We define a new UC functionality (DL-extractable commitment scheme) that allows committer to open a commitment to a group element $$g^x$$; however, the simulator will be able to extract its discrete logarithm x. Such functionality is useful in situations where the secrecy of x is important since the knowledge of x enables to break privacy while the simulator needs to know x to be able to simulate the corrupted committer. Based on Fujisaki’s UC-secure commitment scheme and the Damgård-Fujisaki integer commitment scheme, we propose an efficient commitment scheme that realizes the new functionality. As another novelty, we construct the new scheme in the weaker RPK (registered public key) model instead of the CRS model used by Fujisaki.
CITATION STYLE
Abdolmaleki, B., Baghery, K., Lipmaa, H., Siim, J., & Zając, M. (2019). DL-Extractable UC-Commitment Schemes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11464 LNCS, pp. 385–405). Springer Verlag. https://doi.org/10.1007/978-3-030-21568-2_19
Mendeley helps you to discover research relevant for your work.