An Efficient Scheme for Proving a Shuffle

  • Jun Furukawa
  • Kazue Sako
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2139)


In this paper, we propose a novel and efficient protocol for proving the correctness of a shuffle, without leaking how the shuffle was performed. Using this protocol, we can prove the correctness of a shuffle of n data with roughly 18n exponentiations, where as the protocol of Sako-Kilian[SK95] required 642n and that of Abe[Ab99] required 22n log n. The length of proof will be only 211 n bits in our protocol, opposed to 218 n bits and 214 n log n bits required by Sako-Kilian and Abe, respectively. The proposed protocol will be a building block of an efficient, universally verifiable mix-net, whose application to voting system is prominent.


Mix-net Permutation Electronic Voting Universal Verifiability 


  1. [Ab99]
    M. Abe, Mix-Networks on Permutation Networks, Asiacrypt’ 99, LNCS 1716, 258–273 (1999)Google Scholar
  2. [Br93]
    S. Brands, An Efficient Off-line Electronic Cash System Based On The Representation Problem, CWI Technical Report CS-R9323, (1993)Google Scholar
  3. [Ch81]
    D. Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms, Communications of the ACM, Vol. 24, No. 2 84–88 (1981)CrossRefGoogle Scholar
  4. [CDS94]
    R. Cramer, I. Damgård and B. Schoenmakers, Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols, Crypto’ 94, LNCS 839, 174–187 (1994)Google Scholar
  5. [HAC]
    A. Menezes, C. van Oorschot and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 617–619Google Scholar
  6. [Ne01]
    C.A. Neff, Verifiable, Secret Shuffles of ElGamal Encrypted Data, Initial version circulated Mar. 2000, current version submitted to ACMCCS 01Google Scholar
  7. [OKST97]
    W. Ogata, K. Kurosawa, K. Sako and K. Takatani, Fault tolerant anonymous channel, 1st International Conference on Information and Communications Security (ICICS), LNCS 1334, 440–444 (1997)Google Scholar
  8. [SK95]
    K. Sako and J. Kilian, Receipt-free mix-type voting scheme-A practical solution to the implementation of voting booth, Eurocrypt 95, LNCS 921, 393–403 (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Jun Furukawa
    • 1
  • Kazue Sako
    • 1
  1. 1.NEC CorporationKawasakiJapan

Personalised recommendations