Cryptology ePrint Archive: Report 2001/064

An Integer Commitment Scheme based on Groups with Hidden Order

Ivan Damgard and Eiichiro Fujisaki

Abstract: We present a commitment scheme allowing commitment to arbitrary size integers, based on any Abelian group with certain properties, most importantly that it is hard for the committer to compute its order. Potential examples include RSA and class groups. We also give efficient zero-knowledge protocols for proving knowledge of the contents of a commitment and for verifying multiplicative relations over the integers on committed values. This means that our scheme can support, for instance, the efficent interval proofs of Boudot. The scheme can be seen as a modification and a generalization of an earlier scheme of Fujisaki and Okamoto(FO), and in particular our results show that we can use a much larger class of RSA moduli than the safe prime products proposed by FO. Also, we correct some mistakes in the proofs of FO and give what appears to be the first multiplication protocol for a Fujisaki/Okamoto-like scheme with a complete proof of soundness.

Category / Keywords: cryptographic protocols / Commitment schemes, protocols

Date: received 16 Aug 2001

Contact author: ivan at daimi au dk

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Version: 20010831:071124 (All versions of this report)

Short URL: ia.cr/2001/064