Welcome to the resource topic for 2015/1178

Title:
Textbook Non-Malleable Commitments

Authors: Vipul Goyal, Omkant Pandey, Silas Richelson

We present a new non-malleable commitment protocol. Our protocol has the following features: \begin​{itemize} \item The protocol has only \emph{three rounds} of interaction. Pass (TCC 2013) showed an impossibility result for a two-round non-malleable commitment scheme w.r.t. a black-box reduction to any ``standard" intractability reduction. Thus, this resolves the round complexity of non-malleable commitment at least w.r.t. black-box security reductions. Our construction is secure as per the standard notion of non-malleability w.r.t. commitment. \item Our protocol is \emph{truly efficient}. In our basic protocol, the entire computation of the committer is dominated by just three invocations of a non-interactive statically binding commitment scheme, while, the receiver computation (in the commitment stage) is limited to just sampling a random string. Unlike many previous works, we directly construct a protocol for large tags and hence avoid any non-malleability amplification steps. \item Our protocol makes black-box use of its underlying cryptographic primitives. Previously, the best known black-box construction of non-malleable commitments required a larger (constant) number of rounds. Our basic protocol secure against synchronizing adversaries is based on black-box use of any non-interactive statistically binding commitment (which, in turn, can be based on any one-to-one one-way function). Our extended protocol requires a mildly stronger assumption and more invocations of the underlying non-interactive commitment scheme. \item Our construction is public-coin and makes use of only black-box simulation. Prior to our work, no public-coin constant round non-malleable commitment schemes were known based on black-box simulation. \end{itemize} Our techniques depart \emph{significantly} from the techniques used previously to construct non-malleable commitment schemes. As a main technical tool, we rely on non-malleable codes in the split state model. Our proofs of security are purely combinatorial in nature. In addition, we also present a simple construction of constant round non-malleable commitments from any one-way function. While this result is not new, the main feature is its simplicity compared to \emph{any} previous construction of non-malleable commitments (in any number of rounds). We believe the construction is simple enough to be covered in a graduate level course on cryptography. The construction uses non-malleable codes in the split state model in a black-box way.

ePrint: https://eprint.iacr.org/2015/1178

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .