Abstract
We introduce the notion of hybrid trapdoor commitment schemes. Intuitively an hybrid trapdoor commitment scheme is a primitive which can be either an unconditionally binding commitment scheme or a trapdoor commitment scheme depending on the distribution of commitment parameters. Moreover, such two distributions are computationally indistinguishable. Hybrid trapdoor commitments are related but different with respect to mixed commitments (introduced by Damgård and Nielsen at Crypto 2002). In particular hybrid trapdoor commitments can either be polynomially trapdoor commitments or unconditionally binding commitments, while mixed commitment can be either trapdoor commitments or extractable commitments. In this paper we show that strong notions (e.g., simulation sound, multi-trapdoor) of hybrid trapdoor commitments admit constructions based on the sole assumption that one-way functions exist as well as efficient constructions based on standard number-theoretic assumptions. To further stress the difference between hybrid and mixed commitments, we remark here that mixed commitments seems to require stronger theoretical assumptions (and the known number-theoretic constructions are less efficient). The main application of our results is that we show how to construct concurrent and simulation-sound zero-knowledge proof (in contrast to the arguments recently presented in [1,2,3]) systems in the common reference string model. We crucially use hybrid commitment since we present general constructions based on the sole assumption that one-way functions exists and very efficient constructions based on number-theoretic assumptions.
Extended abstract. The full version of this paper can be found at http://www.di.ens.fr/~catalano.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Damgård, I.: Efficient Concurrent Zero-Knowledge in the Auxiliary String Model. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 418–430. Springer, Heidelberg (2000)
Gennaro, R.: Multi-trapdoor Commitments and Their Applications to Proofs of Knowledge Secure Under Concurrent Man-in-the-Middle Attacks. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 220–236. Springer, Heidelberg (2004)
MacKenzie, P., Yang, K.: On Simulation-Sound Trapdoor Commitments. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 382–400. Springer, Heidelberg (2004)
Naor, M.: Bit Commitment Using Pseudorandomness. Journal of Cryptology 4, 151–158 (1991)
Goldreich, O., Kahan, A.: How to Construct Constant-Round Zero-Knowledge Proof Systems for NP. Journal of Cryptology 9, 167–190 (1996)
Damgård, I., Nielsen, J.B.: Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 581–596. Springer, Heidelberg (2002)
Damgård, I., Groth, J.: Non interactive and reusable non-malleable commitments. In: 35th ACM Symposium on Theory of Computing, pp. 426–437. ACM, New York (2003)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)
Brassard, J., Chaum, D., Crepéau, C.: Minimum Disclosure Proofs of Knowledge. Journal of Computer and System Science 37, 156–189 (1988)
Fortnow, L.: The Complexity of Perfect Zero-Knowledge. In: 19th ACM Symposium on Theory of Computing (STOC 1987), pp. 204–209 (1987)
Boppana, R., Hastad, J., Zachos, S.: Does co-NP Have Short Interactive Proofs? Inf. Process. Lett. 25, 127–132 (1987)
Bellare, M., Jakobsson, M., Yung, M.: Round-optimal zero-knowledge arguments based on any one-way function. In: Pelillo, M., Hancock, E.R. (eds.) EMMCVPR 1997. LNCS, vol. 1223, pp. 280–305. Springer, Heidelberg (1997)
Rompel, J.: One-Way Functions are Necessary and Sufficient for Digital Signatures. In: 22nd ACM Symposium on Theory of Computing (STOC 1990), pp. 12–19 (1990)
Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen message attacks. SIAM J. on Computing 17(2), 281–308 (1988)
Boneh, D., Boyen, X.: Short Signatures without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)
Cramer, R., Shoup, V.: Signature Schemes Based on the Strong RSA Assumption. In: 6th ACM Conference on Computer and Communications Security (CCS 1999), ACM, New York (1999)
Goldwasser, S., Micali, S., Rackoff, C.: The Knowledge Complexity of Interactive Proof-Systems. SIAM J. on Computing 18, 186–208 (1989)
Sahai, A.: Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security. In: 40th Symposium on Foundations of Computer Science (FOCS 1999), pp. 543–553. IEEE Computer Society Press, Los Alamitos (1999)
NIST: Digital Signature Standard (DSS). FIPS PUB 186 (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Catalano, D., Visconti, I. (2005). Hybrid Trapdoor Commitments and Their Applications. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds) Automata, Languages and Programming. ICALP 2005. Lecture Notes in Computer Science, vol 3580. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11523468_25
Download citation
DOI: https://doi.org/10.1007/11523468_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-27580-0
Online ISBN: 978-3-540-31691-6
eBook Packages: Computer ScienceComputer Science (R0)