2012 | OriginalPaper | Chapter
A Mix-Net from Any CCA2 Secure Cryptosystem
Authors : Shahram Khazaei, Tal Moran, Douglas Wikström
Published in: Advances in Cryptology – ASIACRYPT 2012
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We construct a provably secure mix-net from any CCA2 secure cryptosystem. The mix-net is secure against active adversaries that statically corrupt less than
λ
out of
k
mix-servers, where
λ
is a threshold parameter, and it is robust provided that at most min (
λ
− 1,
k
−
λ
) mix-servers are corrupted.
The main component of our construction is a mix-net that outputs the correct result if all mix-servers behaved honestly, and aborts with probability 1 −
O
(
H
− (
t
− 1)
) otherwise (without disclosing anything about the inputs), where
t
is an auxiliary security parameter and
H
is the number of honest parties. The running time of this protocol for long messages is roughly 3
t
c
, where
c
is the running time of Chaum’s mix-net (1981).