Paper 2020/724

Multi-Party Revocation in Sovrin: Performance through Distributed Trust

Lukas Helminger, Daniel Kales, Sebastian Ramacher, and Roman Walch


Accumulators provide compact representations of large sets and compact membership witnesses. Besides constant-size witnesses, public-key accumulators provide efficient updates of both the accumulator itself and the witness. However, bilinear group based accumulators come with drawbacks: they require a trusted setup and their performance is not practical for real-world applications with large sets. In this paper, we introduce multi-party public-key accumulators dubbed dynamic (threshold) secret-shared accumulators. We present an instantiation using bilinear groups having access to more efficient witness generation and update algorithms that utilize the shares of the secret trapdoors sampled by the parties generating the public parameters. Specifically, for the q-SDH-based accumulators, we provide a maliciously-secure variant sped up by a secure multi-party computation (MPC) protocol (IMACC'19) built on top of SPDZ and a maliciously secure threshold variant built with Shamir secret sharing. For these schemes, a performant proof-of-concept implementation is provided, which substantiates the practicability of public-key accumulators in this setting. We explore applications of dynamic (threshold) secret-shared accumulators to revocation schemes of group signatures and credentials system. In particular, we consider it as part of Sovrin's system for anonymous credentials where credentials are issued by the foundation of trusted nodes.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.CT-RSA 2021
multiparty computationdynamic accumulatorsdistributed trustthreshold accumulators
Contact author(s)
lukas helminger @ iaik tugraz at
daniel kales @ iaik tugraz at
sebastian ramacher @ ait ac at
roman walch @ iaik tugraz at
2021-03-02: revised
2020-06-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Lukas Helminger and Daniel Kales and Sebastian Ramacher and Roman Walch},
      title = {Multi-Party Revocation in Sovrin: Performance through Distributed Trust},
      howpublished = {Cryptology ePrint Archive, Paper 2020/724},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.