Shorter Lattice-Based Zero-Knowledge Proofs for the Correctness of a Shuffle
FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2021(2021)
摘要
In an electronic voting procedure, mixing networks are used to ensure anonymity of the casted votes. Each node of the network re-encrypts the input list of ciphertexts and randomly permutes it in a process named shuffle, and must prove (in zero-knowledge) that the process was applied honestly. To maintain security of such a process in a post-quantum scenario, new proofs are based on different mathematical assumptions, such as lattice-based problems. Nonetheless, the best lattice-based protocols to ensure verifiable shuffling have linear communication complexity on N, the number of shuffled ciphertexts. In this paper we propose the first sub-linear (on N) post-quantum zero-knowledge argument for the correctness of a shuffle, for which we have mainly used two ideas: arithmetic circuit satisfiability results from [6] and Benes networks to model a permutation of N elements. The achieved communication complexity of our protocol with respect to N is O root Nlog(2) (N)), but we will also highlight its dependency on other important parameters of the underlying lattice ingredients.
更多查看译文
关键词
Electronic voting, Verifiable shuffle, Lattice-based cryptography, Zero-knowledge
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要