Updatable Privacy-Preserving Blueprints

Bernardo David; Felix Engelmann; Tore Frederiksen; Markulf Kohlweiss; Elena Pagnin; Mikhail Volkhov

Paper 2023/1787

Updatable Privacy-Preserving Blueprints

Bernardo David, IT University of Copenhagen

Felix Engelmann

, Lund University

Tore Frederiksen, Zama

Markulf Kohlweiss

, University of Edinburgh, IOG

Elena Pagnin

, Chalmers University of Technology

Mikhail Volkhov, O1Labs

Abstract

Privacy-preserving blueprint schemes (Kohlweiss et al., EUROCRYPT'23) offer a mechanism for safeguarding user's privacy while allowing for specific legitimate controls by a designated auditor agent. These schemes enable users to create escrows encrypting the result of evaluating a function , with being publicly known, a secret used during the auditor's key generation, and the user's private input. Crucially, escrows only disclose the blueprinting result to the designated auditor, even in cases where the auditor is fully compromised. The original definition and construction only support the evaluation of functions on an input provided by a single user. We address this limitation by introducing updatable privacy-preserving blueprint schemes (UPPB), which enhance the original notion with the ability for multiple users to non-interactively update the private user input while blueprinting. Moreover, UPPBs contain a proof that is the result of a sequence of valid updates, while revealing nothing else about the private inputs of updates. As in the case of privacy-preserving blueprints, we first observe that UPPBs can be realized via a generic construction for arbitrary predicates based on FHE and NIZKs. Our main result is UBlu, an efficient instantiation for a specific predicate comparing the values and , where is the cumulative sum of users' private inputs and is a fixed private value provided by the auditor in the setup phase. This rather specific setting already finds interesting applications such as privacy-preserving anti-money laundering and location tracking, and can be extended to support more generic predicates. From the technical perspective, we devise a novel technique to keep the escrow size concise, independent of the number of updates, and reasonable for practical applications. We achieve this via a novel characterization of malleability for the algebraic NIZK by Couteau and Hartmann (CRYPTO’20) that allows for an additive update function.

Note: Added performance benchmarks & editorial.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: A minor revision of an IACR publication in ASIACRYPT 2024
Keywords: Updatable NIZKs Privacy-Preserving Blueprints
Contact author(s): beda @ itu dk
fe-research @ nlogn org
tore frederiksen @ zama ai
mkohlwei @ ed ac uk
elenap @ chalmers se
mv @ volhovm com
History: 2024-10-20: revised; 2023-11-19: received; See all versions
Short URL: https://ia.cr/2023/1787
License: CC BY

BibTeX

@misc{cryptoeprint:2023/1787,
      author = {Bernardo David and Felix Engelmann and Tore Frederiksen and Markulf Kohlweiss and Elena Pagnin and Mikhail Volkhov},
      title = {Updatable Privacy-Preserving Blueprints},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1787},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1787}
}