Cryptology ePrint Archive: Report 2019/547

Linearly-Homomorphic Signatures and Scalable Mix-Nets

Chloé Hébant and Duong Hieu Phan and David Pointcheval

Abstract: Anonymity is a primary ingredient for our digital life. Several tools have been designed to address it such as, for authentication, blind signatures, group signatures or anonymous credentials and, for confidentiality, randomizable encryption or mix-nets. When it comes to complex electronic voting schemes, random shuffling of ciphertexts with mix-nets is the only known tool. However, it requires huge and complex zero-knowledge proofs to guarantee the actual permutation of the initial ciphertexts.

In this paper, we propose a new approach for proving correct shuffling: the mix-servers can simply randomize individual ballots, which means the ciphertexts, the signatures, and the verification keys, with an additional global proof of constant size, and the output will be publicly verifiable. The computational complexity for the mix-servers is linear in the number of ciphertexts. Verification is also linear in the number of ciphertexts, independently of the number of rounds of mixing. This leads to the most efficient technique, that is highly scalable. Our constructions make use of linearly-homomorphic signatures, with new features, that are of independent interest.

Category / Keywords: cryptographic protocols / Anonymity, random shuffling, linearly-homomorphic signatures

Original Publication (in the same form): IACR-PKC-2020

Date: received 22 May 2019, last revised 22 Jul 2020

Contact author: chloe hebant at ens fr

Available format(s): PDF | BibTeX Citation

Version: 20200722:162237 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]