A Simple Publicly Veri able

A publicly veriiable secret sharing (PVSS) scheme is a ver-iiable secret sharing scheme with the property that the validity of the shares distributed by the dealer can be veriied by any party; hence veri-cation is not limited to the respective participants receiving the shares. We present a new construction for PVSS schemes, which compared to previous solutions by Stadler and later by Fujisaki and Okamoto, achieves improvements both in eeciency and in the type of intractability assumptions. The running time is O(nk), where k is a security parameter, and n is the number of participants, hence essentially optimal. The intractabil-ity assumptions are the standard Diie-Hellman assumption and its de-cisional variant. We present several applications of our PVSS scheme, among which is a new type of universally veriiable election scheme based on PVSS. The election scheme becomes quite practical and combines several advantages of related electronic voting schemes, which makes it of interest in its own right.