Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
A verifiable secret shuffle and its application to e-voting
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Efficient Scheme for Proving a Shuffle
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
The Security of a Mix-Center Based on a Semantically Secure Cryptosystem
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Mix-Networks on Permutation Networks
ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Remarks on Mix-Network Based on Permutation Networks
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Strengthening Zero-Knowledge Protocols Using Signatures
Journal of Cryptology
A Commitment-Consistent Proof of a Shuffle
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Linear Algebra with Sub-linear Zero-Knowledge Arguments
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Receipt-free mix-type voting scheme: a practical solution to the implementation of a voting booth
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Verifiable shuffle of large size ciphertexts
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
An implementation of a universally verifiable electronic voting scheme based on shuffling
FC'02 Proceedings of the 6th international conference on Financial cryptography
Sub-linear zero-knowledge argument for correctness of a shuffle
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
A Verifiable Secret Shuffle of Homomorphic Encryptions
Journal of Cryptology
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
An implementation of a mix-net based network voting scheme and its use in a private organization
Towards Trustworthy Elections
A more efficient computationally sound non-interactive zero-knowledge shuffle argument
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Scaling privacy guarantees in code-verification elections
Vote-ID'13 Proceedings of the 4th international conference on E-Voting and Identity
Towards a practical cryptographic voting scheme based on malleable proofs
Vote-ID'13 Proceedings of the 4th international conference on E-Voting and Identity
ZQL: a compiler for privacy-preserving data processing
SEC'13 Proceedings of the 22nd USENIX conference on Security
A more efficient computationally sound non-interactive zero-knowledge shuffle argument
Journal of Computer Security - Advances in Security for Communication Networks
| Hi-index | 0.00 |
Mix-nets are used in e-voting schemes and other applications that require anonymity. Shuffles of homomorphic encryptions are often used in the construction of mix-nets. A shuffle permutes and re-encrypts a set of ciphertexts, but as the plaintexts are encrypted it is not possible to verify directly whether the shuffle operation was done correctly or not. Therefore, to prove the correctness of a shuffle it is often necessary to use zero-knowledge arguments. We propose an honest verifier zero-knowledge argument for the correctness of a shuffle of homomorphic encryptions. The suggested argument has sublinear communication complexity that is much smaller than the size of the shuffle itself. In addition the suggested argument matches the lowest computation cost for the verifier compared to previous work and also has an efficient prover. As a result our scheme is significantly more efficient than previous zero-knowledge schemes in literature. We give performance measures from an implementation where the correctness of a shuffle of 100,000 ElGamal ciphertexts is proved and verified in around 2 minutes.