Efficient UC commitment extension with homomorphism for free (and applications)

Ignacio Cascudo; Ivan Damgård; Bernardo David; Nico Döttling; Rafael Dowsley; Irene Giacomelli

doi:10.1007/978-3-030-34621-8_22

Efficient UC commitment extension with homomorphism for free (and applications)

Ignacio Cascudo, Ivan Damgård, Bernardo David, Nico Döttling, Rafael Dowsley, Irene Giacomelli

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

6 Citations (Scopus)

Abstract

Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values. In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment, while the previous best constructions require oblivious transfer. We obtain amortized linear computational complexity in the length of the input messages and rate 1. Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters. Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic. These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments. Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge.

Original language	English
Title of host publication	Advances in Cryptology – ASIACRYPT 2019
Subtitle of host publication	25th International Conference on the Theory and Application of Cryptology and Information Security Kobe, Japan, December 8–12, 2019 Proceedings, Part II
Editors	Steven D. Galbraith, Shiho Moriai
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	606-635
Number of pages	30
ISBN (Electronic)	9783030346218
ISBN (Print)	9783030346201
DOIs	https://doi.org/10.1007/978-3-030-34621-8_22
Publication status	Published - 2019
Externally published	Yes
Event	International Conference on the Theory and Application of Cryptology and Information Security 2019 - Kobe, Japan Duration: 8 Dec 2019 → 12 Dec 2019 Conference number: 25th https://link.springer.com/book/10.1007/978-3-030-34621-8 (Proceedings) https://asiacrypt.iacr.org/2019/ (Website)

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	11922
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Conference on the Theory and Application of Cryptology and Information Security 2019
Abbreviated title	ASIACRYPT 2019
Country/Territory	Japan
City	Kobe
Period	8/12/19 → 12/12/19
Internet address	https://link.springer.com/book/10.1007/978-3-030-34621-8 (Proceedings) https://asiacrypt.iacr.org/2019/ (Website)

Access to Document

10.1007/978-3-030-34621-8_22

318637331-oaFinal published version, 926 KB

Cite this

Cascudo, I., Damgård, I., David, B., Döttling, N., Dowsley, R., & Giacomelli, I. (2019). Efficient UC commitment extension with homomorphism for free (and applications). In S. D. Galbraith, & S. Moriai (Eds.), Advances in Cryptology – ASIACRYPT 2019: 25th International Conference on the Theory and Application of Cryptology and Information Security Kobe, Japan, December 8–12, 2019 Proceedings, Part II (pp. 606-635). (Lecture Notes in Computer Science ; Vol. 11922 ). Springer. https://doi.org/10.1007/978-3-030-34621-8_22

Cascudo, Ignacio ; Damgård, Ivan ; David, Bernardo et al. / Efficient UC commitment extension with homomorphism for free (and applications). Advances in Cryptology – ASIACRYPT 2019: 25th International Conference on the Theory and Application of Cryptology and Information Security Kobe, Japan, December 8–12, 2019 Proceedings, Part II. editor / Steven D. Galbraith ; Shiho Moriai. Cham Switzerland : Springer, 2019. pp. 606-635 (Lecture Notes in Computer Science ).

@inproceedings{94c7025220b94c61822dc725f647528b,

title = "Efficient UC commitment extension with homomorphism for free (and applications)",

abstract = "Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values. In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment, while the previous best constructions require oblivious transfer. We obtain amortized linear computational complexity in the length of the input messages and rate 1. Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters. Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic. These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments. Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge.",

author = "Ignacio Cascudo and Ivan Damg{\aa}rd and Bernardo David and Nico D{\"o}ttling and Rafael Dowsley and Irene Giacomelli",

year = "2019",

doi = "10.1007/978-3-030-34621-8_22",

language = "English",

isbn = "9783030346201",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "606--635",

editor = "Galbraith, {Steven D.} and Shiho Moriai",

booktitle = "Advances in Cryptology – ASIACRYPT 2019",

note = "International Conference on the Theory and Application of Cryptology and Information Security 2019, ASIACRYPT 2019 ; Conference date: 08-12-2019 Through 12-12-2019",

url = "https://link.springer.com/book/10.1007/978-3-030-34621-8, https://asiacrypt.iacr.org/2019/",

}

Cascudo, I, Damgård, I, David, B, Döttling, N, Dowsley, R & Giacomelli, I 2019, Efficient UC commitment extension with homomorphism for free (and applications). in SD Galbraith & S Moriai (eds), Advances in Cryptology – ASIACRYPT 2019: 25th International Conference on the Theory and Application of Cryptology and Information Security Kobe, Japan, December 8–12, 2019 Proceedings, Part II. Lecture Notes in Computer Science , vol. 11922 , Springer, Cham Switzerland, pp. 606-635, International Conference on the Theory and Application of Cryptology and Information Security 2019, Kobe, Japan, 8/12/19. https://doi.org/10.1007/978-3-030-34621-8_22

Efficient UC commitment extension with homomorphism for free (and applications). / Cascudo, Ignacio; Damgård, Ivan; David, Bernardo et al.
Advances in Cryptology – ASIACRYPT 2019: 25th International Conference on the Theory and Application of Cryptology and Information Security Kobe, Japan, December 8–12, 2019 Proceedings, Part II. ed. / Steven D. Galbraith; Shiho Moriai. Cham Switzerland: Springer, 2019. p. 606-635 (Lecture Notes in Computer Science ; Vol. 11922 ).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Efficient UC commitment extension with homomorphism for free (and applications)

AU - Cascudo, Ignacio

AU - Damgård, Ivan

AU - David, Bernardo

AU - Döttling, Nico

AU - Dowsley, Rafael

AU - Giacomelli, Irene

N1 - Conference code: 25th

PY - 2019

Y1 - 2019

N2 - Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values. In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment, while the previous best constructions require oblivious transfer. We obtain amortized linear computational complexity in the length of the input messages and rate 1. Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters. Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic. These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments. Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge.

AB - Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values. In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment, while the previous best constructions require oblivious transfer. We obtain amortized linear computational complexity in the length of the input messages and rate 1. Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters. Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic. These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments. Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge.

UR - http://www.scopus.com/inward/record.url?scp=85074983945&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-34621-8_22

DO - 10.1007/978-3-030-34621-8_22

M3 - Conference Paper

SN - 9783030346201

T3 - Lecture Notes in Computer Science

SP - 606

EP - 635

BT - Advances in Cryptology – ASIACRYPT 2019

A2 - Galbraith, Steven D.

A2 - Moriai, Shiho

PB - Springer

CY - Cham Switzerland

T2 - International Conference on the Theory and Application of Cryptology and Information Security 2019

Y2 - 8 December 2019 through 12 December 2019

ER -

Cascudo I, Damgård I, David B, Döttling N, Dowsley R, Giacomelli I. Efficient UC commitment extension with homomorphism for free (and applications). In Galbraith SD, Moriai S, editors, Advances in Cryptology – ASIACRYPT 2019: 25th International Conference on the Theory and Application of Cryptology and Information Security Kobe, Japan, December 8–12, 2019 Proceedings, Part II. Cham Switzerland: Springer. 2019. p. 606-635. (Lecture Notes in Computer Science ). doi: 10.1007/978-3-030-34621-8_22

Efficient UC commitment extension with homomorphism for free (and applications)

Abstract

Publication series

Conference

Access to Document

Other files and links

Cite this