Cryptology ePrint Archive: Report 2015/007

Balloon: A Forward-Secure Append-Only Persistent Authenticated Data Structure

Tobias Pulls and Roel Peeters

Abstract: We present Balloon, a forward-secure append-only persistent authenticated data structure. Balloon is designed for an initially trusted author that generates events to be stored in a data structure (the Balloon) kept by an untrusted server, and clients that query this server for events intended for them based on keys and snapshots. The data structure is persistent such that clients can query keys for the current or past versions of the data structure based upon snapshots, which are generated by the author as new events are inserted. The data structure is authenticated in the sense that the server can prove all operations with respect to snapshots created by the author. No event inserted into the data structure prior to the compromise of the author can be modified or deleted without detection due to Balloon being publicly verifiable. Balloon supports efficient (non-)membership proofs and verifiable inserts by the author, enabling the author to verify the correctness of inserts without having to store a copy of the Balloon. We formally define and prove that Balloon is a secure authenticated data structure.

Category / Keywords: Authenticated Data Structure

Original Publication (with minor differences): ESORICS 2015

Date: received 5 Jan 2015, last revised 26 Jun 2015

Contact author: roel peeters at esat kuleuven be

Available format(s): PDF | BibTeX Citation

Version: 20150626:100347 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]