An order query takes as input a set of elements from a list (ordered sequence) L, and asks for this set to be ordered using the total order induced by L. We introduce two formal models for answering order queries on a list in a verifiable and private manner. Our first model, called zero-knowledge list (ZKL), generalizes the standard twoparty model of membership queries on a set to order queries on a list in zero-knowledge. We present a construction of ZKL based on zeroknowledge sets and a homomorphic integer commitment. Our second model, privacy-preserving authenticated list (PPAL), extends authenticated data structures by adding a zero-knowledge privacy requirement. This is a three-party model, where a list is outsourced by a trusted owner to an untrusted cloud server, which answers order queries issued by clients and returns proofs of the answers. PPAL supports data integrity against a malicious server and privacy protection against a malicious client. Though PPAL can be implemented using our ZKL construction, this construction is not as efficient as desired in cloud applications. We present an efficient PPAL construction based on our novel technique of blinded bilinear accumulators and bilinear maps. Both our models are provably secure in the Random Oracle model and are zero-knowledge (e.g., hiding even the size of the list). We also show that the ZKL and PPAL frameworks can be extended to support fundamental statistical queries efficiently and in zero-knowledge.
CITATION STYLE
Ghosh, E., Ohrimenko, O., & Tamassia, R. (2015). Zero-knowledge authenticated order queries and order statistics on a list. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9092, pp. 149–171). Springer Verlag. https://doi.org/10.1007/978-3-319-28166-7_8
Mendeley helps you to discover research relevant for your work.