Skip to main content
Springer Nature Link
Log in

Shuffle Arguments Based on Subset-Checking

  • Conference paper
  • First Online:
Security and Cryptography for Networks (SCN 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14973))

Included in the following conference series:

  • 221 Accesses

Abstract

Zero-knowledge shuffle arguments are a useful tool for constructing mix-nets which enable anonymous communication. We propose a new shuffle argument using a novel technique that probabilistically checks that each weighted set of input elements corresponds to some weighted set of output elements, with weights from the same set as the input element weights. We achieve this using standard discrete log assumptions and the shortest integer solution (SIS) assumption. Our shuffle argument has prover and verifier complexity linear in the size of the shuffled set, and communication complexity logarithmic both in the shuffled set size and security parameter.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Brands [10] called it the FindRep assumption and its known to be tightly equivalent to the discrete logarithm assumption.

  2. 2.

    If non-trivial DLRELs are known between the input elements and the value h, there are attacks that succeed with overwhelming probability.

  3. 3.

    Essentially finding a DLREL that holds both between the original commitments and the rerandomized ones, is related to solving a linear equation with \(N\) variables with two equations.

  4. 4.

    The number v here depends on our SIS-assumption. If a cheating prover wants to use some known non-trivial discrete relation between the inputs, the relation has to be “short” and same across every rerandomization, meaning that effectively using it would break the SIS-assumption. We will expand on this more formally later.

References

  1. Abdolmaleki, B., Fauzi, P., Krips, T., Siim, J.: Shuffle arguments based on subset-checking. Cryptology ePrint Archive, Report 2024/1056 (2024). https://eprint.iacr.org/2024/1056

  2. Adida, B.: Helios: Web-based open-audit voting. In: van Oorschot, P.C. (ed.) USENIX Security 2008, pp. 335–348. USENIX Association (2008)

    Google Scholar 

  3. Aggelakis, A., Fauzi, P., Korfiatis, G., Louridas, P., Mergoupis-Anagnou, F., Siim, J., Zając, M.: A non-interactive shuffle argument with low trust assumptions. In: Jarecki, S. (ed.) CT-RSA 2020. LNCS, vol. 12006, pp. 667–692. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40186-3_28

    Chapter  Google Scholar 

  4. Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: 28th ACM STOC, pp. 99–108. ACM Press (1996). https://doi.org/10.1145/237814.237838

  5. Aranha, D.F., Baum, C., Gjøsteen, K., Silde, T., Tunge, T.: Lattice-based proof of shuffle and applications to electronic voting. In: Paterson, K.G. (ed.) CT-RSA 2021. LNCS, vol. 12704, pp. 227–251. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75539-3_10

    Chapter  Google Scholar 

  6. Attema, T., Cramer, R.: Compressed \(\varSigma \)-protocol theory and practical application to plug  & play secure algorithmics. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 513–543. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_18

    Chapter  Google Scholar 

  7. Attema, T., Cramer, R., Kohl, L.: A compressed \(\varSigma \)-protocol theory for lattices. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part II. LNCS, vol. 12826, pp. 549–579. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84245-1_19

    Chapter  Google Scholar 

  8. Boneh, D., Eskandarian, S., Hanzlik, L., Greco, N.: Single secret leader election. Cryptology ePrint Archive, Report 2020/025 (2020), https://eprint.iacr.org/2020/025

  9. Brakerski, Z., Vaikuntanathan, V.: Constrained key-homomorphic PRFs from standard lattice assumptions. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015. LNCS, vol. 9015, pp. 1–30. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46497-7_1

    Chapter  Google Scholar 

  10. Brands, S.: Untraceable off-line cash in wallet with observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_26

    Chapter  Google Scholar 

  11. Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: 2018 IEEE Symposium on Security and Privacy, pp. 315–334. IEEE Computer Society Press (2018). https://doi.org/10.1109/SP.2018.00020

  12. Campanelli, M., Fiore, D., Querol, A.: LegoSNARK: modular design and composition of succinct zero-knowledge proofs. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2075–2092. ACM Press (2019). https://doi.org/10.1145/3319535.3339820

  13. Chung, H., Han, K., Ju, C., Kim, M., Seo, J.H.: BulletProofs+: shorter proofs for privacy-enhanced distributed ledger. Cryptology ePrint Archive, Report 2020/735 (2020). https://eprint.iacr.org/2020/735

  14. Damgård, I.: On \(\sigma \)-protocols. Lecture Notes, University of Aarhus, Department for Computer Science, p. 84 (2002)

