Additive Conditional Disclosure of Secrets And Applications
نویسندگان
چکیده
During a conditional disclosure of secrets (CDS) protocol, Alice obtains a secret, held by Bob, if and only if her inputs to the protocol were “valid”. As an output masking technique, CDS protocol can be used as a subroutine in other protocols to guarantee either Bob-privacy or correctness against a malicious Alice. Using a simple seeded randomness extractor, we extend the Aiello-Ishai-Reingold CDS protocol to work over additively homomorphic public-key cryptosystems. Based on this, we construct several new two-message protocols like an oblivious transfer protocol with log-squared communication and a millionaire’s protocol with logarithmic communication. Additionally, we show how to implement private, universally verifiable and robust multi-candidate electronic voting so that all voters only transmit an encryption of their vote. Importantly, the only cryptographic hardness assumption in these protocols is that the underlying public-key cryptosystem is IND-CPA secure.
منابع مشابه
Communication Complexity of Conditional Disclosure of Secrets and Attribute-Based Encryption
We initiate a systematic treatment of the communication complexity of conditional disclosure of secrets (CDS), where two parties want to disclose a secret to a third party if and only if their respective inputs satisfy some predicate. We present a general upper bound and the first nontrivial lower bounds for conditional disclosure of secrets. Moreover, we achieve tight lower bounds for many int...
متن کاملA New Protocol for Conditional Disclosure of Secrets and Its Applications
Many protocols that are based on homomorphic encryption are private only if a client submits inputs from a limited range S . Conditional disclosure of secrets (CDS) helps to overcome this restriction. In a CDS protocol for a set S , the client obtains server’s secret if and only if the client’s inputs belong to S and thus the server can guard itself against malformed queries. We extend the exis...
متن کاملA New and Efficient All-Or-Nothing Disclosure of Secrets Protocol
Two-party protocols have been considered for a long time. Currently, there is a renewed effort to revisit specific protocols to gain efficiency. As an example, one may quote the breakthrough of [BF97], bringing a new solution to the problem of secretly generating RSA keys, which itself goes back to the pioneering work by Yao [Yao86]. The AllOr-Nothing Disclosure of Secrets protocol (ANDOS) was ...
متن کاملConditional Disclosure of Secrets: Amplification, Closure, Amortization, Lower-Bounds, and Separations
In the conditional disclosure of secrets problem (Gertner et al., J. Comput. Syst. Sci., 2000) Alice and Bob, who hold inputs x and y respectively, wish to release a common secret s to Carol (who knows both x and y) if only if the input (x, y) satisfies some predefined predicate f . Alice and Bob are allowed to send a single message to Carol which may depend on their inputs and some joint rando...
متن کاملUnconditionally Secure All-or-Nothing Disclosure of Secrets Based on POVM Measurements*
Secure two-party protocols are of significant research and application value. All-or-Nothing Disclosure of Secrets (ANDOS) is such a kind of cryptographic task. It involves two parties, a vendor and a buyer. The vendor, say Alice, who disposes of several secrets and is willing to sell any of them to the buyer, say Bob, with the guarantee that no information about the other secrets will be obtai...
متن کامل