Zero-knowledge authenticated order queries and order statistics on a list

Abstract

An order query takes as input a set of elements from a list (ordered sequence) L, and asks for this set to be ordered using the total order induced by L. We introduce two formal models for answering order queries on a list in a verifiable and private manner. Our first model, called zero-knowledge list (ZKL), generalizes the standard twoparty model of membership queries on a set to order queries on a list in zero-knowledge. We present a construction of ZKL based on zeroknowledge sets and a homomorphic integer commitment. Our second model, privacy-preserving authenticated list (PPAL), extends authenticated data structures by adding a zero-knowledge privacy requirement. This is a three-party model, where a list is outsourced by a trusted owner to an untrusted cloud server, which answers order queries issued by clients and returns proofs of the answers. PPAL supports data integrity against a malicious server and privacy protection against a malicious client. Though PPAL can be implemented using our ZKL construction, this construction is not as efficient as desired in cloud applications. We present an efficient PPAL construction based on our novel technique of blinded bilinear accumulators and bilinear maps. Both our models are provably secure in the Random Oracle model and are zero-knowledge (e.g., hiding even the size of the list). We also show that the ZKL and PPAL frameworks can be extended to support fundamental statistical queries efficiently and in zero-knowledge.