2014 | OriginalPaper | Buchkapitel
Compact VSS and Efficient Homomorphic UC Commitments
verfasst von : Ivan Damgård, Bernardo David, Irene Giacomelli, Jesper Buus Nielsen
Erschienen in: Advances in Cryptology – ASIACRYPT 2014
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We present a new compact verifiable secret sharing scheme, based on this we present the first construction of a homomorphic UC commitment scheme that requires only cheap symmetric cryptography, except for a small number of seed OTs. To commit to a
k
-bit string, the amortized communication cost is
O
(
k
) bits. Assuming a sufficiently efficient pseudorandom generator, the computational complexity is
O
(
k
) for the verifier and
O
(
k
1 +
ε
) for the committer (where
ε
< 1 is a constant). In an alternative variant of the construction, all complexities are
O
(
k
·
polylog
(
k
)). Our commitment scheme extends to vectors over any finite field and is additively homomorphic. By sending one extra message, the prover can allow the verifier to also check multiplicative relations on committed strings, as well as verifying that committed vectors
a
,
b
satisfy
a
=
φ
(
b
) for a linear function
φ
. These properties allow us to non-interactively implement any one-sided functionality where only one party has input (this includes UC secure zero-knowledge proofs of knowledge). We also present a perfectly secure implementation of any multiparty functionality, based directly on our VSS. The communication required is proportional to a circuit implementing the functionality, up to a logarithmic factor. For a large natural class of circuits the overhead is even constant. We also improve earlier results by Ranellucci
et al.
on the amount of correlated randomness required for string commitments with individual opening of bits.