Cryptology ePrint Archive: Report 2003/252

On Simulation-Sound Trapdoor Commitments

Philip MacKenzie and Ke Yang

Abstract: We study the recently introduced notion of a simulation-sound trapdoor commitment (SSTC) scheme. In this paper, we present a new, simpler definition for an SSTC scheme that admits more efficient constructions and can be used in a larger set of applications. Specifically, we show how to construct SSTC schemes from any one-way functions, and how to construct very efficient SSTC schemes based on specific number-theoretic assumptions. We also show how to construct simulation-sound, non-malleable, and universally-composable zero-knowledge protocols using SSTC schemes, yielding, for instance, the most efficient universally-composable zero-knowledge protocols known. Finally, we explore the relation between SSTC schemes and non-malleable commitment schemes by presenting a sequence of implication and separation results, which in particular imply that SSTC schemes are non-malleable.

Category / Keywords: cryptographic protocols / trapdoor commitments, non-malleability

Date: received 2 Dec 2003

Contact author: philmac at lucent com

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20031204:015137 (All versions of this report)

Discussion forum: Show discussion | Start new discussion