Cryptology ePrint Archive: Report 2016/113

On the Composition of Two-Prover Commitments, and Applications to Multi-Round Relativistic Commitments

Serge Fehr and Max Fillinger

Abstract: We consider the related notions of two-prover and of relativistic commitment schemes. In recent work, Lunghi et al. proposed a new relativistic commitment scheme with a multi-round sustain phase that keeps the binding property alive as long as the sustain phase is running. They prove security of their scheme against classical attacks; however, the proven bound on the error parameter is very weak: it blows up double exponentially in the number of rounds.

In this work, we give a new analysis of the multi-round scheme of Lunghi et al., and we show a linear growth of the error parameter instead (also considering classical attacks only). Our analysis is based on a new composition theorem for two-prover commitment schemes. The proof of our composition theorem is based on a better understanding of the binding property of two-prover commitments that we provide in the form of new definitions and relations among them. As an additional consequence of these new insights, our analysis is actually with respect to a strictly stronger notion of security than considered by Lunghi et al.

Category / Keywords: bit commitment, two provers

Date: received 10 Feb 2016

Contact author: max fillinger at cwi nl

Available format(s): PDF | BibTeX Citation

Version: 20160210:221008 (All versions of this report)

Short URL: ia.cr/2016/113

Discussion forum: Show discussion | Start new discussion