[cryptography] Regarding Zerocoin and alternative cryptographic accumulators

Jane third at angels.la
Sat Apr 27 09:25:02 EDT 2013

Good afternoon mailing list subscribers!
Good afternoon Mr. Green!

First, I'd like to ask pardon if my question is not particularly
bright - I am not a professional cryptographer, so I might be missing
something very obvious.

I have recently read the Zerocoin paper which describes a very
interesting enhanced anonymity solution for bitcoin-like "blockchain
based" cryptocurrencies  ( those unfamiliar can check it out here
http://spar.isi.jhu.edu/~mgreen/ZerocoinOakland.pdf )

The paper specifically states that "While we were not able to find an
analogue of our scheme using alternative components, it is possible
that further research will lead to other solutions. Ideally such an
improvement could produce a drop-in replacement for our existing

However, I've come across an alternative cryptographic accumulator
that does not require trusted setup, the Lipmaa  Euclidean Rings based
design. ( http://www.cs.ut.ee/~lipmaa/papers/lip12b/cl-accum.pdf )
>From my superficial assessment, it appears fitting for a zerocoin like
design, but I find it quite likely that I am missing the obvious.

The question thus is: what exactly prevents Lipmaa accumulator from
being used as aforementioned drop-in replacement ?

Thank you very much in advance.

More information about the cryptography mailing list