Equivocable and Extractable Commitment Schemes
We investigate commitment schemes with special security properties, such as equivocability and extractability, motivated by their applicability to highly secure commitment schemes, such as non-malleable or universally-composable commitment schemes.
In the public random string model, we present constructions of noninteractive commitment schemes (namely, both the commitment phase and the decommitment phase consist of a single message sent from committer to receiver) that are both equivocable and extractable. One of our constructions uses necessary and sufficient assumptions (thus improving over previous constructions).
We combine these constructions with the non-malleability construction paradigm of  and obtain, in the public random string model, a noninteractive commitment scheme that is non-malleable with respect to commitment. The assumptions used for this scheme are more general than those used in previous constructions.
KeywordsSecurity Parameter Random String Commitment Scheme Real Execution Reference String
Unable to display preview. Download preview PDF.
- 1.D. Beaver, Adaptive Zero-Knowledge and Computational Equivocation, in Proc. of FOCS 96.Google Scholar
- 3.M. Blum, P. Feldman, and S. Micali, Non-Interactive Zero-Knowledge and Applications, Proc. of STOC 88.Google Scholar
- 4.G. Brassard, C. Crépeau, and D. Chaum, Minimum Disclosure Proofs of Knowledge, Journal of Computer and System Sciences, vol. 37, no. 2, pp. 156–189.Google Scholar
- 5.R. Canetti and R. Fischlin, Universally-Composable Commitment, in Proc. of CRYPTO 2001.Google Scholar
- 6.A. De Santis, G. Di Crescenzo and G. Persiano, Necessary and Sufficient Assumptions for Non-Interactive Zero-Knowledge Proofs of Knowledge for all NP relations, in Proc. of ICALP 2000.Google Scholar
- 7.A. De Santis and G. Persiano, Zero-Knowledge Proofs of Knowledge without Interaction, in Proc. of FOCS 92.Google Scholar
- 8.G. Di Crescenzo, Y. Ishai, and R. Ostrovsky, Non-Interactive and Non-Malleable Commitment, in Proc. of STOC 98.Google Scholar
- 9.G. Di Crescenzo, J. Katz, R. Ostrovsky and A. Smith, Efficient and Non-Interactive Non-Malleable Commitment, in Proc. of EUROCRYPT 2001.Google Scholar
- 10.D. Dolev, C. Dwork, and M. Naor, Non-Malleable Cryptography, in SIAM Journal on Computing, 2000.Google Scholar
- 11.U. Feige and A. Shamir, Witness-Indistinguishable and Witness-Hiding Protocols, in Proc. of STOC 90.Google Scholar
- 12.D. Fischlin and M. Fischlin, Efficient Non-Malleable Commitment Schemes, in Proc. of CRYPTO 2000.Google Scholar
- 13.S. Goldwasser, S. Micali, and C. Rackoff, The Knowledge Complexity of Interactive Proof-Systems, SIAM Journal on Computing, vol. 18, n. 1, 1989.Google Scholar
- 14.M. Naor, Bit Commitment using Pseudorandomness, in Proc. of CRYPTO 91.Google Scholar