On the Composition of Two-Prover Commitments, and Applications to Multi-round Relativistic Commitments

  • Serge FehrEmail author
  • Max FillingerEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9666)


We consider the related notions of two-prover and of relativistic commitment schemes. In recent work, Lunghi et al. proposed a new relativistic commitment scheme with a multi-round sustain phase that keeps the binding property alive as long as the sustain phase is running. They prove security of their scheme against classical attacks; however, the proven bound on the error parameter is very weak: it blows up double exponentially in the number of rounds.

In this work, we give a new analysis of the multi-round scheme of Lunghi et al., and we show a linear growth of the error parameter instead (also considering classical attacks only). Our analysis is based on a new composition theorem for two-prover commitment schemes. The proof of our composition theorem is based on a better understanding of the binding property of two-prover commitments that we provide in the form of new definitions and relations among them. As an additional consequence of these new insights, our analysis is actually with respect to a strictly stronger notion of security than considered by Lunghi et al.



We would like to thank Jędrzej Kaniewski for helpful discussions regarding [10], and for commenting on an earlier version of our work.


  1. 1.
    Bavarian, M., Shor, P.W.: Information Causality, Szemerédi-Trotter and Algebraic Variants of CHSH. In: Roughgarden, T. (ed.) ITCS 2015, pp. 123–132. ACM (2015)Google Scholar
  2. 2.
    Ben-Or, M., Goldwasser, S., Kilian, J., Wigderson, A.: Multi-Prover Interactive Proofs: How to Remove Intractability Assumptions. In: Simon, J. (ed.) STOC 1988, pp. 113–131. ACM (1988)Google Scholar
  3. 3.
    Chakraborty, K., Chailloux, A., Leverrier, A : Arbitrarily Long Relativistic Bit Commitment. ArXiv e-prints (2015).
  4. 4.
    Clauser, J.F., Horne, M.A., Shimony, A., Holt, R.A.: Proposed Experiment to Test Local Hidden-Variable Theories. Phys. Rev. Lett. 23, 880–884 (1969)CrossRefGoogle Scholar
  5. 5.
    Crépeau, C., Salvail, L., Simard, J.-R., Tapp, A.: Two Provers in Isolation. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 407–430. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Fehr, S., Fillinger, M.: Multi-Prover Commitments Against Non-Signaling Attacks. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 403–421. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  7. 7.
    Kent, A.: Unconditionally Secure Bit Commitment. Phys. Rev. Lett. 83(7), 1447–1450 (1999)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Kent, A.: Secure Classical Bit Commitment Using Fixed Capacity Communication Channels. J. Cryptology 18(4), 313–335 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Lo, H.-K., Chau, H.F.: Is quantum bit commitment really possible? Phys. Rev. Lett. 78, 3410–3413 (1997)CrossRefGoogle Scholar
  10. 10.
    Lunghi, T., Kaniewski, J., Bussières, F., Houlmann, R., Tomamichel, M., Wehner, S., Zbinden, H.: Practical Relativistic Bit Commitment. Phys. Rev. Lett. 115, 30502–30506 (2015)CrossRefGoogle Scholar
  11. 11.
    Mayers, D.: Unconditionally Secure Quantum Bit Commitment is Impossible. Phys. Rev. Lett. 18, 3414–3417 (1997)CrossRefGoogle Scholar
  12. 12.
    Sikora, J., Chailloux, A., Kerenidis, I.: Strong Connections Between Quantum Encodings, Non-Locality and Quantum Cryptography. Phys. Rev. A 89, 22334–22341 (2014)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2016

Authors and Affiliations

  1. 1.Centrum Wiskunde and Informatica (CWI)AmsterdamThe Netherlands

Personalised recommendations