Cryptology ePrint Archive: Report 2006/407

Cryptography in the Multi-string Model

Jens Groth and Rafail Ostrovsky

Abstract: The common random string model permits the construction of cryptographic protocols that are provably impossible to realize in the standard model. In this model, a trusted party generates a random string and gives it to all parties in the protocol. However, the introduction of such a third party should set alarm bells going off: Who is this trusted party? Why should we trust that the string is random? Even if the string is uniformly random, how do we know it does not leak private information to the trusted party? The very point of doing cryptography in the first place is to prevent us from trusting the wrong people with our secrets.

In this paper, we propose the more realistic multi-string model. Instead of having one trusted authority, we have several authorities that generate random strings. We do not trust any single authority, we only assume a majority of them generate the random string honestly. We demonstrate the use of this model for two fundamental cryptographic taks. We define non-interactive zero-knowledge in the multi-string model and construct NIZK proofs in the multi-string model. We also consider multi-party computation and show that any functionality can be securely realized in the multi-string model.

Category / Keywords: foundations / Common random string model, multi-string model, non-interactive zero-knowledge, multi-party computation

Date: received 12 Nov 2006

Contact author: jg at cs ucla edu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20061113:110151 (All versions of this report)

Short URL: ia.cr/2006/407

Discussion forum: Show discussion | Start new discussion