Additive Combinatorics and Discrete Logarithm Based Range Protocols

We show how to express an arbitrary integer interval I = [0,H] as a sumset I =Σi=1l Gi * [0, u - 1] + [0, H′] of smaller integer intervals for some small values l, u, and H′ < u - 1, where b*A = {ba: a ∈ A} and A+B = {a+b: a ∈ A ∧ b ∈ B}. We show how to derive such expression of I as a sumset for any value of 1 < u < H, and in particular, how the coefficients Gi can be found by using a nontrivial but efficient algorithm. This result may be interesting by itself in the context of additive combinatorics. Given the sumset-representation of I, we show how to decrease both the communication complexity and the computational complexity of the recent pairing-based range proof of Camenisch, Chaabouni and shelat from ASIACRYPT 2008 by a factor of 2. Our results are important in applications like e-voting where a voting server has to verify thousands of proofs of e-vote correctness per hour. Therefore, our new result in additive combinatorics has direct relevance in practice.

[1]  Abhi Shelat,et al.  Efficient Protocols for Set Membership and Range Proofs , 2008, ASIACRYPT.

[2]  Ivan Damgård,et al.  Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions , 2000, Public Key Cryptography.

[3]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[4]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[5]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[6]  Kelly Black Classroom Note: Putting Constraints in Optimization for First-Year Calculus Students , 1997, SIAM Rev..

[7]  Terence Tao,et al.  Additive combinatorics , 2007, Cambridge studies in advanced mathematics.

[8]  Jan Camenisch,et al.  Efficient group signature schemes for large groups , 1997 .

[9]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[10]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[11]  Helger Lipmaa,et al.  On Diophantine Complexity and Statistical Zero-Knowledge Arguments , 2003, ASIACRYPT.

[12]  Jung Hee Cheon,et al.  Security Analysis of the Strong Diffie-Hellman Problem , 2006, EUROCRYPT.

[13]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[14]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[15]  Yevgeniy Dodis,et al.  A Verifiable Random Function with Short Proofs and Keys , 2005, Public Key Cryptography.

[16]  Valtteri Niemi,et al.  Secure Vickrey Auctions without Threshold Trust , 2002, Financial Cryptography.

[17]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[18]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..