On the existence of statistically hiding bit commitment schemes and fail-stop signatures

1997 ◽  
Vol 10 (3) ◽  
pp. 163-194 ◽  
Author(s):  
Ivan B. Damgård ◽  
Torben P. Pedersen ◽  
Birgit Pfitzmann
Keyword(s):  
Bit Commitment ◽  
Commitment Schemes

scholarly journals Linear Zero-Knowledgde. A Note on Efficient Zero-Knowledge Proofs and Arguments

1996 ◽  
Vol 3 (7) ◽  
Author(s):  
Ivan B. Damgård ◽  
Ronald Cramer
Keyword(s):  
Error Probability ◽  
Communication Complexity ◽  
Boolean Formula ◽  
Interactive Proof ◽  
Zero Knowledge ◽  
Bit Commitment ◽  
Commitment Scheme ◽  
Commitment Schemes ◽  
Realistic Situation ◽  
Language L

We present a zero-knowledge proof system [19] for any NP language L, which<br />allows showing that x in L with error probability less than 2^−k using communication<br />corresponding to O(|x|^c) + k bit commitments, where c is a constant depending only<br />on L. The proof can be based on any bit commitment scheme with a particular set<br />of properties. We suggest an efficient implementation based on factoring.<br />We also present a 4-move perfect zero-knowledge interactive argument for any NP-language<br />L. On input x in L, the communication complexity is O(|x|^c) max(k; l)<br />bits, where l is the security parameter for the prover. Again, the protocol can be<br />based on any bit commitment scheme with a particular set of properties. We suggest<br />efficient implementations based on discrete logarithms or factoring.<br />We present an application of our techniques to multiparty computations, allowing<br />for example t committed oblivious transfers with error probability 2^−k to be done<br />simultaneously using O(t+k) commitments. Results for general computations follow<br />from this.<br />As a function of the security parameters, our protocols have the smallest known<br />asymptotic communication complexity among general proofs or arguments for NP.<br />Moreover, the constants involved are small enough for the protocols to be practical in<br />a realistic situation: both protocols are based on a Boolean formula Phi containing and-<br />, or- and not-operators which verifies an NP-witness of membership in L. Let n be<br />the number of times this formula reads an input variable. Then the communication<br />complexity of the protocols when using our concrete commitment schemes can be<br />more precisely stated as at most 4n + k + 1 commitments for the interactive proof<br />and at most 5nl +5l bits for the argument (assuming k <= l). Thus, if we use k = n,<br />the number of commitments required for the proof is linear in n.<br />Both protocols are also proofs of knowledge of an NP-witness of membership in<br />the language involved.

scholarly journals Deterministic relativistic quantum bit commitment

2015 ◽  
Vol 13 (05) ◽  
pp. 1550029 ◽  
Author(s):  
Emily Adlam ◽  
Adrian Kent
Keyword(s):  
Quantum Entanglement ◽  
Relativistic Quantum ◽  
Quantum Bit ◽  
Bit Commitment ◽  
Perfect Security ◽  
Commitment Schemes ◽  
Local Randomness

We describe new unconditionally secure bit commitment schemes whose security is based on Minkowski causality and the monogamy of quantum entanglement. We first describe an ideal scheme that is purely deterministic, in the sense that neither party needs to generate any secret randomness at any stage. We also describe a variant that allows the committer to proceed deterministically, requires only local randomness generation from the receiver, and allows the commitment to be verified in the neighborhood of the unveiling point. We show that these schemes still offer near-perfect security in the presence of losses and errors, which can be made perfect if the committer uses an extra single random secret bit. We discuss scenarios where these advantages are significant.

scholarly journals Statistical Secrecy and Multi-Bit Commitments

1996 ◽  
Vol 3 (45) ◽  
Author(s):  
Ivan B. Damgård ◽  
Torben P. Pedersen ◽  
Birgit Pfitzmann
Keyword(s):  
Communication Complexity ◽  
Probability Distributions ◽  
The Other ◽  
L1 Norm ◽  
Shannon Theory ◽  
Bit Commitment ◽  
Commitment Schemes ◽  
Total Communication ◽  
Index Terms ◽  
Bit Commitments

<p>We present and compare definitions of the notion of "statistically<br />hiding" protocols, and we propose a novel statistically hiding commitment<br />scheme. Informally, a protocol statistically hides a secret if a<br />computationally unlimited adversary who conducts the protocol with<br />the owner of the secret learns almost nothing about it. One definition<br />is based on the L1-norm distance between probability distributions,<br />the other on information theory. We prove that the two definitions are<br />essentially equivalent. For completeness, we also show that statistical<br />counterparts of definitions of computational secrecy are essentially<br />equivalent to our main definitions. Commitment schemes are an important<br /> cryptologic primitive. Their purpose is to commit one party to a certain value,<br /> while hiding this value from the other party until some later time.<br /> We present a statistically<br />hiding commitment scheme allowing commitment to many<br />bits. The commitment and reveal protocols of this scheme are constant<br />round, and the size of a commitment is independent of the number of<br />bits committed to. This also holds for the total communication complexity,<br />except of course for the bits needed to send the secret when it<br />is revealed. The proof of the hiding property exploits the equivalence<br />of the two definitions.</p><p>Index terms -- Cryptology, Shannon theory, unconditional security,<br />statistically hiding, multi-bit commitment, similarity of ensembles<br />of distributions, zero-knowledge, protocols.</p><p> </p>

scholarly journals Quantum Bit Commitment and the Reality of the Quantum State

2018 ◽  
Vol 48 (1) ◽  
pp. 92-109 ◽  
Author(s):  
R. Srikanth
Keyword(s):  
Quantum State ◽  
Quantum Bit ◽  
Bit Commitment

DL-Extractable UC-Commitment Schemes

2019 ◽  
pp. 385-405 ◽  
Author(s):  
Behzad Abdolmaleki ◽  
Karim Baghery ◽  
Helger Lipmaa ◽  
Janno Siim ◽  
Michał Zając
Keyword(s):  
Commitment Schemes

scholarly journals Coin Tossing is Strictly Weaker than Bit Commitment

1999 ◽  
Vol 83 (25) ◽  
pp. 5382-5384 ◽  
Author(s):  
Adrian Kent
Keyword(s):  
Bit Commitment ◽  
Coin Tossing
Sign in / Sign up

Export Citation Format

Share Document