A fair and efficient solution to the socialist millionaires' problem

Abstract We present a solution to the Tierce problem , in which two players want to know whether they have backed the same combination (but neither player wants to disclose its combination to the other one). The problem is also known as the socialist millionaires’ problem , in which two millionaires want to know whether they happen to be equally rich. In our solution, both players will be convinced of the correctness of the equality test between their combinations and will get no additional information on the other player's combination. Our solution is fair : one party cannot get the result of the comparison while preventing the other one from getting it. The protocol requires O( k ) exponentiations only, where k is a security parameter.

[1]  Jennifer Seberry,et al.  Public Key Cryptography , 2000, Lecture Notes in Computer Science.

[2]  D. Pointcheval Les preuves de connaissance et leurs preuves de sécurité , 1996 .

[3]  Mihir Bellare,et al.  Verifiable partial key escrow , 1997, CCS '97.

[4]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[5]  N. S. Barnett,et al.  Private communication , 1969 .

[6]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[7]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[8]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[9]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[10]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[11]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[12]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[13]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[14]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[15]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[16]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[17]  Markus Jakobsson,et al.  Proving Without Knowing: On Oblivious, Agnostic and Blindolded Provers , 1996, CRYPTO.