Efficient CCA Timed Commitments in Class Groups
hal.structure.identifier | Friedrich-Alexander Universität Erlangen-Nürnberg = University of Erlangen-Nuremberg [FAU] | |
dc.contributor.author | THYAGARAJAN, Sri | |
hal.structure.identifier | Lithe and fast algorithmic number theory [LFANT] | |
dc.contributor.author | CASTAGNOS, Guilhem | |
hal.structure.identifier | Exact Computing [ECO] | |
dc.contributor.author | LAGUILLAUMIE, Fabien | |
hal.structure.identifier | Max Planck Institute for Security and Privacy [Bochum] [MPI SP] | |
dc.contributor.author | MALAVOLTA, Giulio | |
dc.date.accessioned | 2024-04-04T02:43:40Z | |
dc.date.available | 2024-04-04T02:43:40Z | |
dc.date.issued | 2021-11-12 | |
dc.date.conference | 2021-11-15 | |
dc.identifier.uri | https://oskar-bordeaux.fr/handle/20.500.12278/191348 | |
dc.description.abstractEn | Timed commitments [Boneh and Naor, CRYPTO 2000] are the timed analogue of standard commitments, where the commitment can be non-interactively opened after a pre-specified amount of time passes. Timed commitments have a large spectrum of applications, such as sealed bid auctions, fair contract signing, fair multi-party computation, and cryptocurrency payments. Unfortunately, all practical constructions rely on a (private-coin) trusted setup and do not scale well with the number of participants. These are two severe limiting factors that have hindered the widespread adoption of this primitive. In this work, we set out to resolve these two issues and propose an efficient timed commitment scheme that also satisfies the strong notion of CCA-security. Specifically, our scheme has a transparent (i.e. public-coin) one-time setup and the amount of sequential computation is essentially independent of the number of participants. As a key technical ingredient, we propose the first (linearly) homomorphic time-lock puzzle with a transparent setup, from class groups of imaginary quadratic order. To demonstrate the applicability of our scheme, we use it to construct a new distributed randomness generation protocol, where parties jointly sample a random string. Our protocol is the first to simultaneously achieve (1) high scalability in the number of participants, (2) transparent one-time setup, (3) lightning speed in the optimistic case where all parties are honest, and (4) ensure that the output random string is unpredictable and unbiased, even when the adversary corrupts − 1 parties. To substantiate the practicality of our approach, we implemented our protocol and our experimental evaluation shows that it is fast enough to be used in practice. We also evaluated a heuristic version of the protocol that is at least 3 orders of magnitude more efficient both in terms of communication size and computation time. This makes the protocol suitable for supporting hundreds of participants. | |
dc.description.sponsorship | AppLicAtions de la MalléaBIlité en Cryptographie - ANR-16-CE39-0006 | |
dc.language.iso | en | |
dc.title.en | Efficient CCA Timed Commitments in Class Groups | |
dc.type | Communication dans un congrès | |
dc.identifier.doi | 10.1145/3460120.3484773 | |
dc.subject.hal | Informatique [cs]/Cryptographie et sécurité [cs.CR] | |
bordeaux.page | 2663-2684 | |
bordeaux.hal.laboratories | Institut de Mathématiques de Bordeaux (IMB) - UMR 5251 | * |
bordeaux.institution | Université de Bordeaux | |
bordeaux.institution | Bordeaux INP | |
bordeaux.institution | CNRS | |
bordeaux.conference.title | CCS 2021 - ACM SIGSAC Conference on Computer and Communications Security | |
bordeaux.country | KR | |
bordeaux.conference.city | Seoul (online) | |
bordeaux.peerReviewed | oui | |
hal.identifier | hal-03466495 | |
hal.version | 1 | |
hal.invited | non | |
hal.proceedings | oui | |
hal.conference.end | 2021-11-19 | |
hal.popular | non | |
hal.audience | Internationale | |
hal.origin.link | https://hal.archives-ouvertes.fr//hal-03466495v1 | |
bordeaux.COinS | ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.date=2021-11-12&rft.spage=2663-2684&rft.epage=2663-2684&rft.au=THYAGARAJAN,%20Sri&CASTAGNOS,%20Guilhem&LAGUILLAUMIE,%20Fabien&MALAVOLTA,%20Giulio&rft.genre=unknown |
Fichier(s) constituant ce document
Fichiers | Taille | Format | Vue |
---|---|---|---|
Il n'y a pas de fichiers associés à ce document. |