Improved Non-committing Encryption Schemes Based on a General Complexity Assumption

Non-committing encryption enables the construction of multiparty computation protocols secure against an adaptive adversary in the computational setting where private channels between players are not assumed. While any non-committing encryption scheme must be secure in the ordinary semantic sense, the converse is not necessarily true. We propose a construction of non-committing encryption that can be based on any public-key system which is secure in the ordinary sense and which has an extra property we call simulatability. This generalises an earlier scheme proposed by Beaver based on the Diffie-Hellman problem, and we propose another implementation based on RSA. In a more general setting, our construction can be based on any collection of trapdoor permutations with a certain simulatability property. This offers a considerable efficiency improvement over the first non-committing encryption scheme proposed by Canetti et al. Finally, at some loss of efficiency, our scheme can be based on general collections of trapdoor permutations without the simulatability assumption, and without the common-domain assumption of Canetti et al. In showing this last result, we identify and correct a bug in a key generation protocol from Canetti et al.

[1]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[2]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[3]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[4]  Peter D. Mosses A Modular SOS for Action Notation , 1999 .

[5]  Wang Yi,et al.  On Memory-Block Traversal Problems in Model-Checking Timed-Systems , 2000, TACAS.

[6]  Rasmus Pagh A New Trade-Off for Deterministic Dictionaries , 2000, SWAT.

[7]  Donald Beaver,et al.  Plug and Play Encryption , 1997, CRYPTO.

[8]  Ivan Damgård,et al.  Efficient Protocols based on Probabilistic Encryption using Composite Degree Residue Classes , 2000, IACR Cryptol. ePrint Arch..

[9]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[10]  Eric Bach,et al.  How to Generate Factored Random Numbers , 1988, SIAM J. Comput..

[11]  Alfredo De Santis,et al.  Zero-knowledge proofs of knowledge without interaction , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[12]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[13]  Christian N. S. Pedersen,et al.  Pseudoknots in RNA secondary structures , 2000, RECOMB '00.

[14]  A. D. Santis,et al.  Zero-Knowledge Proofs of Knowledge Without Interaction (Extended Abstract) , 1992, FOCS 1992.

[15]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[16]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[17]  Leonid A. Levin,et al.  Security preserving amplification of hardness , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[18]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[19]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[20]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[21]  J'anos Simon,et al.  Proceedings of the twentieth annual ACM symposium on Theory of computing , 1988, STOC 1988.

[22]  Ivan Damgård,et al.  Improved Non-committing Encryption Schemes Based on a General Complexity Assumption , 2000, Annual International Cryptology Conference.

[23]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[24]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[25]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[26]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[27]  Peter D. Mosses,et al.  Logical Specification of Operational Semantics , 1999, CSL.

[28]  Peter D. Mosses A Modular SOS for ML Concurrency Primitives , 1999 .

[29]  Stanislaw Jarecki,et al.  Adaptively Secure Threshold Cryptography: Introducing Concurrency, Removing Erasures , 2000, EUROCRYPT.

[30]  Donald Beaver,et al.  Cryptographic Protocols Provably Secure Against Dynamic Adversaries , 1992, EUROCRYPT.

[31]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[32]  Donald E. Knuth,et al.  Analysis of a Simple Factorization Algorithm , 1976, Theor. Comput. Sci..