An Efficient Scheme for Proving a Shuffle

  • Jun Furukawa
  • Kazue Sako
Conference paper

DOI: 10.1007/3-540-44647-8_22

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2139)
Cite this paper as:
Furukawa J., Sako K. (2001) An Efficient Scheme for Proving a Shuffle. In: Kilian J. (eds) Advances in Cryptology — CRYPTO 2001. CRYPTO 2001. Lecture Notes in Computer Science, vol 2139. Springer, Berlin, Heidelberg


In this paper, we propose a novel and efficient protocol for proving the correctness of a shuffle, without leaking how the shuffle was performed. Using this protocol, we can prove the correctness of a shuffle of n data with roughly 18n exponentiations, where as the protocol of Sako-Kilian[SK95] required 642n and that of Abe[Ab99] required 22n log n. The length of proof will be only 211n bits in our protocol, opposed to 218n bits and 214n log n bits required by Sako-Kilian and Abe, respectively. The proposed protocol will be a building block of an efficient, universally verifiable mix-net, whose application to voting system is prominent.


Mix-net Permutation Electronic Voting Universal Verifiability 

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Jun Furukawa
    • 1
  • Kazue Sako
    • 1
  1. 1.NEC CorporationKawasakiJapan

Personalised recommendations