TY - GEN
T1 - Sub-linear zero-knowledge argument for correctness of a shuffle
AU - Groth, Jens
AU - Ishai, Yuval
PY - 2008
Y1 - 2008
N2 - A shuffle of a set of ciphertexts is a new set of ciphertexts with the same plaintexts in permuted order. Shuffles of homomorphic encryptions are a key component in mix-nets, which in turn are used in protocols for anonymization and voting. Since the plaintexts are encrypted it is not directly verifiable whether a shuffle is correct, and it is often necessary to prove the correctness of a shuffle using a zero-knowledge proof or argument. In previous zero-knowledge shuffle arguments from the literature the communication complexity grows linearly with the number of ciphertexts in the shuffle. We suggest the first practical shuffle argument with sub-linear communication complexity. Our result stems from combining previous work on shuffle arguments with ideas taken from probabilistically checkable proofs.
AB - A shuffle of a set of ciphertexts is a new set of ciphertexts with the same plaintexts in permuted order. Shuffles of homomorphic encryptions are a key component in mix-nets, which in turn are used in protocols for anonymization and voting. Since the plaintexts are encrypted it is not directly verifiable whether a shuffle is correct, and it is often necessary to prove the correctness of a shuffle using a zero-knowledge proof or argument. In previous zero-knowledge shuffle arguments from the literature the communication complexity grows linearly with the number of ciphertexts in the shuffle. We suggest the first practical shuffle argument with sub-linear communication complexity. Our result stems from combining previous work on shuffle arguments with ideas taken from probabilistically checkable proofs.
KW - Homomorphic encryption
KW - Mix-net
KW - Shuffle
KW - Sub-linear communication
KW - Zero-knowledge argument
UR - http://www.scopus.com/inward/record.url?scp=44449134147&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-78967-3_22
DO - 10.1007/978-3-540-78967-3_22
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:44449134147
SN - 3540789669
SN - 9783540789666
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 379
EP - 396
BT - Advances in Cryptology - EUROCRYPT 2008 - 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
T2 - 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2008
Y2 - 13 April 2008 through 17 April 2008
ER -