Paper 2005/378

A New Protocol for Conditional Disclosure of Secrets And Its Applications

Sven Laur and Helger Lipmaa

Abstract

Many protocols that are based on homomorphic encryption are private only if a client submits inputs from a limited range . Conditional disclosure of secrets (CDS) helps to overcome this restriction. In a CDS protocol for a set , the client obtains server's secret if and only if the client's inputs belong to and thus the server can guard itself against malformed queries. We extend the existing CDS protocols to work over additively homomorphic cryptosystems for every set from . The new construction is modular and easy to apply. As an example, we derive a new oblivious transfer protocol with log-squared communication and a millionaire's protocol with logarithmic communication. We also implement private, universally verifiable and robust multi-candidate electronic voting so that all voters only transmit an encryption of their vote. The only hardness assumption in all these protocols is that the underlying public-key cryptosystem is IND-CPA secure and the plaintext order does not have small factors.

Note: The main results of this paper (the new DIE protocol, CDS protocol, CDS transformation) date from August 2004. First eprint version (20.10.2005) was a delibrately old version from May 2005. Second eprint version (21.11.2005): better readability, more applications, more general. Third eprint version (08.08.2006): this version has better readability. The most important additions: the use of Elliptic Curve Method of factoring to achieve additional security, and the unified explanation of several protocols by using a forked compostion together with a communication-efficient CPIR, see Thm 2. Fourth eprint version (March 2007): corresponds to the published version. No new contents, better readability.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ACNS 2007
Keywords
Conditional disclosure of secretscrypto-computinghomomorphic encryptionoblivious transfertwo-party computation
Contact author(s)
h lipmaa @ cs ucl ac uk
History
2007-03-20: last of 6 revisions
2005-10-23: received
See all versions
Short URL
https://ia.cr/2005/378
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/378,
      author = {Sven Laur and Helger Lipmaa},
      title = {A New Protocol for Conditional Disclosure of Secrets And Its Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/378},
      year = {2005},
      url = {https://eprint.iacr.org/2005/378}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.