Cryptology ePrint Archive: Report 2017/1069

Non-Malleability vs. CCA-Security: The Case of Commitments

Brandon Broadnax and Valerie Fetzer and Jörn Müller-Quade and Andy Rupp

Abstract: In this work, we settle the relations among a variety of security notions related to non-malleability and CCA-security that have been proposed for commitment schemes in the literature. Interestingly, all our separations follow from two generic transformations. Given two appropriate security notions X and Y from the class of security notions we compare, these transformations take a commitment scheme that fulfills notion X and output a commitment scheme that still fulfills notion X but not notion Y.

Using these transformations, we are able to show that some of the known relations for public-key encryption do not carry over to commitments. In particular, we show that, surprisingly, parallel non-malleability and parallel CCA-security are not equivalent for commitment schemes. This stands in contrast to the situation for public-key encryption where these two notions are equivalent as shown by Bellare et al. at CRYPTO ‘99.

Category / Keywords: non-malleability, CCA security, commitments, security definitions

Original Publication (in the same form): IACR-PKC-2018

Date: received 3 Nov 2017, last revised 9 Jan 2018

Contact author: brandon broadnax at kit edu

Available format(s): PDF | BibTeX Citation

Version: 20180109:095509 (All versions of this report)

Short URL: ia.cr/2017/1069

Discussion forum: Show discussion | Start new discussion