Paper 2005/378

A New Protocol for Conditional Disclosure of Secrets And Its Applications

Sven Laur and Helger Lipmaa

Abstract

Many protocols that are based on homomorphic encryption are private only if a client submits inputs from a limited range $S$. Conditional disclosure of secrets (CDS) helps to overcome this restriction. In a CDS protocol for a set $S$, the client obtains server's secret if and only if the client's inputs belong to $S$ and thus the server can guard itself against malformed queries. We extend the existing CDS protocols to work over additively homomorphic cryptosystems for every set from $NP/poly$. The new construction is modular and easy to apply. As an example, we derive a new oblivious transfer protocol with log-squared communication and a millionaire's protocol with logarithmic communication. We also implement private, universally verifiable and robust multi-candidate electronic voting so that all voters only transmit an encryption of their vote. The only hardness assumption in all these protocols is that the underlying public-key cryptosystem is IND-CPA secure and the plaintext order does not have small factors.

Note: The main results of this paper (the new DIE protocol, CDS protocol, CDS transformation) date from August 2004. First eprint version (20.10.2005) was a delibrately old version from May 2005. Second eprint version (21.11.2005): better readability, more applications, more general. Third eprint version (08.08.2006): this version has better readability. The most important additions: the use of Elliptic Curve Method of factoring to achieve additional security, and the unified explanation of several protocols by using a forked compostion together with a communication-efficient CPIR, see Thm 2. Fourth eprint version (March 2007): corresponds to the published version. No new contents, better readability.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ACNS 2007
Keywords
Conditional disclosure of secretscrypto-computinghomomorphic encryptionoblivious transfertwo-party computation
Contact author(s)
h lipmaa @ cs ucl ac uk
History
2007-03-20: last of 6 revisions
2005-10-23: received
See all versions
Short URL
https://ia.cr/2005/378
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/378,
      author = {Sven Laur and Helger Lipmaa},
      title = {A New Protocol for Conditional Disclosure of Secrets And Its Applications},
      howpublished = {Cryptology ePrint Archive, Paper 2005/378},
      year = {2005},
      note = {\url{https://eprint.iacr.org/2005/378}},
      url = {https://eprint.iacr.org/2005/378}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.