    Google Scholar 

  15. Faonio, A., Fiore, D., Herranz, J., Ràfols, C.: Structure-preserving and re-randomizable RCCA-secure public key encryption and its applications. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11923, pp. 159–190. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34618-8_6

    Chapter  Google Scholar 

  16. Fauzi, P., Lipmaa, H., Siim, J., Zając, M.: An efficient pairing-based shuffle argument. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part II. LNCS, vol. 10625, pp. 97–127. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_4

    Chapter  Google Scholar 

  17. Fauzi, P., Meiklejohn, S., Mercer, R., Orlandi, C.: Quisquis: a new design for anonymous cryptocurrencies. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019, Part I. LNCS, vol. 11921, pp. 649–678. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34578-5_23

    Chapter  Google Scholar 

  18. Fleischhacker, N., Simkin, M.: On publicly-accountable zero-knowledge and small shuffle arguments. In: Garay, J.A. (ed.) PKC 2021, Part II. LNCS, vol. 12711, pp. 618–648. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75248-4_22

    Chapter  Google Scholar 

  19. Furukawa, J., Sako, K.: An efficient scheme for proving a shuffle. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 368–387. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_22

    Chapter  Google Scholar 

  20. Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, pp. 197–206. ACM Press (2008). https://doi.org/10.1145/1374376.1374407

  21. Haines, T., Müller, J.: SoK: techniques for verifiable mix nets. In: Jia, L., Küsters, R. (eds.) CSF 2020 Computer Security Foundations Symposium, pp. 49–64. IEEE Computer Society Press (2020). https://doi.org/10.1109/CSF49147.2020.00012

  22. Hoffmann, M., Klooß, M., Rupp, A.: Efficient zero-knowledge arguments in the discrete log setting, revisited. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2093–2110. ACM Press (2019). https://doi.org/10.1145/3319535.3354251

  23. Larsen, K.G., Obremski, M., Simkin, M.: Distributed shuffling in adversarial environments. Cryptology ePrint Archive, Report 2022/560 (2022). https://eprint.iacr.org/2022/560

  24. Neff, C.A.: A verifiable secret shuffle and its application to e-voting. In: Reiter, M.K., Samarati, P. (eds.) ACM CCS 2001, pp. 116–125. ACM Press (2001). https://doi.org/10.1145/501983.502000

  25. Pippenger, N.: On the evaluation of powers and monomials. SIAM J. Comput. 9(2), 230–250 (1980). https://doi.org/10.1137/0209022

    Article  MathSciNet  Google Scholar 

  26. Team, T.E.F.C.R.: CurdleProofs: a shuffle argument protocol (2022). https://github.com/asn-d6/curdleproofs

  27. Tsoukalas, G., Papadimitriou, K., Louridas, P., Tsanakas, P.: From Helios to Zeus. In: 2013 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, EVT/WOTE 2013, Washington, D.C., USA, 12–13 August 2013. USENIX Association (2013). https://www.usenix.org/conference/evtwote13/workshop-program/presentation/tsoukalas

  28. Tyagi, N., Gilad, Y., Zaharia, M., Zeldovich, N.: Stadium: a distributed metadata-private messaging system. Cryptology ePrint Archive, Report 2016/943 (2016). https://eprint.iacr.org/2016/943

Download references

Acknowledgment

This research is supported by the National Research Foundation, Singapore under its Strategic Capability Research Centres Funding Initiative. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not reflect the views of National Research Foundation, Singapore.

Author Toomas Krips was partly supported by the Estonian Research Council, ETAG, through grant PRG 946.

Author information

Authors and Affiliations

  1. University of Sheffield, Sheffield, UK

    Behzad Abdolmaleki

  2. Nanyang Technological University, Singapore, Singapore

    Prastudy Fauzi

  3. University of Tartu, Tartu, Estonia

    Toomas Krips

  4. Simula UiB, Bergen, Norway

    Janno Siim

Authors
  1. Behzad Abdolmaleki
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Prastudy Fauzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Toomas Krips
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Janno Siim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Prastudy Fauzi .

Editor information

Editors and Affiliations

  1. Università degli Studi di Salerno, Fisciano, Italy

    Clemente Galdi

  2. Télécom Paris, Paris, France

    Duong Hieu Phan

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Abdolmaleki, B., Fauzi, P., Krips, T., Siim, J. (2024). Shuffle Arguments Based on Subset-Checking. In: Galdi, C., Phan, D.H. (eds) Security and Cryptography for Networks. SCN 2024. Lecture Notes in Computer Science, vol 14973. Springer, Cham. https://doi.org/10.1007/978-3-031-71070-4_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-71070-4_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-71069-8

  • Online ISBN: 978-3-031-71070-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics