Cryptology ePrint Archive: Report 2013/341

Trapdoor Smooth Projective Hash Functions

Fabrice Benhamouda and David Pointcheval

Abstract: Katz and Vaikuntanathan recently improved smooth projective hash functions in order to build one-round password-authenticated key exchange protocols (PAKE). To achieve security in the UC framework they allowed the simulator to extract the hashing key, which required simulation-sound non-interactive zero-knowledge proofs that are unfortunately inefficient.

We improve the way the latter extractability is obtained by introducing the notion of trapdoor smooth projective hash function (TSPHF). A TSPHF is an SPHF with a trapdoor, which may not allow to recover the complete hashing key, but which still allows to compute the hash value, which is enough for an application to PAKE with UC-security against static corruptions. We additionally show that TSPHFs yield zero-knowledge proofs in two flows, with straight-line extractability.

Besides those quite interesting applications of TSPHF, we also show how to generically build them on languages of ciphertexts, using any ElGamal-like encryption. Our concrete instantiations lead to efficient one-round UC-secure PAKE, extractable zero-knowledge arguments, and verifiable encryption of Waters signatures. In the case of the PAKE, our construction is the most efficient one-round UC-secure PAKE to date.

Category / Keywords: cryptographic protocols / Authenticated Key Exchange, Zero-Knowledge Arguments, Verifiable Encryption, Trapdoor Smooth Projective Hash Functions

Original Publication (with major differences): IACR-CRYPTO-2013

Date: received 3 Jun 2013, last revised 27 Aug 2013

Contact author: fabrice ben hamouda at ens fr

Available format(s): PDF | BibTeX Citation

Version: 20130828:055741 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]