Paper 2021/627

VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries

Nirvan Tyagi, Cornell University
Ben Fisch, Yale University
Andrew Zitek, New York University
Joseph Bonneau, New York University
Stefano Tessaro, University of Washington

Verifiable registries allow clients to securely access a key-value mapping maintained by an untrusted server. Registries must be audited to ensure global invariants are preserved, which, in turn, allows for efficient monitoring of individual registry entries by their owners. To this end, existing proposals either assume trusted third-party auditors or rely on incrementally verifiable computation (IVC) via expensive recursive SNARKs to make registries client-auditable. In this work, we give new client-auditable verifiable registries with throughputs up to $100\times$ greater than baseline IVC solutions. Our approach relies on an authenticated dictionary based on RSA accumulators for which we develop a new constant-size invariant proof. We use this as a replacement for Merkle trees to optimize the baseline IVC approach, but also provide a novel construction which dispenses with SNARKs entirely. This latter solution adopts a new checkpointing method to ensure client view consistency.

Available format(s)
Publication info
Published elsewhere. ACM CCS 2022
public key infrastructure transparency authenticated data structures RSA accumulators incrementally-verifiable computation
Contact author(s)
nirvan tyagi @ gmail com
2022-08-29: revised
2021-05-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nirvan Tyagi and Ben Fisch and Andrew Zitek and Joseph Bonneau and Stefano Tessaro},
      title = {VeRSA: Verifiable Registries with Efficient Client Audits from RSA Authenticated Dictionaries},
      howpublished = {Cryptology ePrint Archive, Paper 2021/627},
      year = {2021},
      doi = {10.1145/3548606.3560605},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.