Paper 2024/762
Extractable Witness Encryption for Signed Vector Digests from Pairings and Trust-Scalable One-Time Programs
Abstract
Witness encryption (WE) allows a ciphertext to be encrypted under an NP problem such that anyone holding a valid witness for that problem can decrypt it (flexible decryptors), without interaction with others (non-interaction). However, existing schemes are either impractical or achieve only a part of these WE features. We propose a novel WE scheme that 1) is based on bilinear maps such as pairings, 2) achieves the property of flexible decryptors, and 3) still requires the decryptor's communication with a trusted signer, who only performs a fixed amount of computation and communication at regular intervals, regardless of the number of ciphertexts. It provides extractable security and can be extended to a threshold multiple signers setting, avoiding reliance on a single signer. As a significant application of our WE scheme, we build a novel one-time program (OTP) scheme in which the signers' computational and communication costs remain constant, independent of the number of OTPs to be evaluated simultaneously. This feature ensures scalable OTP evaluations without risking decreased signer participation or compromised decentralization due to increased operational costs for the signers.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- witness encryptionone-time programssignaturebilinear mapsgarbled circuits
- Contact author(s)
- suegamisora @ gmail com
- History
- 2024-05-20: approved
- 2024-05-18: received
- See all versions
- Short URL
- https://ia.cr/2024/762
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/762,
author = {Sora Suegami},
title = {Extractable Witness Encryption for Signed Vector Digests from Pairings and Trust-Scalable One-Time Programs},
howpublished = {Cryptology ePrint Archive, Paper 2024/762},
year = {2024},
note = {\url{https://eprint.iacr.org/2024/762}},
url = {https://eprint.iacr.org/2024/762}
}
