TU Darmstadt / ULB / TUbiblio

How to Securely Prolong the Computational Bindingness of Pedersen Commitments

Demirel, Denise ; Lancrenon, Jean (2015)
How to Securely Prolong the Computational Bindingness of Pedersen Commitments.
Report, Bibliographie

Kurzbeschreibung (Abstract)

Pedersen commitments are important cryptographic primitives. They allow a prover to commit to a certain value without revealing any information about it and without the prover being able to change its mind later on. Since the first property holds unconditionally this is an essential primitive for many schemes providing long-term confidentiality. However, the second property only holds computationally. Hence, in the long run bindingness is lost, making the primitive improper for long-lived systems. Thus in this paper, we describe a protocol that, in a sense, prolongs the bindingness of a given Pedersen commitment. More precisely, we demonstrate how to prove in perfect zero-knowledge that a new Pedersen commitment - generated with a larger security parameter - and a corresponding old commitment both commit to the same value. We stress that this is a non-trivial procedure. Up until now the only known perfect zero-knowledge proof techniques for proving message equivalence of two commitments work when both commitments use isomorphic message spaces. However, as we will show in this work, to prolong the security of Pedersen commitments we cannot tolerate this restriction. Our prolonging technique works for non-isomorphic message spaces, is efficient, can be repeated an arbitrary number of times, maintains unconditional confidentiality, and allows to preserve the format of the Pedersen commitments. This makes the construction presented here an important contribution to long-lived systems. Finally, we illustrate this by discussing how commitments with prolongable bindingness can be used to allow for archiving solutions that provide not only integrity but also confidentiality in the long-term.

Typ des Eintrags: Report
Erschienen: 2015
Autor(en): Demirel, Denise ; Lancrenon, Jean
Art des Eintrags: Bibliographie
Titel: How to Securely Prolong the Computational Bindingness of Pedersen Commitments
Sprache: Englisch
Publikationsjahr: Juni 2015
Kurzbeschreibung (Abstract):

Pedersen commitments are important cryptographic primitives. They allow a prover to commit to a certain value without revealing any information about it and without the prover being able to change its mind later on. Since the first property holds unconditionally this is an essential primitive for many schemes providing long-term confidentiality. However, the second property only holds computationally. Hence, in the long run bindingness is lost, making the primitive improper for long-lived systems. Thus in this paper, we describe a protocol that, in a sense, prolongs the bindingness of a given Pedersen commitment. More precisely, we demonstrate how to prove in perfect zero-knowledge that a new Pedersen commitment - generated with a larger security parameter - and a corresponding old commitment both commit to the same value. We stress that this is a non-trivial procedure. Up until now the only known perfect zero-knowledge proof techniques for proving message equivalence of two commitments work when both commitments use isomorphic message spaces. However, as we will show in this work, to prolong the security of Pedersen commitments we cannot tolerate this restriction. Our prolonging technique works for non-isomorphic message spaces, is efficient, can be repeated an arbitrary number of times, maintains unconditional confidentiality, and allows to preserve the format of the Pedersen commitments. This makes the construction presented here an important contribution to long-lived systems. Finally, we illustrate this by discussing how commitments with prolongable bindingness can be used to allow for archiving solutions that provide not only integrity but also confidentiality in the long-term.

Freie Schlagworte: Secure Data;Solutions;S6;PRISMACLOUD;unconditionally hiding commitments, long-term security, perfect zero-knowledge proofs, Pedersen commitments
ID-Nummer: TUD-CS-2015-0140
Fachbereich(e)/-gebiet(e): DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra > LTSec - Langzeitsicherheit
Profilbereiche > Cybersicherheit (CYSEC)
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra > Post-Quantum Kryptographie
LOEWE > LOEWE-Zentren
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche
20 Fachbereich Informatik
Profilbereiche
LOEWE
DFG-Sonderforschungsbereiche (inkl. Transregio)
Hinterlegungsdatum: 15 Nov 2016 23:15
Letzte Änderung: 17 Mai 2018 13:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen