In this paper we describe optimal trade-offs between time and space complexity of Merkle tree traversals with their associated authentication paths, improving on the previous results of M. Jakobsson, T. Leighton, S. Micali, and M. Szydlo [Fractal Merkle tree representation and traversal, in: RSA Cryptographers Track, RSA Security Conference, 2003] and M. Szydlo [Merkle tree traversal in log space and time, in: Proc. Eurocrypt, in: LNCS, vol. 3027, 2004, pp. 541-554; Merkle tree traversal in log space and time, Preprint version 2003, available at http://www.szydlo.com]. In particular, we show that our algorithm requires 2 log n / log(3) n hash function computations and storage for less than (log n / log(3) n + 1) log log n + 2 log n hash values, where n is the number of leaves in the Merkle tree. We also prove that these trade-offs are optimal, i.e. there is no algorithm that requires less than O (log n / log t) time and less than O (t log n / log t) space for any choice of parameter t ≥ 2. Our algorithm could be of special interest in the case when both time and space are limited.
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- Computer Science(all)