How to shuffle in public
2007 (English)In: THEORY OF CRYPTOGRAPHY, PROCEEDINGS, 2007, 555-574 p.Conference paper (Refereed)
We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption. We construct public-key obfuscations of a decryption shuffle based on the Boneh-Coh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption. Finally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.
Place, publisher, year, edition, pages
2007. 555-574 p.
, Lecture Notes in Computer Science, ISSN 0302-9743
Computer and Information Science
IdentifiersURN: urn:nbn:se:kth:diva-50895ISI: 000245275900030ISBN: 978-3-540-70935-0OAI: oai:DiVA.org:kth-50895DiVA: diva2:462999
4th Theory of Cryptography Conference. Amsterdam, NETHERLANDS. FEB 21-24, 2007
QC 201112082011-12-082011-12-082011-12-08Bibliographically approved