Paper 2016/511

Optimal-Rate Non-Committing Encryption in a CRS Model

Ran Canetti, Oxana Poburinnaya, and Mariana Raykova


Non-committing encryption (NCE) implements secure channels under adaptive corruptions in situations when data erasures are not trustworthy. In this paper we are interested in the rate of NCE, i.e. in how many bits the sender and receiver need to send per plaintext bit. In initial constructions (e.g. Canetti, Feige, Goldreich and Naor, STOC 96) the length of both the receiver message, namely the public key, and the sender message, namely the ciphertext, is m * poly(k) for an m-bit message, where k is the security parameter. Subsequent works improve efficiency significantly, achieving rate polylog(k). We construct the first constant-rate NCE. In fact, our scheme has rate 1+o(1), which is comparable to the rate of plain semantically secure encryption. Our scheme operates in the common reference string (CRS) model. Our CRS has size poly(m, k), but it is reusable for an arbitrary polynomial number of m-bit messages. In addition, it is the first NCE protocol with perfect correctness. We assume one way functions and indistinguishability obfuscation for circuits. As an essential step in our construction, we develop a technique for dealing with adversaries that modify the inputs to the protocol adaptively depending on a public key or CRS that contains obfuscated programs, while assuming only standard (polynomial) hardness of the obfuscation mechanism. This technique may well be useful elsewhere.

Available format(s)
Publication info
non-committing encryptionadaptive security
Contact author(s)
oxanapob @ bu edu
2016-05-29: received
Short URL
Creative Commons Attribution


      author = {Ran Canetti and Oxana Poburinnaya and Mariana Raykova},
      title = {Optimal-Rate Non-Committing Encryption in a CRS Model},
      howpublished = {Cryptology ePrint Archive, Paper 2016/511},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.