Mercurial commitments: minimal assumptions and efficient constructions

Authors:
Dario Catalano;Yevgeniy Dodis;Ivan Visconti
Affiliations:
CNRS-Ecole Normale Supérieure, Laboratoire d'Informatique, Paris, France;Department of Computer Science, New York University, New York, NY;Facoltà di Scienze Matematiche, Fisiche e Naturali, Università di Salerno, Baronissi (SA), Italy
Venue:
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Year:
2006

Citing 27
Cited 11

The knowledge complexity of interactive proof-systems

STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
A digital signature scheme secure against adaptive chosen-message attacks

SIAM Journal on Computing - Special issue on cryptography
Minimum disclosure proofs of knowledge

Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
A discrete logarithm implementation of perfect zero-knowledge blobs

Journal of Cryptology
Witness indistinguishable and witness hiding protocols

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Fast signature generation with a Fiat Shamir—like scheme

EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems

Journal of the ACM (JACM)
Noninteractive zero-knowledge

SIAM Journal on Computing
A Pseudorandom Generator from any One-way Function

SIAM Journal on Computing
Multiple NonInteractive Zero Knowledge Proofs Under General Assumptions

SIAM Journal on Computing
Paillier's cryptosystem revisited

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Foundations of Cryptography: Basic Tools

Foundations of Cryptography: Basic Tools
Improved Online/Offline Signature Schemes

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Zero Knowledge Proofs of Knowledge in Two Rounds

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A New Forward-Secure Digital Signature Scheme

ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System

PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Zero-Knowledge Sets

FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
Public-key cryptosystems based on composite degree residuosity classes

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
On the power of claw-free permutations

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Hybrid trapdoor commitments and their applications

ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Mercurial commitments with applications to zero-knowledge sets

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Hybrid commitments and their applications to zero-knowledge proof systems

Theoretical Computer Science
A Distributed Implementation of the Certified Information Access Service

ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Statistically Hiding Sets

CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Distributed certified information access for mobile devices

WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
Zero-knowledge sets with short proofs

EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Construction of universal designated-verifier signatures and identity-based signatures from standard signatures

PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
A new efficient construction for non-malleable zero-knowledge sets

WISA'10 Proceedings of the 11th international conference on Information security applications
Algebraic construction for zero-knowledge sets

Journal of Computer Science and Technology
Independent zero-knowledge sets

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Concise mercurial vector commitments and independent zero-knowledge sets with short proofs

TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Certified Information Access

Journal of Systems and Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

(Non-interactive) Trapdoor Mercurial Commitments (TMCs) were introduced by Chase et al. [8] and form a key building block for constructing zero-knowledge sets (introduced by Micali, Rabin and Kilian [28]). TMCs are quite similar and certainly imply ordinary (non-interactive) trapdoor commitments (TCs). Unlike TCs, however, they allow for some additional freedom in the way the message is opened: informally, by allowing one to claim that “if this commitment can be opened at all, then it would open to this message”. Prior to this work, it was not clear if this addition is critical or not, since all the constructions of TMCs presented in [8] and [28] used strictly stronger assumptions than TCs. We give an affirmative answer to this question, by providing simple constructions of TMCs from any trapdoor bit commitment scheme. Moreover, by plugging in various trapdoor bit commitment schemes, we get, in the trusted parameters (TP) model, all the efficient constructions from [28] and [8], as well as several immediate new (either generic or efficient) constructions. In particular, we get a construction of TMCs from any one-way function in the TP model, and, by using a special flavor of TCs, called hybridTCs [6], even in the (weaker) shared random string (SRS) model. Our results imply that (a) mercurial commitments can be viewed as surprisingly simple variations of trapdoor commitments; and (b) the existence of non-interactive zero-knowledge sets is equivalent to the existence of collision-resistant hash functions. Of independent interest, we also give a stronger and yet much simpler definition of mercurial commitments than that of [8], which is also met by our constructions in the TP model.