# Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing

@inproceedings{Halevi1996PracticalAP, title={Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing}, author={Shai Halevi and Silvio Micali}, booktitle={CRYPTO}, year={1996} }

We present a very practical string-commitment scheme which is provably based solely on collision-free hashing. [...] Key ResultOur result also proves that constant round statistical zero-knowledge arguments and constant-round computational zero-knowledge proofs for NP exist based on the existence of collision-free hash functions. Expand

#### Figures and Topics from this paper

#### 233 Citations

Sufficient Conditions for Collision-Resistant Hashing

- Mathematics, Computer Science
- TCC
- 2005

Several new constructions of collision-resistant hash-functions (CRHFs) from general assumptions are presented, including constructions from two other primitives that are implied by homomorphic-encryption: one-round private information retrieval (PIR) protocols and homomorphic one-way commitments. Expand

Secure Commitment and Oblivious Transfer Schemes Using Private Channels and a

- 2001

We present a new and very simple commitment scheme that does not depend on any assumptions about computational complexity the Sender and Receiver may both be computationally unbounded In stead the… Expand

A NON-REPUDIABLE BIASED BITSTRING COMMITMENT SCHEME ON A POST QUANTUM CRYPTOSYSTEM

- 2010

Commitment schemes are fundamental bricks for guaranteeing fairness in upper level cryptographic protocols. Most commitment schemes in the literature rely on hash functions, which should be strongly… Expand

Statistically-hiding commitment from any one-way function

- Mathematics, Computer Science
- STOC '07
- 2007

We give a construction of statistically-hiding commitment schemes (ones where the hiding propertyholds information theoretically), based on the minimal cryptographic assumption that one-way functions… Expand

Unconditionally Secure Commitment and Oblivious Transfer Schemes Using Private Channels and a Truste

- Computer Science
- 1999

A new and very simple commitment scheme that does not depend on any assumptions about computational complexity and is easily handled in the same model using a simple OT protocol due to Bennett et al. Expand

Unconditionally Secure Commitment and Oblivious Transfer Schemes Using Private Channels and a Trusted Initializer

- 1999

We present a new and very simple commitment scheme that does not depend on any assumptions about computational complexity; the Sender and Receiver may both be computationally unbounded. Instead , the… Expand

A NON-REPUDIABLE BIASED BITSTRING COMMITMENT SCHEME ON A POSTQUANTUM CRYPTOSYSTEM USING NON-ABELIAN GROUP

- Computer Science
- 2010

This work presents a commitment scheme, which avoids hash functions by using a public-key cryptosystem based on braid root problem instead, and which is strongly collision free. Expand

String commitment scheme with low output locality

- Computer Science
- 2019 14th Asia Joint Conference on Information Security (AsiaJCIS)
- 2019

This paper constructs a commitment scheme having low output locality from a modified lattice-based hash function for the first time and proves that the scheme satisfies the binding property and the hiding property. Expand

On the Complexity of Collision Resistant Hash Functions: New and Old Black-Box Separations

- Computer Science
- IACR Cryptol. ePrint Arch.
- 2019

Black-box separations demonstrate that constructions from one-way functions are unlikely, and theoretical constructions of collision-resistant hash functions are based on rather structured assumptions. Expand

Constructions and Bounds for Unconditionally Secure Non-Interactive Commitment Schemes

- Mathematics, Computer Science
- Des. Codes Cryptogr.
- 2002

This paper presents a formal mathematical model for unconditionally secure non-interactive commitment schemes with a trusted initializer and analyzes their binding and concealing properties, and shows that such schemes cannot be perfectly binding. Expand

#### References

SHOWING 1-10 OF 26 REFERENCES

Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer

- Mathematics, Computer Science
- CRYPTO
- 1991

We present the first undeniable signature schemes where signers are unconditionally secure. In the efficient variants, the security for the recipients relies on a discrete logarithm assumption or on… Expand

Efficient Commitment Schemes with Bounded Sender and Unbounded Receiver

- Mathematics, Computer Science
- CRYPTO
- 1995

The problem of commitment schemes where the sender is bounded to polynomial time and the receiver may be all powerful is addressed and a scheme for committing to a (possibly long) string is presented. Expand

Universal one-way hash functions and their cryptographic applications

- Mathematics, Computer Science
- STOC '89
- 1989

A Universal One-Way Hash Function family is defined, a new primitive which enables the compression of elements in the function domain and it is proved constructively that universal one- way hash functions exist if any 1-1 one-way functions exist. Expand

On the Existence of Statistically Hiding Bit Commitment Schemes and Fail-Stop Signatures

- Mathematics, Computer Science
- CRYPTO
- 1993

We show that the existence of a statistically hiding bit commitment scheme with non-interactive opening and public verification implies the existence of fail-stop signatures. Therefore such… Expand

Bit Commitment Using Pseudo-Randomness

- Computer Science
- CRYPTO
- 1989

We show how a pseudo-random generator can provide a bit commitment protocol. We also analyze the number of bits communicated when parties commit to many bits simultaneously, and show that the… Expand

Direct Minimum-Knowledge Computations

- Computer Science
- CRYPTO
- 1987

A protocol scheme which directly simulates any given computation, defined on any computational device, in a minimum-knowledge fashion, and a scheme for simulation of computation in dual (perfect) minimum- knowledge fashion are presented. Expand

A Remark on a Signature Scheme Where Forgery Can Be Proved

- Computer Science
- EUROCRYPT
- 1990

A new type of signature scheme, a signature scheme where forgery by an unexpectedly powerful attacker is provable, was suggested in [11]: if the signature of an honest participant Alice is forged,… Expand

A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks

- Computer Science, Mathematics
- SIAM J. Comput.
- 1988

A digital signature scheme based on the computational difficulty of integer factorization possesses the novel property of being robust against an adaptive chosen-message attack: an adversary who receives signatures for messages of his choice cannot later forge the signature of even a single additional message. Expand

Perfect zero-knowledge ar-guments for NP can be based on general complexity assumptions

- Mathematics
- 1998

"Zero-knowledge arguments" is a fwidamental cryptographic primitive which allows one polynomial-time player to convince another polynomial-time player of the validity of an NP statement, without… Expand

Perfect Zero-Knowledge Arguments for NP Can Be Based on General Complexity Assumptions (Extended Abstract)

- Mathematics, Computer Science
- CRYPTO
- 1992

A general construction of zero-knowledge arguments, which can be based on any one-way permutation, is shown, which is efficient both players can execute only polynomial-time programs during the protocol and the security achieved is on-line. Expand