In this work, we make progress in this direction. We propose a new verifiable secret shuffle for BGV ciphertexts as well as a compatible verifiable distributed decryption protocol. The shuffle is based on an extension of a shuffle of commitments to known values which is combined with an amortized proof of correct re-randomization. The verifiable distributed decryption protocol uses noise drowning for BGV decryption, proving correctness of decryption steps in zero-knowledge.
We give concrete parameters for our system, estimate the size of each component and provide an implementation of all sub-protocols. Together, the shuffle and the decryption protocol are suitable for use in real-world cryptographic voting schemes, which we demonstrate with a prototype voting protocol design.
Category / Keywords: cryptographic protocols / lattice cryptography, verifiable mix-nets, distributed decryption, zero-knowledge proofs, cryptographic voting, implementation Date: received 1 Apr 2022 Contact author: dfaranha at cs au dk, cbaum at cs au dk, kristian gjosteen at ntnu no, tjerand silde at ntnu no Available format(s): PDF | BibTeX Citation Version: 20220406:130101 (All versions of this report) Short URL: ia.cr/2022/422