University of Oxford
A Framework for UC-Secure Commitments from Publicly Computable Smooth Projective Hashing
Paper @ IMA Cryptography and Coding 2019 (07.11.2019)
Förderjahr / Science Call #2 / ProjektID: / Projekt: PROFET

From 16 to 18 December 2019, the 17th IMA International Conference on Cryptography and Coding (IMACC 2019) will be held at St Anne’s College, University of Oxford. IMACC is the biennial conference of the Institute of Mathematics and its Applications (IMA) on cryptography and coding theory and the conference series has been running for more than three decades.

In a paper that is going to be presented at IMACC 2019 in December, we, in cooperation with Behzad Abdolmaleki (University of Tartu, Estonia) and Hamidreza Khoshakhlagh (Aarhus University, Denmark), have investigated new directions in constructing a very fundamental tool for cryptographic protocols, namely commitment schemes. Before we briefly discuss the results of our work, we will briefly recall what a commitment scheme actually is. 

Let us assume that there are two parties, Alice (acting as a sender) and Bob (acting as a receiver), and they run a protocol as follows. Alice passes an analogue of a locked box including some secret message to Bob. When Alice then later reveals her secret message with a key (the so called opening information) to open the box, Bob obtains the message. The fundamental properties are that it should be guaranteed that Alice cannot change her mind in a way that the box reveals some different message than the one initially put into the box (the so called binding property) and that Bob must not learn any information about the message inside the box before it obtains the key to unlock the box and see the message (the so called hiding property).

For many cryptographic applications it is required that commitments are secure in a strong model called the Universal Composability (UC) framework. In this framework, commitments need to additionally provide strong properties called extractability and equivocability. Extractability requires that there exists some trapdoor which allows to extract the message from the commitment (without knowing the opening information). Equivocability requires that there exists a trapdoor which allows to open a given commitment to any message.

In our work we introduce a novel variant of so called smooth projective hash functions (SPHFs), which we call publicly computable SPHFs (PC-SPHFs), and show how they can be used to construct commitments in the UC framework. We also show that concrete instantiations of PC-SPHFs yield the most efficient UC-secure commitments to date. 

An interesting open question is the construction of the proposed primitive (PC-SPHFs) for the class of lattice-based languages, which would give us a conjectured post-quantum secure construction of UC commitments.

The full version of the paper to be published in the procceedings of IMACC 2019, appearing in the Lecture Notes in Computer Science (LNCS) series by Springer, is freely available on the IACR Cryptology ePrint Archive.

The paper: Behzad Abdolmaleki, Hamidreza Khoshakhlagh, Daniel Slamanig: A Framework for UC-Secure Commitments from Publicly Computable Smooth Projective Hashing. 17th IMA International Conference on Cryptography and Coding - IMACC 2019, 16-18 December 2019, Oxford, UK.

 

Daniel Slamanig

Profile picture for user daniel.slamanig
Daniel is a Senior Scientist at AIT Austrian Institute of Technology in Vienna, Austria. His main research interest are in foundational as well as applied aspects of cryptography.

Skills:

Cryptography, Privacy, Security
CAPTCHA
Diese Frage dient der Überprüfung, ob Sie ein menschlicher Besucher sind und um automatisierten SPAM zu verhindern.
    Datenschutzinformation
    Der datenschutzrechtliche Verantwortliche (Internet Privatstiftung Austria - Internet Foundation Austria, Österreich) würde gerne mit folgenden Diensten Ihre personenbezogenen Daten verarbeiten. Zur Personalisierung können Technologien wie Cookies, LocalStorage usw. verwendet werden. Dies ist für die Nutzung der Website nicht notwendig, ermöglicht aber eine noch engere Interaktion mit Ihnen. Falls gewünscht, können Sie Ihre Einwilligung jederzeit via unserer Datenschutzerklärung anpassen oder widerrufen.