Commitment Capacity of Discrete Memoryless Channels

  • Andreas Winter
  • Anderson C. A. Nascimento
  • Hideki Imai
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2898)


In extension of the bit commitment task and following work initiated by Crépeau, we introduce and solve the problem of characterising the optimal rate at which a discrete memoryless channel can be used to for bit commitment. It turns out that the answer is very intuitive: it is the maximum equivocation of the channel (after removing trivial redundancy), even when unlimited noiseless bidirectional side communication is allowed. By a well–known reduction, this result provides a lower bound on the channel’s capacity for implementing coin tossing.

The method of proving this relates the problem to Wyner’s wire–tap channel in an amusing way. There is also an extension to quantum channels.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ahlswede, R., Csiszár, I.: Common Randomness in Information Theory and Cryptography - Part I: Secret Sharing. IEEE Trans. Inf. Theory 39(4), 1121–1132 (1993)MATHCrossRefGoogle Scholar
  2. 2.
    Ahlswede, R., Winter, A.: Strong converse for identification via quantum channels. IEEE Trans. Inf. 48(3), 569–579 (2002); Addendum ibid 49(1), p. 346 (2003) MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Beaver, D.: Commodity-Based Cryptography(Extended Abstract). In: Proc. 29thAnnual ACM Symposium on the Theory of Computing, El Paso, TX, May 4-6, pp. 446–455. ACM, New York (1997)Google Scholar
  4. 4.
    Bennett, C.H., Brassard, G.: Quantum Cryptography: Public Key Distribution and Coin Tossing. In: Proc. IEEE Int. Conf. on Computers Systems and Signal Processing, Bangalore (India), pp. 175–179 (1984)Google Scholar
  5. 5.
    Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.: Generalized Privacy Amplification. IEEE Trans. Inf. Theory 41(6), 1915–1923 (1995)MATHCrossRefGoogle Scholar
  6. 6.
    Bennett, C.H., Shor, P.W.: Quantum Information Theory. IEEE Trans. Inf. Theory 44(6), 2724–2742 (1998)MATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Blum, M.: Coin fipping by telephone: a protocol for solving impossible problems. In: Proc. IEEE Computer Conference, pp. 133–137 (1982)Google Scholar
  8. 8.
    Brassard, G., Chaum, D., Crepeau, C.: Minimum disclosure proofs of knowledge. J. Computer Syst. Sci. 37, 156–189 (1988)MATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Brassard, G., Crepeau, C., Yung, M.: Constant-round perfect zero-knowledge computationally convincing protocols. Theoretical Computer Science 84, 23–52 (1991)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Cai, N., Yeung, R.W.: Quantum Privacy and Quanum Wiretap Channels (2003) (manuscript)Google Scholar
  11. 11.
    Chernoff, H.: A measure of asymptotic eciency for tests of a hypothesis based on the sum of observations. Ann. Math. Statistics 23, 493–507 (1952)MATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Crépeau, C.: Efficient Cryptographic Protocols Based on Noisy Channels. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 306–317. Springer, Heidelberg (1997)Google Scholar
  13. 13.
    Crépeau, C., Kilian, J.: Achieving oblivious transfer using weakened security assumptions. In: Proc. 29th FOCS, pp. 42–52. IEEE, Los Alamitos (1988)Google Scholar
  14. 14.
    Csiszár, I., Körner, J.: Information Theory: Coding Theorems for Discrete Memoryless Channels. Academic Press, New York (1981)MATHGoogle Scholar
  15. 15.
    Damgård, I.B., Kilian, J., Salvail, L.: On the (Im)possibility of Basing Oblivious Transfer and Bit Commitment on Weakened Security Assumptions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 56–73. Springer, Heidelberg (1999)Google Scholar
  16. 16.
    Halevi, S.: Efficient commitment schemes with bounded sender and unbounded receiver. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 84–96. Springer, Heidelberg (1995)Google Scholar
  17. 17.
    Halevi, S., Micali, S.: Practical and Provably-Secure Commitment Schemes from Collision Free Hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 201–215. Springer, Heidelberg (1996)Google Scholar
  18. 18.
    Holevo, A.S.: Bounds for the quantity of information transmitted by a quantum channel. Probl. Inf. Transm. 9(3), 177–183 (1973)Google Scholar
  19. 19.
    Maurer, U.: Protocols for Secret Key Agreement by Public Discussion Based on Common Information. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 461–470. Springer, Heidelberg (1993); Secret Key Agreement by Public Discussion. IEEE Trans. Inf. Theory 39(3),733-742 (1993)Google Scholar
  20. 20.
    Mayers, D.: Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Letters 78(17), 3414–3417 (1997)CrossRefGoogle Scholar
  21. 21.
    Naor, M.: Bit commitment using pseudo-randomness. J. Cryptology 2(2), 151–158 (1991)Google Scholar
  22. 22.
    Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information. Cambridge University Press, Cambridge (2000)MATHGoogle Scholar
  23. 23.
    Ostrovsky, R., Venkatesan, R., Yung, M.: Secure commitments against a powerful adversary. In: Finkel, A., Jantzen, M. (eds.) STACS 1992. LNCS, vol. 577, pp. 439–448. Springer, Heidelberg (1992)Google Scholar
  24. 24.
    Rivest, R.L.: Unconditionally Secure Commitment and Oblivious Transfer Schemes Using Private Channels and a Trusted Initializer (1999) (unpublished manuscript)Google Scholar
  25. 25.
    Shannon, C.E.: A mathematical theory of communication, Bell System Tech. Journal 27, 379–423, 623-656 (1948)MATHMathSciNetGoogle Scholar
  26. 26.
    Wyner, A.: The Wire Tap Channel. Bell System Tech. Journal 54, 1355–1387 (1975)MathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Andreas Winter
    • 1
  • Anderson C. A. Nascimento
    • 2
  • Hideki Imai
    • 2
  1. 1.Department of Computer ScienceUniversity of BristolBristolUnited Kingdom
  2. 2.Imai Laboratory, Information and Systems, Institute of Industrial ScienceUniversity of TokyoTokyoJapan

Personalised recommendations