TY - GEN
T1 - Accumulation Without Homomorphism
AU - Bünz, Benedikt
AU - Mishra, Pratyush
AU - Nguyen, Wilson
AU - Wang, William
N1 - Publisher Copyright:
© Benedikt Bünz, Pratyush Mishra, Wilson Nguyen, and William Wang.
PY - 2025/2/11
Y1 - 2025/2/11
N2 - Accumulation schemes are a simple yet powerful primitive that enable highly efficient constructions of incrementally verifiable computation (IVC). Unfortunately, all prior accumulation schemes rely on homomorphic vector commitments whose security is based on public-key assumptions. It is an interesting open question to construct efficient accumulation schemes that avoid the need for such assumptions. In this paper, we answer this question affirmatively by constructing an accumulation scheme from non-homomorphic vector commitments which can be realized from solely symmetric-key assumptions (e.g., Merkle trees). We overcome the need for homomorphisms by instead performing spot-checks over error-correcting encodings of the committed vectors. Unlike prior accumulation schemes, our scheme only supports a bounded number of accumulation steps. We show that such bounded-depth accumulation still suffices to construct proof-carrying data (a generalization of IVC). We also demonstrate several optimizations to our PCD construction which greatly improve concrete efficiency.
AB - Accumulation schemes are a simple yet powerful primitive that enable highly efficient constructions of incrementally verifiable computation (IVC). Unfortunately, all prior accumulation schemes rely on homomorphic vector commitments whose security is based on public-key assumptions. It is an interesting open question to construct efficient accumulation schemes that avoid the need for such assumptions. In this paper, we answer this question affirmatively by constructing an accumulation scheme from non-homomorphic vector commitments which can be realized from solely symmetric-key assumptions (e.g., Merkle trees). We overcome the need for homomorphisms by instead performing spot-checks over error-correcting encodings of the committed vectors. Unlike prior accumulation schemes, our scheme only supports a bounded number of accumulation steps. We show that such bounded-depth accumulation still suffices to construct proof-carrying data (a generalization of IVC). We also demonstrate several optimizations to our PCD construction which greatly improve concrete efficiency.
KW - Proof-carrying data
KW - accumulation schemes
KW - incrementally verifiable computation
UR - http://www.scopus.com/inward/record.url?scp=85218335327&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85218335327&partnerID=8YFLogxK
U2 - 10.4230/LIPIcs.ITCS.2025.23
DO - 10.4230/LIPIcs.ITCS.2025.23
M3 - Conference contribution
AN - SCOPUS:85218335327
T3 - Leibniz International Proceedings in Informatics, LIPIcs
BT - 16th Innovations in Theoretical Computer Science Conference, ITCS 2025
A2 - Meka, Raghu
PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
T2 - 16th Innovations in Theoretical Computer Science Conference, ITCS 2025
Y2 - 7 January 2025 through 10 January 2025
ER -