A Mix-Net from Any CCA2 Secure Cryptosystem

نویسندگان

  • Shahram Khazaei
  • Tal Moran
  • Douglas Wikström
چکیده

We construct a provably secure mix-net from any CCA2 secure cryptosystem. The mix-net is secure against active adversaries that statically corrupt less than λ out of k mix-servers, where λ is a threshold parameter, and it is robust provided that at most min(λ− 1, k − λ) mix-servers are corrupted. The main component of our construction is a mix-net that outputs the correct result if all mix-servers behaved honestly, and aborts with probability 1−O(H−(t−1)) otherwise (without disclosing anything about the inputs), where t is an auxiliary security parameter and H is the number of honest parties. The running time of this protocol for long messages is roughly 3tc, where c is the running time of Chaum’s mix-net (1981).

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An Adaptively Secure Mix-Net Without Erasures

We construct the first mix-net that is secure against adaptive adversaries corrupting any minority of the mix-servers and any set of senders. The mix-net is based on the Paillier cryptosystem and analyzed in the universal composability model without erasures under the decisional composite residuosity assumption, the strong RSA-assumption, and the discrete logarithm assumption. We assume the exi...

متن کامل

Simplified Submission of Inputs to Protocols

Consider an electronic election scheme implemented using a mix-net; a large number of voters submit their votes and then a smaller number of servers compute the result. The mix-net accepts an encrypted vote from each voter and outputs the set of votes in sorted order without revealing the permutation used. To ensure a fair election, the votes of corrupt voters should be independent of the votes...

متن کامل

An Efficient CCA2-Secure Variant of the McEliece Cryptosystem in the Standard Model

Recently, a few chosen-ciphertext secure (CCA2-secure) variants of the McEliece public-key encryption (PKE) scheme in the standard model were introduced. All the proposed schemes are based on encryption repetition paradigm and use general transformation from CPAsecure scheme to a CCA2-secure one. Therefore, the resulting encryption scheme needs separate encryption and has large key size compare...

متن کامل

An efficient IND-CCA2 secure Paillier-based cryptosystem

This paper proposes a provably secure transformation of Paillier cryptosystem into an IND-CCA2 secure one in random oracle model. Our construction exploits the randomness extractability of Paillier cryptosystem for achieving efficiency. Lastly, we compare this conversion with other generic and specific IND-CCA2 conversions in terms of computational overhead and efficiency.

متن کامل

URDP: General Framework for Direct CCA2 Security from any Lattice-Based PKE Scheme

Design efficient lattice-based cryptosystem secure against adaptive chosen ciphertext attack (IND-CCA2) is a challenge problem. To the date, full CCA2-security of all proposed lattice-based cryptosystems achieved by using a generic transformations such as either strongly unforgeable one-time signature schemes (SU-OT-SS), or a message authentication code (MAC) and weak form of commitment. The dr...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012