prover and/or verifier. Therefore, our construction is especially appealing for large datasets. In existing "commit-and-prove" two-party protocols, the task of maintaining a committed database between P and V and reading and writing values into it is not separated from the task of proving statements about the values read or written. FCD allows us to improve modularity in protocol design by separating those tasks. In comparison to simply using a commitment scheme to maintain a committed database, FCD allows P to hide efficiently the positions read or written from V. Thanks to this property, we design protocols for e.g. privacy-preserving e-commerce and location-based services where V gathers aggregate statistics about the statements that P proves in ZK. |
DOI | 10.1109/CSF51468.2021.00008 |
Citation Key | camenisch_concise_2021 |