Homomorphic Trapdoor Commitments to Group Elements

We present homomorphic trapdoor commitments to group elements. In contrast, previous homomorphic trapdoor commitment schemes only allow the messages to be exponents. Our commitment schemes are length-reducing, we can make a short commitment to many group elements at once, and they are perfectly hiding and computationally binding. The commitment schemes are based on groups with a bilinear map. We can commit to elements from a base group, whereas the commitments belong to the target group. We present two constructions based on simple computational intractability assumptions, which we call respectively the double pairing assumption and the simultaneous triple pairing assumption. While the assumptions are new, we demonstrate that they are implied by well-known assumptions; respectively the decision Diffie-Hellman assumption and the decision linear assumption.

[1]  Ivan Damgård,et al.  Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor , 2001, CRYPTO.

[2]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[3]  Helger Lipmaa,et al.  On Diophantine Complexity and Statistical Zero-Knowledge Arguments , 2003, ASIACRYPT.

[4]  Aggelos Kiayias,et al.  Concurrent Blind Signatures Without Random Oracles , 2006, SCN.

[5]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[6]  Rafail Ostrovsky,et al.  Non-interactive Zaps and New Techniques for NIZK , 2006, CRYPTO.

[7]  Jens Groth,et al.  A Non-interactive Shuffle with Pairing Based Verifiability , 2007, ASIACRYPT.

[8]  Jens Groth,et al.  Simulation-Sound NIZK Proofs for a Practical Language and Constant Size Group Signatures , 2006, ASIACRYPT.

[9]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[10]  Jens Groth,et al.  Linear Algebra with Sub-linear Zero-Knowledge Arguments , 2009, CRYPTO.

[11]  Tatsuaki Okamoto,et al.  A New Public-Key Cryptosystem as Secure as Factoring , 1998, EUROCRYPT.

[12]  Kazue Sako,et al.  An Ecient Scheme for Proving a Shue , 2001 .

[13]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[14]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[15]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[16]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[17]  Masayuki Abe,et al.  Signing on Elements in Bilinear Groups for Modular Protocol Design , 2010, IACR Cryptol. ePrint Arch..

[18]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[19]  Brent Waters,et al.  Compact Group Signatures Without Random Oracles , 2006, EUROCRYPT.

[20]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[21]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[22]  Ivan Damgård,et al.  A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order , 2002, ASIACRYPT.

[23]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[24]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[25]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.