TY - GEN
T1 - A Novel Proof of Shuffle
T2 - 26th Australasian Conference on Information Security and Privacy, ACISP 2021
AU - Haines, Thomas
AU - Müller, Johannes
N1 - Publisher Copyright:
© 2021, Springer Nature Switzerland AG.
PY - 2021
Y1 - 2021
N2 - Shuffling is one of the most important techniques for privacy-preserving protocols. Its applications are manifold, including, for example, e-voting, anonymous broadcast, or privacy-preserving machine-learning. For many applications, such as secure e-voting, it is crucial that the correctness of the shuffling operation be (publicly) verifiable. To this end, numerous proofs of shuffle have been proposed in the literature. Several of these proofs are actually employed in the real world. In this work, we propose a generic compiler which can transform any “shuffle-compatible” Σ -protocol (including, among others, Σ -protocols for re-randomization, decryption, or key shifting) into a Σ -protocol for permutations of the underlying relation. The resulting proof of shuffle is black-box, easily implementable, simple to explain, and comes with an acceptable computational overhead over the state-of-the-art. Because we machine-checked our compiler in Coq, the new proof of shuffle is particularly suitable for applications that require a superior level of security assurance (e.g., high-stake elections).
AB - Shuffling is one of the most important techniques for privacy-preserving protocols. Its applications are manifold, including, for example, e-voting, anonymous broadcast, or privacy-preserving machine-learning. For many applications, such as secure e-voting, it is crucial that the correctness of the shuffling operation be (publicly) verifiable. To this end, numerous proofs of shuffle have been proposed in the literature. Several of these proofs are actually employed in the real world. In this work, we propose a generic compiler which can transform any “shuffle-compatible” Σ -protocol (including, among others, Σ -protocols for re-randomization, decryption, or key shifting) into a Σ -protocol for permutations of the underlying relation. The resulting proof of shuffle is black-box, easily implementable, simple to explain, and comes with an acceptable computational overhead over the state-of-the-art. Because we machine-checked our compiler in Coq, the new proof of shuffle is particularly suitable for applications that require a superior level of security assurance (e.g., high-stake elections).
KW - Mix net
KW - Verifiable
KW - Zero-knowledge proof
UR - http://www.scopus.com/inward/record.url?scp=85120037564&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-90567-5_15
DO - 10.1007/978-3-030-90567-5_15
M3 - Conference contribution
SN - 9783030905668
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 293
EP - 308
BT - Information Security and Privacy - 26th Australasian Conference, ACISP 2021, Proceedings
A2 - Baek, Joonsang
A2 - Ruj, Sushmita
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 1 December 2021 through 3 December 2021
ER -