On Simulation-Sound Trapdoor Commitments

@article{MacKenzie2003OnST,
  title={On Simulation-Sound Trapdoor Commitments},
  author={Philip D. MacKenzie and Ke Yang},
  journal={IACR Cryptol. ePrint Arch.},
  year={2003},
  volume={2003},
  pages={252}
}
  • P. MacKenzie, Ke Yang
  • Published 2 May 2004
  • Mathematics, Computer Science
  • IACR Cryptol. ePrint Arch.
We study the recently introduced notion of a simulation-sound trapdoor commitment (SSTC) scheme. In this paper, we present a new, simpler definition for an SSTC scheme that admits more efficient constructions and can be used in a larger set of applications. Specifically, we show how to construct SSTC schemes from any one-way functions, and how to construct very efficient SSTC schemes based on specific number-theoretic assumptions. We also show how to construct simulation-sound, non-malleable… 
New Constructions of Efficient Simulation-Sound Commitments Using Encryption and Their Applications
TLDR
This paper presents an efficient S STC scheme under the CDH assumption in the bilinear groups, with a tight security reduction and short public key parameters, and the first efficient SSTC schemes under the factoring assumption.
Strengthening Zero-Knowledge Protocols Using Signatures
TLDR
A novel technique to convert a large class of existing honest-verifier zero-knowledge protocols into ones with these stronger properties in the common reference string model, using a signature scheme existentially unforgeable against adaptive chosen-message attacks.
Hybrid commitments and their applications to zero-knowledge proof systems
Efficient Constructions of Composable Commitments and Zero-Knowledge Proofs
TLDR
This paper dramatically improves the efficiency of (adaptively-secure) GUCC and GUC ZK assuming data erasures are allowed, and builds the first two-round, deniable, straight-line extractable and simulatable ZK proof for any NP relation R.
A Framework for Efficient Fully-Equipped UC Commitments
  • E. Fujisaki
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2012
TLDR
A general framework for constructing non-interactive universally composable (UC) commitment schemes that are secure against adaptive adversaries in the non-erasure setting under a single re-usable common reference string and provides fully-equipped UC commitment schemes from ABMEs under DDH and DCR-based assumptions, respectively.
Multi-trapdoor Commitments and Their Applications to Proofs of Knowledge Secure Under Concurrent Man-in-the-Middle Attacks
TLDR
The notion of multi-trapdoor commitments is introduced which is a stronger form of trapdoor commitment schemes and the construction of a compiler is constructed that takes any proof of knowledge and transforms it into one which is secure against a concurrent man-in-the-middle attack.
Hybrid Trapdoor Commitments and Their Applications
TLDR
This paper shows how to construct concurrent and simulation-sound zero-knowledge proof systems in the common reference string model and crucially use hybrid commitment since it presents general constructions based on the sole assumption that one-way functions exists and very efficient construction based on number-theoretic assumptions.
Simulation-Sound Proofs for LWE and Applications to KDM-CCA2 Security
TLDR
A direct, non-generic method for instantiating Naor-Yung under the sole Learning-With-Errors (LWE) assumption outside the random oracle model is given and this relation makes it possible to express the equality of plaintexts encrypted under different keys in the dual Regev cryptosystem.
Adaptive and Concurrent Secure Computation from New Adaptive, Non-malleable Commitments
TLDR
A new primitive of concurrent equvocal non-malleable commitments, intuitively, guarantees that even when a man-in-the-middle adversary observes concurrent equivocal commitments and decommitments, the binding property of the commitments continues to hold for commitments made by the adversary.
All-But-Many Encryption - A New Framework for Fully-Equipped UC Commitments
TLDR
The first fully-equipped UC commitment scheme with optimal expansion factor Ω(1) from the authors' ABME scheme related to the DCR assumption is proposed, and the first all-but-many lossy trapdoor function (ABM-LTF) is provided from this scheme, with a better lossy rate than [18].
...
...

References

SHOWING 1-10 OF 62 REFERENCES
Non-interactive and reusable non-malleable commitment schemes
TLDR
It is shown how to construct non-interactive NM commitments that remain non-malleable even if the adversary has access to an arbitrary number of commitments from honest players - rather than one, as in several previous schemes.
Strengthening Zero-Knowledge Protocols Using Signatures
TLDR
A novel technique to convert a large class of existing honest-verifier zero-knowledge protocols into ones with these stronger properties in the common reference string model, using a signature scheme existentially unforgeable against adaptive chosen-message attacks.
Universally Composable Commitments
We propose a new security measure for commitment protocols, called Universally Composable (UC) Commitment. The measure guarantees that commitment protocols behave like an "ideal commitment service,"
Universally Composable Notions of Key Exchange and Secure Channels
TLDR
While the notion of SK-security is strictly weaker than a fully-idealized notion of key exchange security, it is sufficiently robust for providing secure composition with arbitrary protocols and provides new definitions of secure-channels protocols with similarly strong composability properties.
Zero-knowledge with public keys
TLDR
This work explores their new public-key model for zero-knowledge protocols and shows that the soundness notion in this model has not been sufficiently understood and is, in fact, more subtle and complex than in the classical model.
Perfect Hiding and Perfect Binding Universally Composable Commitment Schemes with Constant Expansion Factor
TLDR
These are the first schemes to show that constant expansion factor, perfect hiding, and perfect binding can be obtained for universally composable commitments.
On the Existence of Bit Commitment Schemes and Zero-Knowledge Proofs
TLDR
It is shown that if, using an MA-protocol, P can prove to V in weakly zero-knowledge, that he possesses a solution to some hard problem, then this implies the existence of a bit commitment scheme.
Efficient and Non-interactive Non-malleable Commitment
TLDR
New constructions of non-malleable commitment schemes, in the public parameter model, based on the discrete logarithm or RSA assumptions, achieve near-optimal communication for arbitrarily-large messages and are noninteractive.
Efficient Concurrent Zero-Knowledge in the Auxiliary String Model
We show that if any one-way function exists, then 3-round concurrent zero-knowledge arguments for all NP problems can be built in a model where a short auxiliary string with a prescribed distribution
Secure Hash-and-Sign Signatures Without the Random Oracle
TLDR
A new signature scheme is presented which is existentially unforgeable under chosen message attacks, assuming some variant of the RSA conjecture, and is unique in that the assumptions made on the cryptographic hash function in use are well defined and reasonable.
...
...