Compact Zero-Knowledge Proofs of Small Hamming Weight

Damgård, Ivan; Luo, Ji; Oechsner, Sabine; Schöll, Peter; Simkin, Mark G.

doi:10.1007/978-3-319-76581-5_18

Cited by 9 publications

(2 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The first efficient non-interactive zero-knowledge proof for proving that a mix shuffled correctly is proposed in [19]. A description of how the permutation used by a mix can be constructed by multiple parties is given in [10].…”

Section: A Approaches With Additional (Neutral) Instancesmentioning

confidence: 99%

“…These rerandomized ciphertexts E ′ 1 (x ′ ρi ) form sequence X = (..., E ′ 1 (x ′ ρi ), ...). From ( 9), (10), and (11), it follows that these ciphertexts encrypt the same plaintexts as the ciphertexts E 1 (x ′ ρi ) ∈ X ′ and therefore also the same plaintexts as the ciphertexts E 1 (x i ) ∈ X. From (10), it follows that the rerandomized ciphertexts E ′ 1 (x i ) ∈ X and the non-rerandomized ciphertexts E 1 (x i ) ∈ X that encrypt the same secret input x i are different from each other, i.e., E ′…”

Section: B Distinct Ciphertextsmentioning

confidence: 99%

See 1 more Smart Citation

Efficient Cloud-based Secret Shuffling via Homomorphic Encryption

Becher¹,

Strufe²

2020

Preprint

View full text Add to dashboard Cite

When working with joint collections of confidential data from multiple sources, e.g., in cloud-based multi-party computation scenarios, the ownership relation between data providers and their inputs itself is confidential information. Protecting data providers' privacy desires a function for secretly shuffling the data collection. We present the first efficient secure multi-party computation protocol for secret shuffling in scenarios with a central server. Based on a novel approach to random index distribution, our solution enables the randomization of the order of a sequence of encrypted data such that no observer can map between elements of the original sequence and the shuffled sequence with probability better than guessing. It allows for shuffling data encrypted under an additively homomorphic cryptosystem with constant round complexity and linear computational complexity. Being a general-purpose protocol, it is of relevance for a variety of practical use cases.

show abstract

Section: A Approaches With Additional (Neutral) Instancesmentioning

confidence: 99%