Paper 2023/1787

Updatable Privacy-Preserving Blueprints

Bernardo David, IT University of Copenhagen
Felix Engelmann, Lund University
Tore Frederiksen, Zama
Markulf Kohlweiss, University of Edinburgh, IOG
Elena Pagnin, Chalmers University of Technology
Mikhail Volkhov, O1Labs
Abstract

Privacy-preserving blueprint schemes (Kohlweiss et al., EUROCRYPT'23) offer a mechanism for safeguarding user's privacy while allowing for specific legitimate controls by a designated auditor agent. These schemes enable users to create escrows encrypting the result of evaluating a function $y=P(t,x)$, with $P$ being publicly known, $t$ a secret used during the auditor's key generation, and $x$ the user's private input. Crucially, escrows only disclose the blueprinting result $y=P(t,x)$ to the designated auditor, even in cases where the auditor is fully compromised. The original definition and construction only support the evaluation of functions $P$ on an input $x$ provided by a single user. We address this limitation by introducing updatable privacy-preserving blueprint schemes (UPPB), which enhance the original notion with the ability for multiple users to non-interactively update the private user input $x$ while blueprinting. Moreover, UPPBs contain a proof that $y$ is the result of a sequence of valid updates, while revealing nothing else about the private inputs $\{x_i\}$ of updates. As in the case of privacy-preserving blueprints, we first observe that UPPBs can be realized via a generic construction for arbitrary predicates $P$ based on FHE and NIZKs. Our main result is UBlu, an efficient instantiation for a specific predicate comparing the values $x$ and $t$, where $x$ is the cumulative sum of users' private inputs and $t$ is a fixed private value provided by the auditor in the setup phase. This rather specific setting already finds interesting applications such as privacy-preserving anti-money laundering and location tracking, and can be extended to support more generic predicates. From the technical perspective, we devise a novel technique to keep the escrow size concise, independent of the number of updates, and reasonable for practical applications. We achieve this via a novel characterization of malleability for the algebraic NIZK by Couteau and Hartmann (CRYPTO’20) that allows for an additive update function.

Note: Added performance benchmarks & editorial.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in ASIACRYPT 2024
Keywords
Updatable NIZKsPrivacy-Preserving Blueprints
Contact author(s)
beda @ itu dk
fe-research @ nlogn org
tore frederiksen @ zama ai
mkohlwei @ ed ac uk
elenap @ chalmers se
mv @ volhovm com
History
2024-10-20: revised
2023-11-19: received
See all versions
Short URL
https://ia.cr/2023/1787
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1787,
      author = {Bernardo David and Felix Engelmann and Tore Frederiksen and Markulf Kohlweiss and Elena Pagnin and Mikhail Volkhov},
      title = {Updatable Privacy-Preserving Blueprints},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1787},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1787}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.