Paper 2015/054

Non-committing encryption from $\Phi$-hiding

Brett Hemenway, Rafail Ostrovsky, and Alon Rosen

Abstract

A multiparty computation protocol is said to be adaptively secure if it retains its security even in the presence of an adversary who can corrupt participants as the protocol proceeds. This is in contrast to the static corruption model where the adversary is forced to choose which participants to corrupt before the protocol begins. A central tool for constructing adaptively secure protocols is non-committing encryption (Canetti, Feige, Goldreich and Naor, STOC '96). The original protocol of Canetti et al. had ciphertext expansion that was quadratic in the security parameter, and prior to this work, the best known constructions had ciphertext expansion that was linear in the security parameter. In this work, we present the first non-committing encryption scheme that achieves ciphertext expansion that is logarithmic in the message length. Our construction has optimal round complexity (2-rounds), where (just as in all previous constructions) the first message consists of a public-key of size $\tilde{\bigoh}(n \secpar)$ where $n$ is the message length and $\secpar$ is the security parameter. The second message consists of a ciphertext of size $\bigoh( n \log n + \secpar )$. The security of our scheme is proved based on the $\Phi$-hiding problem.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published by the IACR in TCC 2015
Keywords
non committing encryptionpublic key cryptographyphi-hiding
Contact author(s)
fbrett @ cis upenn edu
History
2015-01-23: received
Short URL
https://ia.cr/2015/054
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/054,
      author = {Brett Hemenway and Rafail Ostrovsky and Alon Rosen},
      title = {Non-committing encryption from $\Phi$-hiding},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/054},
      year = {2015},
      url = {https://eprint.iacr.org/2015/054}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.