SPRM

SPRM

Enhance privacy with SPRM: dropin replacement to securely verify data, protect NFT metadata

Abstract

This product presents SPRM (State of Primary Elements that is Rolled-up and Merged), a novel optimization technique designed to enhance hash value calculations involving sensitive data. Traditional hashing mechanisms require the entire message, including confidential information, to compute the hash, raising significant privacy concerns. SPRM addresses this by consolidating the initial blocks containing sensitive data into a compact intermediate state, reducing data exposure and computational overhead in the hashing process.

By leveraging the structural properties of hash functions like SHA-256, SPRM efficiently processes contiguous blocks of sensitive information, creating a smaller data footprint while maintaining hash integrity. This approach allows for the validation of data integrity without revealing or transmitting sensitive content. SPRM is particularly useful in scenarios requiring the verification of DID, VC, X.509 Certificates or other cryptographic proofs where both data hiding and transparency are required, and holder-exclusive NFT contents in decentralized manner.


This is the short version of description. Please read the full README



Introduction

Hash functions are essential cryptographic tools used to verify data integrity and ensure secure communication. These functions generate a fixed-size hash value from an input message of arbitrary length, which is then used to verify the message's integrity. Hash functions are widely used in various applications, including digital signatures, blockchain, and secure communication protocols.

However, traditional hashing mechanisms have limitations when dealing with sensitive data. When hashing a message containing confidential information, the entire message must be processed, exposing the sensitive content to the hashing algorithm. This raises significant privacy concerns, especially when dealing with personal data or other sensitive information.

SPRM addresses this issue by consolidating the initial blocks containing sensitive data into a compact intermediate state. This intermediate state is then used as the input to the hash function, reducing data exposure and computational overhead in the hashing process. By leveraging the structural properties of hash functions like SHA-256, SPRM efficiently processes contiguous blocks of sensitive information, creating a smaller data footprint while maintaining hash integrity.

Related Work

DID/VC Primitives

Verifiable Credentials (VCs) are cryptographically signed digital credentials used to prove identity or attributes. Decentralized Identifiers (DIDs) are unique, self-sovereign identifiers linked to VCs. Privacy concerns arise when sharing VCs, as sensitive data can be exposed.

Privacy-Preserving Methods

Selective Disclosure

This technique allows revealing only necessary information from VCs. However, it is not yet standardized and requires additional system changes, unlike SPRM which is compatible with existing systems.

Zero-Knowledge Proofs

These proofs allow credentials verification without revealing sensitive information but are complex and computationally expensive. SPRM, being lightweight and efficient, serves as an easier drop-in replacement.

X.509 Certificates

Widely used in digital certificates, X.509 shares similar privacy concerns as VCs. SPRM can enhance privacy without altering the existing certificate structure.

Non-Fungible Tokens (NFTs)

NFTs store unique digital assets publicly. SPRM can facilitate private, owner-exclusive NFT metadata verification, enhancing privacy while maintaining decentralization, unlike centralized solutions used by companies like SBINFT Co., Ltd.

Proposed Method

SPRM is a novel optimization technique designed to enhance hash value calculations involving sensitive data. The key idea behind SPRM is to consolidate the initial blocks containing sensitive data into a compact intermediate state (or IV; Initial Vector), reducing data exposure and computational overhead in the hashing process.

The SPRM algorithm consists of the following steps:

Initialization: Initialize the SPRM state with the initial blocks containing sensitive data.

Rollup: Rollup the initial block segments.

Merge: Merge the rolled-up segments into a compact intermediate state as an IV.

Continue Hashing: Continue hashing the remaining message blocks using the compact intermediate state as the IV.

The SPRM algorithm is designed to be 100% compatible with existing hash functions like SHA-256. It means that the SPRM algorithm can be used as a drop-in replacement for the existing hashing mechanism without any changes to the hash function itself. So the existing DID/VC/X.509/NFT systems can adopt SPRM without any changes to the existing system.

We prepared the Solidity library for EVM-compatible systems. The contract can verify the data via the library contract. Also we prepared the NFT contract which has the metadata hashed by SPRM. The owner can verify the metadata by hashing the full metadata, while the non-holders can verify the metadata by hashing the masked metadata.


Conclusion

SPRM is a novel optimization technique designed to enhance hash value calculations involving sensitive data. By consolidating the initial blocks containing sensitive data into a compact intermediate state, SPRM reduces data exposure and computational overhead in the hashing process. SPRM is compatible with existing hash functions like SHA-256 and can be used as a drop-in replacement for the existing hashing mechanism. This makes SPRM an attractive option for enhancing privacy and data integrity in applications requiring the verification of DID, VC, X.509 Certificates, and holder-exclusive NFT contents.

For the future work, we plan to extend the usecases other than the topic described before, and to integrate it with many systems.