一种通用可组合安全的非交互式承诺方案  

作　　者：蔡泗沐 王立斌[1] CAI Si-mu;WANG Li-bin(School of Computer Science,South China Normal University,Guangzhou 510631,China)

机构地区：[1]华南师范大学计算机学院,广东广州510631

出　　处：《计算机与现代化》2024年第1期6-12,共7页Computer and Modernization

基　　金：国家自然科学基金资助项目(62072207)。

摘　　要：承诺方案是密码学中最基本的组件之一,是许多密码协议的基础,如零知识证明和安全多方计算协议。通用可组合安全在设计安全协议中具有重要意义,如果一种协议在通用可组合框架中可证明安全,那么即使该协议与任意(甚至不安全的)协议并发运行,它仍然保持安全性。现有的几种高效的通用可组合安全的承诺方案都是交互式协议,而非交互式的通用可组合承诺方案具有较高的协议计算量和通信复杂度。针对于此,本文在公共参考串模型下,提出一种高效的通用可组合安全的非交互式承诺方案。通用可组合承诺方案的关键设计思想在于同时实现可提取性和模棱两可性。在承诺阶段使用一种选择密文安全加密方案实现可提取性,在承诺打开阶段使用一种非交互式零知识证明,并利用一种双模式承诺方案保持协议的模棱两可性。该方案将承诺打开阶段的多轮通信改进为一轮,实现了非交互性。与现有的非交互式承诺方案相比,大大减少了计算量和通信量,提高了协议的效率。The commitment scheme is one of the most fundamental components in cryptography,and is the basis of many crypto graphic protocols,such as zero-knowledge proof and secure multi-party computing protocols.Universally composability(UC)is of great significance in designing secure protocols,if a protocol is proven secure in the UC framework,it still maintains security even if it is executed concurrently with arbitrary(even insecure)protocols.Several current efficient UC commitment schemes are all interactive protocols,and non-interactive UC commitments have high computational cost and communication complexity of the protocol.Aiming at solving this problem,an efficient UC-secure non-interactive commitment scheme in the common refer ence string model is proposed.The key design idea of universally composable commitments are to achieve extractability and equivocability at the same time.A CCA2-secure encryption scheme is used to achieve extractability in the commitment phase.A non-interactive zero-knowledge proof is used in the decommitment phase,and a dual-model commitment scheme is utilized to maintain protocol equivocability.The proposed protocol reduces the multi-round communication to one round in the open phase,achieving the non-interactivity.Compared with the existing non-interactive commitment scheme,the cost of computation and communication are greatly reduced,and the efficiency of the protocol is improved.

关 键 词：通用可组合安全 承诺方案 非交互式 公共参考串 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]