Efficient, Verifiable Shuffle Decryption and Its Requirement of Unlinkability

In this paper, we propose a scheme to simultaneously prove the correctness of both shuffling and decryption. Our scheme is the most efficient of all previous schemes, as a total, in proving the correctness of both shuffling and decryption of ElGamal ciphertexts. We also propose a formal definition for the core requirement of unlinkability in verifiable shuffle-decryption, and then prove that our scheme satisfies this requirement. The proposed definition may be also useful for proving the security of verifiable shuffle-decryption, hybrid mix network, and other mix-nets.

[1]  Satoshi Obana,et al.  An Implementation of a Universally Verifiable Electronic Voting Scheme based on Shuffling , 2002, Financial Cryptography.

[2]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[3]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’95 , 2001, Lecture Notes in Computer Science.

[4]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[5]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[6]  Jens Groth A Verifiable Secret Shuffle of Homomorphic Encryptions , 2003, Public Key Cryptography.

[7]  Markus Jakobsson,et al.  Optimistic Mixing for Exit-Polls , 2002, ASIACRYPT.

[8]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[9]  Markus Jakobsson,et al.  A Practical Mix , 1998, EUROCRYPT.

[10]  Markus Jakobsson,et al.  An optimally robust hybrid mix network , 2001, PODC '01.

[11]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[12]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[13]  Andrew Odlyzko,et al.  Advances in Cryptology — CRYPTO’ 86 , 2000, Lecture Notes in Computer Science.

[14]  Walter M. Lioen,et al.  Factorization of RSA-140 Using the Number Field Sieve , 1999, CRYPTO 1999.

[15]  Stefan A. Brands,et al.  An Efficient Off-line Electronic Cash System Based On The Representation Problem. , 1993 .

[16]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[17]  Masayuki Abe,et al.  A Length-invariant Hybrid Mix(Special Section on Fundamentals of Information and Communications) , 2001 .

[18]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[19]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[20]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[21]  Yuliang Zheng,et al.  Advances in Cryptology — ASIACRYPT 2002 , 2002, Lecture Notes in Computer Science.

[22]  Kazue Sako Electronic Voting Scheme Allowing Open Objection to the Tally , 1994 .

[23]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[24]  Kazue Sako,et al.  Fault tolerant anonymous channel , 1997, ICICS.

[25]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[26]  Masayuki Abe,et al.  Mix-Networks on Permutation Networks , 1999, ASIACRYPT.

[27]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[28]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[29]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.