Equivocable and Extractable Commitment Schemes

  • Giovanni Di Crescenzo
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2576)


We investigate commitment schemes with special security properties, such as equivocability and extractability, motivated by their applicability to highly secure commitment schemes, such as non-malleable or universally-composable commitment schemes.

In the public random string model, we present constructions of noninteractive commitment schemes (namely, both the commitment phase and the decommitment phase consist of a single message sent from committer to receiver) that are both equivocable and extractable. One of our constructions uses necessary and sufficient assumptions (thus improving over previous constructions).

We combine these constructions with the non-malleability construction paradigm of [8] and obtain, in the public random string model, a noninteractive commitment scheme that is non-malleable with respect to commitment. The assumptions used for this scheme are more general than those used in previous constructions.


Security Parameter Random String Commitment Scheme Real Execution Reference String 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    D. Beaver, Adaptive Zero-Knowledge and Computational Equivocation, in Proc. of FOCS 96.Google Scholar
  2. 2.
    M. Blum, A. De Santis, S. Micali, and G. Persiano, Non-Interactive Zero-Knowledge, SIAM Journal of Computing, vol. 20, no. 6, Dec 1991, pp. 1084–1118.zbMATHCrossRefGoogle Scholar
  3. 3.
    M. Blum, P. Feldman, and S. Micali, Non-Interactive Zero-Knowledge and Applications, Proc. of STOC 88.Google Scholar
  4. 4.
    G. Brassard, C. Crépeau, and D. Chaum, Minimum Disclosure Proofs of Knowledge, Journal of Computer and System Sciences, vol. 37, no. 2, pp. 156–189.Google Scholar
  5. 5.
    R. Canetti and R. Fischlin, Universally-Composable Commitment, in Proc. of CRYPTO 2001.Google Scholar
  6. 6.
    A. De Santis, G. Di Crescenzo and G. Persiano, Necessary and Sufficient Assumptions for Non-Interactive Zero-Knowledge Proofs of Knowledge for all NP relations, in Proc. of ICALP 2000.Google Scholar
  7. 7.
    A. De Santis and G. Persiano, Zero-Knowledge Proofs of Knowledge without Interaction, in Proc. of FOCS 92.Google Scholar
  8. 8.
    G. Di Crescenzo, Y. Ishai, and R. Ostrovsky, Non-Interactive and Non-Malleable Commitment, in Proc. of STOC 98.Google Scholar
  9. 9.
    G. Di Crescenzo, J. Katz, R. Ostrovsky and A. Smith, Efficient and Non-Interactive Non-Malleable Commitment, in Proc. of EUROCRYPT 2001.Google Scholar
  10. 10.
    D. Dolev, C. Dwork, and M. Naor, Non-Malleable Cryptography, in SIAM Journal on Computing, 2000.Google Scholar
  11. 11.
    U. Feige and A. Shamir, Witness-Indistinguishable and Witness-Hiding Protocols, in Proc. of STOC 90.Google Scholar
  12. 12.
    D. Fischlin and M. Fischlin, Efficient Non-Malleable Commitment Schemes, in Proc. of CRYPTO 2000.Google Scholar
  13. 13.
    S. Goldwasser, S. Micali, and C. Rackoff, The Knowledge Complexity of Interactive Proof-Systems, SIAM Journal on Computing, vol. 18, n. 1, 1989.Google Scholar
  14. 14.
    M. Naor, Bit Commitment using Pseudorandomness, in Proc. of CRYPTO 91.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Giovanni Di Crescenzo
    • 1
  1. 1.Telcordia Technologies Inc.MorristownUSA

Personalised recommendations