Highly-efficient universally-composable commitments based on the DDH assumption

Yehuda Lindell

doi:10.1007/978-3-642-20465-4_25

Highly-efficient universally-composable commitments based on the DDH assumption

Yehuda Lindell

Department of Computer Science and Artificial Intelligence

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

64 Scopus citations

Abstract

Universal composability (a.k.a. UC security) provides very strong security guarantees for protocols that run in complex real-world environments. In particular, security is guaranteed to hold when the protocol is run concurrently many times with other secure and possibly insecure protocols. Commitment schemes are a basic building block in many cryptographic constructions, and as such universally composable commitments are of great importance in constructing UC-secure protocols. In this paper, we construct highly efficient UC-secure commitments from the standard DDH assumption, in the common reference string model. Our commitment stage is non-interactive, has a common reference string with O(1) group elements, and has complexity of O(1) exponentiations for committing to a group element (to be more exact, the effective cost is that of 231/3 exponentiations overall, for both the commit and decommit stages). We present a construction that is secure in the presence of static adversaries, and a construction that is secure in the presence of adaptive adversaries with erasures, where the latter construction has an effective additional cost of just exponentiations.

Original language	English
Title of host publication	Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
Pages	446-466
Number of pages	21
DOIs	https://doi.org/10.1007/978-3-642-20465-4_25
State	Published - 2011
Event	30th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, EUROCRYPT 2011 - Tallinn, Estonia Duration: 15 May 2011 → 19 May 2011

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6632 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	30th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, EUROCRYPT 2011
Country/Territory	Estonia
City	Tallinn
Period	15/05/11 → 19/05/11

Bibliographical note

Funding Information:
This research was supported by the European Research Council as part of the ERC project “LAST”, and by the israel science foundation (grant No. 781/07).

Funding

This research was supported by the European Research Council as part of the ERC project “LAST”, and by the israel science foundation (grant No. 781/07).

Funders	Funder number
Seventh Framework Programme	239868
European Commission
Israel Science Foundation	781/07

Access to Document

10.1007/978-3-642-20465-4_25

Cite this

Lindell, Y. (2011). Highly-efficient universally-composable commitments based on the DDH assumption. In Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings (pp. 446-466). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6632 LNCS). https://doi.org/10.1007/978-3-642-20465-4_25

Lindell, Yehuda. / Highly-efficient universally-composable commitments based on the DDH assumption. Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2011. pp. 446-466 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{8d2a488f059c4f6d95445049231e07a4,

title = "Highly-efficient universally-composable commitments based on the DDH assumption",

abstract = "Universal composability (a.k.a. UC security) provides very strong security guarantees for protocols that run in complex real-world environments. In particular, security is guaranteed to hold when the protocol is run concurrently many times with other secure and possibly insecure protocols. Commitment schemes are a basic building block in many cryptographic constructions, and as such universally composable commitments are of great importance in constructing UC-secure protocols. In this paper, we construct highly efficient UC-secure commitments from the standard DDH assumption, in the common reference string model. Our commitment stage is non-interactive, has a common reference string with O(1) group elements, and has complexity of O(1) exponentiations for committing to a group element (to be more exact, the effective cost is that of 231/3 exponentiations overall, for both the commit and decommit stages). We present a construction that is secure in the presence of static adversaries, and a construction that is secure in the presence of adaptive adversaries with erasures, where the latter construction has an effective additional cost of just exponentiations.",

author = "Yehuda Lindell",

note = "Funding Information: This research was supported by the European Research Council as part of the ERC project “LAST”, and by the israel science foundation (grant No. 781/07).; 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, EUROCRYPT 2011 ; Conference date: 15-05-2011 Through 19-05-2011",

year = "2011",

doi = "10.1007/978-3-642-20465-4\_25",

language = "אנגלית",

isbn = "9783642204647",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "446--466",

booktitle = "Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings",

}

Lindell, Y 2011, Highly-efficient universally-composable commitments based on the DDH assumption. in Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6632 LNCS, pp. 446-466, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, EUROCRYPT 2011, Tallinn, Estonia, 15/05/11. https://doi.org/10.1007/978-3-642-20465-4_25

Highly-efficient universally-composable commitments based on the DDH assumption. / Lindell, Yehuda.
Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2011. p. 446-466 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6632 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Highly-efficient universally-composable commitments based on the DDH assumption

AU - Lindell, Yehuda

N1 - Funding Information: This research was supported by the European Research Council as part of the ERC project “LAST”, and by the israel science foundation (grant No. 781/07).

PY - 2011

Y1 - 2011

N2 - Universal composability (a.k.a. UC security) provides very strong security guarantees for protocols that run in complex real-world environments. In particular, security is guaranteed to hold when the protocol is run concurrently many times with other secure and possibly insecure protocols. Commitment schemes are a basic building block in many cryptographic constructions, and as such universally composable commitments are of great importance in constructing UC-secure protocols. In this paper, we construct highly efficient UC-secure commitments from the standard DDH assumption, in the common reference string model. Our commitment stage is non-interactive, has a common reference string with O(1) group elements, and has complexity of O(1) exponentiations for committing to a group element (to be more exact, the effective cost is that of 231/3 exponentiations overall, for both the commit and decommit stages). We present a construction that is secure in the presence of static adversaries, and a construction that is secure in the presence of adaptive adversaries with erasures, where the latter construction has an effective additional cost of just exponentiations.

AB - Universal composability (a.k.a. UC security) provides very strong security guarantees for protocols that run in complex real-world environments. In particular, security is guaranteed to hold when the protocol is run concurrently many times with other secure and possibly insecure protocols. Commitment schemes are a basic building block in many cryptographic constructions, and as such universally composable commitments are of great importance in constructing UC-secure protocols. In this paper, we construct highly efficient UC-secure commitments from the standard DDH assumption, in the common reference string model. Our commitment stage is non-interactive, has a common reference string with O(1) group elements, and has complexity of O(1) exponentiations for committing to a group element (to be more exact, the effective cost is that of 231/3 exponentiations overall, for both the commit and decommit stages). We present a construction that is secure in the presence of static adversaries, and a construction that is secure in the presence of adaptive adversaries with erasures, where the latter construction has an effective additional cost of just exponentiations.

UR - https://www.scopus.com/pages/publications/79957976152

U2 - 10.1007/978-3-642-20465-4_25

DO - 10.1007/978-3-642-20465-4_25

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:79957976152

SN - 9783642204647

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 446

EP - 466

BT - Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings

T2 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques Advances in Cryptology, EUROCRYPT 2011

Y2 - 15 May 2011 through 19 May 2011

ER -

Lindell Y. Highly-efficient universally-composable commitments based on the DDH assumption. In Advances in Cryptology - EUROCRYPT 2011, 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2011. p. 446-466. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-20465-4_25

Highly-efficient universally-composable commitments based on the DDH assumption

Abstract

Publication series

Conference

Bibliographical note

Funding

Access to Document

Other files and links

Fingerprint

Cite this