Skip to main content

An Efficient Scheme for Proving a Shuffle

Part of the Lecture Notes in Computer Science book series (LNCS,volume 2139)


In this paper, we propose a novel and efficient protocol for proving the correctness of a shuffle, without leaking how the shuffle was performed. Using this protocol, we can prove the correctness of a shuffle of n data with roughly 18n exponentiations, where as the protocol of Sako-Kilian[SK95] required 642n and that of Abe[Ab99] required 22n log n. The length of proof will be only 211 n bits in our protocol, opposed to 218 n bits and 214 n log n bits required by Sako-Kilian and Abe, respectively. The proposed protocol will be a building block of an efficient, universally verifiable mix-net, whose application to voting system is prominent.


  • Mix-net
  • Permutation
  • Electronic Voting
  • Universal Verifiability


  1. M. Abe, Mix-Networks on Permutation Networks, Asiacrypt’ 99, LNCS 1716, 258–273 (1999)

    Google Scholar 

  2. S. Brands, An Efficient Off-line Electronic Cash System Based On The Representation Problem, CWI Technical Report CS-R9323, (1993)

    Google Scholar 

  3. D. Chaum, Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms, Communications of the ACM, Vol. 24, No. 2 84–88 (1981)

    CrossRef  Google Scholar 

  4. R. Cramer, I. Damgård and B. Schoenmakers, Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols, Crypto’ 94, LNCS 839, 174–187 (1994)

    Google Scholar 

  5. A. Menezes, C. van Oorschot and S. Vanstone, Handbook of Applied Cryptography, CRC Press, 617–619

    Google Scholar 

  6. C.A. Neff, Verifiable, Secret Shuffles of ElGamal Encrypted Data, Initial version circulated Mar. 2000, current version submitted to ACMCCS 01

    Google Scholar 

  7. W. Ogata, K. Kurosawa, K. Sako and K. Takatani, Fault tolerant anonymous channel, 1st International Conference on Information and Communications Security (ICICS), LNCS 1334, 440–444 (1997)

    Google Scholar 

  8. K. Sako and J. Kilian, Receipt-free mix-type voting scheme-A practical solution to the implementation of voting booth, Eurocrypt 95, LNCS 921, 393–403 (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Furukawa, J., Sako, K. (2001). An Efficient Scheme for Proving a Shuffle. In: Kilian, J. (eds) Advances in Cryptology — CRYPTO 2001. CRYPTO 2001. Lecture Notes in Computer Science, vol 2139. Springer, Berlin, Heidelberg.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42456-7

  • Online ISBN: 978-3-540-44647-7

  • eBook Packages: Springer Book Archive