Abstract—Non-malleability is an important property in commitment schemes. It can resist to the person-in-the-middle (PIM) attacks within the interaction. In this paper, we focus on the non-malleability in ID-based trapdoor commitments. We first give two constructions of (full) ID-based trapdoor commitment schemes based on RSA and Factoring assumptions respectively and then extend them to non-m...

Non-malleability is an interesting and useful property which ensures that a cryptographic protocol preserves the independence of the underlying values: given for example an encryption E(m) of some unknown message m, it should be hard to transform this ciphertext into some encryption E(m∗) of a related message m∗. This notion has been studied extensively for primitives like encryption, commitmen...

We formally study “non-malleable functions” (NMFs), a general cryptographic primitive which simplifies and relaxes “non-malleable one-way/hash functions” (NMOWHFs) introduced by Boldyreva et al. (Asiacrypt 2009) and refined by Baecher et al. (CT-RSA 2010). NMFs focus on basic functions, rather than one-way/hash functions considered in the literature of NMOWHFs. We mainly follow Baecher et al. t...

In this paper we consider commitment schemes that are secure against concurrent man-in-the-middle (cMiM) attacks. Under such attacks, two possible notions of security for commitment schemes have been proposed in the literature: concurrent non-malleability with respect to commitment and concurrent non-malleability with respect to decommitment (i.e., opening). After the original notion of non-mal...

How many rounds and which computational assumptions are needed for concurrent nonmalleable commitments? The above question has puzzled researchers for several years. Recently, Pass in [TCC 2013] proved a lower bound of 3 rounds when security is proven through black-box reductions to falsifiable assumptions. On the other side, positive results of Goyal [STOC 2011], Lin and Pass [STOC 2011] and G...

How many rounds and which computational assumptions are needed for concurrent nonmalleable commitments? The above question has puzzled researchers for several years. Recently, Pass in [TCC 2013] proved a lower bound of 3 rounds when security is proven through black-box reductions to falsifiable assumptions. On the other side, positive results of Goyal [STOC 2011], Lin and Pass [STOC 2011] and G...

A non-malleable encoding scheme is a keyless encoding scheme which is resilient to tampering attacks. Such a scheme is said to be continuously secure if the scheme is resilient to attacks containing more than one tampering procedure. Also, such a scheme is said to have tamper-detection property if any kind of tampering attack is detected. In [S. Faust, et al., Continuous nonmalleable codes, TCC...

In this paper we introduce two notions of security: multiuser indistinguishability and multiuser non-malleability. We believe that they encompass the correct requirements for public key encryp-tion schemes in the context of multicast communications. A precise and non-trivial analysis prove that they are equivalent to the former single-user notions, provided the number of participants is polynom...

In this paper we introduce two notions of security: multi-user indistinguishability and multi-user non-malleability. We believe that they encompass the correct requirements for public key encryption schemes in the context of multicast communications. A precise and non-trivial analysis proves that they are equivalent to the former single-user notions, provided the number of participants is polyn...

Non-malleable codes are randomized codes that protect coded messages against modification by functions in a tampering function class. These codes are motivated by providing tamper resilience in applications where a cryptographic secret is stored in a tamperable storage device and the protection goal is to ensure that the adversary cannot benefit from their tamperings with the device. In this pa...