On the Complexity of Additively Homomorphic UC Commitments

Research output: Contribution to book/anthology/report/proceedingArticle in proceedingsResearchpeer-review

We present a new constant round additively homomorphic commitment scheme with (amortized) computational and communication complexity linear in the size of the string committed to. Our scheme is based on the non-homomorphic commitment scheme of Cascudo \emph{et al.} presented at PKC 2015. However, we manage to add the additive homo- morphic property, while at the same time reducing the constants. In fact, when opening a large enough batch of commitments we achieve an amor- tized communication complexity converging to the length of the message committed to, i.e., we achieve close to rate 1 as the commitment protocol by Garay \emph{et al.} from Eurocrypt 2014. A main technical improvement over the scheme mentioned above, and other schemes based on using error correcting codes for UC commitment, we develop a new technique which allows to based the extraction property on erasure decoding as opposed to error correction. This allows to use a code with significantly smaller minimal distance and allows to use codes without efficient decoding.

Our scheme only relies on standard assumptions. Specifically we require a pseudorandom number generator, a linear error correcting code and an ideal oblivious transfer functionality. Based on this we prove our scheme secure in the Universal Composability (UC) framework against a static and malicious adversary corrupting any number of parties.

On a practical note, our scheme improves significantly on the non- homomorphic scheme of Cascudo \emph{et al.} Based on their observations in regards to efficiency of using linear error correcting codes for commit- ments we conjecture that our commitment scheme might in practice be more efficient than all existing constructions of UC commitment, even non-homomorphic constructions and even constructions in the random oracle model. In particular, the amortized price of computing one of our commitments is less than that of evaluating a hash function once.
Original languageEnglish
Title of host publicationTheory of Cryptography - 13th International Conference, TCC 2016-A
EditorsEyal Kushilevitz, Tal Malkin
Number of pages24
Volume 9562
Place of publicationSpringer Berlin Heidelberg
PublisherSpringer VS
Publication year2016
Pages542-565
ISBN (print)978-3-662-49095-2
ISBN (Electronic)978-3-662-49096-9
DOIs
Publication statusPublished - 2016
EventTheory of Cryptography Conference - Yaron Yerushalmi Hall, Suzanne Dellal Center, Tel Aviv, Israel
Duration: 10 Jan 201613 Jan 2016

Conference

ConferenceTheory of Cryptography Conference
LocationYaron Yerushalmi Hall, Suzanne Dellal Center
LandIsrael
ByTel Aviv
Periode10/01/201613/01/2016
SeriesLecture Notes in Computer Science
Volume9562
ISSN0302-9743

See relations at Aarhus University Citationformats

ID: 108372372