International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Simplified Submission of Inputs to Protocols

Douglas Wikstrom
Search ePrint
Search Google
Abstract: Consider an electronic election scheme implemented using a mix-net; a large number of voters submit their votes and then a smaller number of servers compute the result. The mix-net accepts an encrypted vote from each voter and outputs the set of votes in sorted order without revealing the permutation used. To ensure a fair election, the votes of corrupt voters should be independent of the votes of honest voters, i.e., some type of non-malleability or plaintext awareness is needed. However, for efficiency reasons the servers typically expect inputs from some homomorphic cryptosystem, which is inherently malleable. In this paper we consider the problem of how non-malleability can be guaranteed in the submission phase and still allow the servers to start their computation with ciphertexts of the appropriate homomorphic cryptosystem. This can clearly be achieved using general techniques, but we would like a solution which is: (1) provably secure under standard assumptions, (2) non-interactive for the submitting parties, (3) very efficient for all parties in terms of computation and communication. We give the first solution to this problem which has all these properties. Our solution is surprisingly simple and can be based on various Cramer-Shoup cryptosystems. To capture its security properties we introduce a variation of CCA2-security.
  title={Simplified Submission of Inputs to Protocols},
  booktitle={IACR Eprint archive},
  keywords={protocols, CCA2-security, mix-net},
  note={ 13787 received 31 Jul 2006, last revised 1 Oct 2007},
  author={Douglas Wikstrom},