具有不可关联性的承诺方案

Non-malleable Commitment Schemes

承诺方案是密码学中的一个基本方案,在密码学中的其他协议中有重要的应用,比如:安全多方计算、加密方案、签名方案、密钥交换协议等。不可关联的承诺方案是国际密码学界的一个研究热点,是实现电子拍卖的理论基础,也是多方保密计算一个重要的模块。不可关联承诺方案在密码学与实际应用中有很多用途,目前的研究主要集中于提高不可关联承诺方案的安全性、效率以及减弱困难性假设等方面。因此,提出了两种不可关联承诺方案,能有效地阻止关联攻击和复制攻击,且与其他方案相比效率更高。两种不可关联承诺方案分别基于离散对数假设和哈希函数性质的合理应用,如果能成功实施关联攻击就能够计算离散对数,计算离散对数在密码学中是难解问题,随后给出了详细的安全性证明和效率分析。研究分析表明,不可关联承诺方案运用哈希函数作为承诺函数,效率以及安全性都比较高。

Commitment scheme is a basic scheme in cryptography and has been important application in other agreements of cryptography like secure multi-party computation, encryption scheme, signature scheme, key exchange protocols and so on. Non-malleable commit- ment scheme is one focus in the international cryptographic community and the theoretical basis of electronic auction, which is also an im- portant building block of secure multi-party computation and has important applications in cryptography and practice. At present, most studies focus on improving the security and the efficiency of non-malleable commitment schemes and less difficulty hypothesis,etc. So, two non-malleable commitment schemes are proposed which can efficiently prevent malleable attack and copy attack. These non-mallea- ble commitment schemes are constructed based on discrete logarithm assumption and one-way hash function. If adversary can successfully attack the scheme, it can compute the discrete logarithm. The computing discrete logarithm in cryptography is a hard problem, and its se- curity proving and efficiencies analysis are given. Study analysis shows that non associated commitment scheme using hash function as a commitment function, efficiency and security are relatively high.