Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
A verifiable secret shuffle and its application to e-voting
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Zero-Knowledge Proofs for Finite Field Arithmetic; or: Can Zero-Knowledge be for Free?
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Mix and Match: Secure Function Evaluation via Ciphertexts
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Verifiable Secret Shuffle of Homomorphic Encryptions
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Proceedings of the 11th ACM conference on Computer and communications security
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
Receipt-free mix-type voting scheme: a practical solution to the implementation of a voting booth
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Practical and secure solutions for integer comparison
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Efficient and secure comparison for on-line auctions
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Sub-linear zero-knowledge argument for correctness of a shuffle
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Prêt à voter with re-encryption mixes
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Efficient correlated action selection
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
Minimum Disclosure Counting for the Alternative Vote
VOTE-ID '09 Proceedings of the 2nd International Conference on E-Voting and Identity
Parallel shuffling and its application to prêt à voter
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Discrete logarithm based additively homomorphic encryption and secure data aggregation
Information Sciences: an International Journal
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Discrete-Log-Based additively homomorphic encryption and secure WSN data aggregation
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Efficiently shuffling in public
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Hi-index | 0.00 |
Similar to verifiable shuffling (mixing), we consider the problem of verifiable rotating a given list of homomorphic encryptions. The offset by which the list is rotated (cyclic shift) should remain hidden. Basically, we will present zero-knowledge proofs of knowledge of a rotation offset and re-encryption exponents, which define how the input list is transformed into the output list. We also briefly address various applications of verifiable rotation, ranging from `fragile mixing' as introduced by Reiter and Wang at CCS'04 to applications in protocols for secure multiparty computation and voting. We present two new, efficient protocols. Our first protocol is quite elegant and involves the use of the Discrete Fourier Transform (as well as the Fast Fourier Transform algorithm), and works under some reasonable conditions. We believe that this is the first time that Fourier Transforms are used to construct an efficient zero-knowledge proof of knowledge. Our second protocol is more general (requiring no further conditions) and only slightly less efficient than the DFT-based protocol. Unlike the previously best protocol by Reiter and Wang, however, which relies on extensive use of verifiable shuffling as a building block (invoking it four times as a sub-protocol), our construction is direct and its performance is comparable to the performance of a single run of the best protocol for verifiable shuffling.