An Efficient Range-Bounded Commitment Scheme
نویسنده
چکیده
Checking whether a committed integer lies in a specific interval has many cryptographic applications. In Eurocrypt’98, Chan et al. proposed an instantiation (CFT for short). Based on CFT, Boudot presented an efficient range-bounded commitment scheme in Eurocrypt’2000. Both CFT proof and Boudot proof are based on the encryption E(x, r) = gxhr mod n, where n is an RSA modulus whose factorization is unknown by the prover. They did not use a single base as usual. Thus an increase in cost occurs. In this paper we show that it suffices to adopt a single base. The cost of the improved Boudot proof is about half of that of the original scheme. Moreover, the key restriction in the original scheme, i.e., both the discrete logarithm of g in base h and the discrete logarithm of h in base g are unknown by the prover, which is a potential menace to the Boudot proof, is definitely removed.
منابع مشابه
Time-Bounded Negation Framework for Multi-Agent Coordination
For the efficient and informative coordination of multiple agents, a time-bounded agent negotiation framework is proposed utilizing time-based commitment scheme. By attaching the commitment duration to agent messages, the traditional Contract Net Protocol is extended to a time-bounded environment, thereby giving rise to a Time-Bounded Negotiation Framework (TBNF). The proposed negotiation frame...
متن کاملOn Efficient Zero-Knowledge PCPs
We revisit the question of Zero-Knowledge PCPs, studied by Kilian, Petrank, and Tardos (STOC ’97). A ZK-PCP is defined similarly to a standard PCP, except that the view of any (possibly malicious) verifier can be efficiently simulated up to a small statistical distance. Kilian et al. obtained a ZK-PCP for NEXP in which the proof oracle is in EXP. They also obtained a ZK-PCP for NP in which the ...
متن کاملRemoving the Strong RSA Assumption from Arguments over the Integers
Committing integers and proving relations between them is an essential ingredient in many cryptographic protocols. Among them, range proofs have shown to be fundamental. They consist in proving that a committed integer lies in a public interval, which can be seen as a particular case of the more general Diophantine relations: for the committed vector of integers x, there exists a vector of inte...
متن کاملCommitment Contracts
We review the theoretical and empirical literature on commitment devices. A commitment device is any arrangement, entered into by an individual, with the aim of making it easier to fulfill his or her own future plans. We argue that there is growing empirical evidence supporting the proposition that people demand commitment devices and that these devices can change behavior. We highlight the imp...
متن کاملua nt - p h / 05 08 22 2 v 1 3 0 A ug 2 00 5 Cryptography In the Bounded Quantum - Storage Model ∗
We initiate the study of two-party cryptographic primitives with unconditional security, assuming that the adversary’s quantum memory is of bounded size. We show that oblivious transfer and bit commitment can be implemented in this model using protocols where honest parties need no quantum memory, whereas an adversarial player needs quantum memory of size at least n/2 in order to break the prot...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2007 شماره
صفحات -
تاریخ انتشار 2007