Skip to main content
SpringerLink
Log in

Verifiable shuffles: a formal model and a Paillier-based three-round construction with provable security

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

A shuffle takes a list of ciphertexts and outputs a permuted list of re-encryptions of the input ciphertexts. Mix-nets, a popular method for anonymous routing, can be constructed from a sequence of shuffles and decryption. We propose a formal model for security of verifiable shuffles and a new verifiable shuffle system based on the Paillier encryption scheme, and prove its security in the proposed dmodel. The model is general and can be extended to provide provable security for verifiable shuffle decryption.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Abe, M.: Universally verifiable mix-net with verification work independent of the number of mix-servers. EUROCRYPT 1998, LNCS 1403, pp. 437–447. Springer-Verlag, Berlin (1998)

  2. Abe, M.: Mix-networks on permutation networks. ASIACRYPT 1999, LNCS 1716, pp. 258–273. Springer-Verlag, Berlin (1999)

  3. Abe, M., Hoshino, F.: Remarks on mix-network based on permutation networks. PKC 2001, LNCS, pp. 317–324. Springer-Verlag, Berlin (2001)

  4. Abe, M., Imai, H.: Flaws in some robust optimistic mix-nets. ACISP 2003, LNCS 2727, pp. 39–50. Springer-Verlag, Berlin (2003)

  5. Abe, M.: Combining encryption and proof of knowledge in the random oracle model. Comput. J. 47(1) (2004)

  6. Agrawal, M., Kayal, N., Saxena, N.: PRIMES is in P. Annal. Math. 160(2), 781–793 (2004)

    Google Scholar 

  7. Boneh, D., Golle, P.: Almost Entirely Correct Mixing With Application to Voting. ACM CCS 2002, ACM Press, New York (2002)

    Google Scholar 

  8. Brands, S.: An efficient off-line electronic cash system based on the representation problem. CWI Technical Report CS-R9323 (1993)

  9. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)

    Article  Google Scholar 

  10. Choi, S., Kim, K.: Authentication and payment protocol preserving location privacy in mobile IP. GLOBECOM 2003 (2003)

  11. Desmedt, Y., Kurosawa, K.: How to break a practical mix and design a new one. EUROCRYPT 2000, LNCS 1807, pp. 557–572. Springer-Verlag, Berlin (2000)

  12. Fouque, P., Pointcheval, D.: Threshold cryptosystems secure against chosen-ciphertext attacks. ASIACRYPT 2001, LNCS 2248, pp. 351–368. Springer-Verlag, Berlin (2001)

  13. Furukawa, J., Sako, K.: An efficient scheme for proving a shuffle. CRYPTO 2001, LNCS 2139, pp. 368–389. Springer-Verlag, Berlin (2001)

  14. Furukawa, J., Miyauchi, H., Mori, K., Obana, S., Sako, K.: An implementation of a universally verifiable electronic voting scheme based on shuffling. Financial Cryptography 2002, LNCS 2357, Springer-Verlag, Berlin (2002)

  15. Furukawa, J.: Efficient, verifiable shuffle decryption and its requirement of unlinkability. PKC 2004, LNCS 2947, pp. 319–332. Springer-Verlag, Berlin (2004)

  16. Gabber, E., Gibbons, P., Matias, Y., Mayer, A.: How to make personalized Web browsing simple, secure, and anonymous. Financial Cryptography 1997, LNCS 1318, pp. 17–31. Springer-Verlag, Berlin (1997)

  17. Goldreich, O.: Foundations of Cryptography Basic Tools. Cambridge University Press, Cambridge (2001)

    MATH  Google Scholar 

  18. Goldreich, O.: Foundations of Cryptography, Basic Applications. Cambridge University Press, Cambridge (2004)

    Google Scholar 

  19. Golle, P., Zhong, S., Boneh, D., Jakobsson, M., Juels, A.: Optimistic mixing for exit-polls. ASIACRYPT 2002, LNCS 2501, pp. 451–465. Springer-Verlag, Berlin (2002)

  20. Groth, J.: A verifiable secret shuffle of homomorphic encryptions. PKC 2003, LNCS 2567, pp. 145–160. Springer-Verlag, Berlin (2003)

  21. Jakobsson, M.: A practical mix. EUROCRYPT 1998, LNCS 1403, pp. 448–461. Springer-Verlag, Berlin (1998)

  22. Jakobsson, M., M'Raihi, D.: Mix-based electronic payments. SAC 1993, LNCS 1505, pp. 457–473. Springer-Verlag, Berlin (1998)

  23. Jakobsson, M.: Flash mixing. PODC 1999, pp. 83–89. ACM Press, New York (1999)

    Google Scholar 

  24. Jakobsson, M., Juels, A.: Millimix: Mixing in small batches. DIMACS Technical Report, 99-33 (1999)

  25. Jakobsson, M., Juels, A.: Mix and match: Secure function evaluation via ciphertexts. ASIACRYPT 2000, LNCS 1976, pp. 162–177. Springer-Verlag, Berlin (2000)

  26. Jakobsson, M., Juels, A.: An Optimally Robust Hybrid Mix Network. PODC 2001, ACM Press, New York (2001)

    Google Scholar 

  27. Jakobsson, M., Juels, A., Rivest, R.: Making mix nets robust for electronic voting by randomized partial checking. USENIX Security (2002)

  28. Juels, A.: Targeted advertising and privacy too. CT-RSA 2001, LNCS 2020, pp. 408–425. Springer-Verlag, Berlin (2001)

  29. Koblitz, N., Menezes, A.: Another look at “provable security’. Journal of Cryptology. DOI 10.1007/s00145-005-0432-z, URL http://dx.doi.org/10.1007/s00145-005-0432-z, Springer-Verlag, Berlin (2006)

  30. Kong, J., Hong, X.: ANODR: ANonymous on demand routing with untraceable routes for mobile ad-hoc networks. In: Fourth ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc 2003), pp. 291–302 (2003)

  31. Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton, Florida (1996)

    Google Scholar 

  32. Mitomo, M., Kurosawa, K.: Attack for flash mix. ASIACRYPT 2000, LNCS 1976, pp. 192–204. Springer-Verlag (2000)

  33. Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertexts attacks. STOC 1990, pp. 427–437. ACM Press, New York (1990)

  34. Neff, A.: A Verifiable Secret Shuffle and its Application to e-Voting. ACM CCS 2001, pp. 116–125. ACM Press, New York (2001)

    Google Scholar 

  35. Neff, A.: Verifiable Mixing (Shuffling) of ElGamal Pairs. Available online: http://www.votehere.org/vhti/documentation/egshuf.pdf (2003)

  36. Nguyen, L., Safavi-Naini, R.: Breaking and Mending Resilient Mix-nets. PET 2003, LNCS 2760, pp. 66–80. Springer-Verlag, Berlin (2003)

  37. Nguyen, L., Safavi-Naini, R., Kurosawa, K.: Verifiable shuffles: A formal model and a Paillier-based efficient construction with provable security. ACNS 2004, LNCS 3089, pp. 61–75. Springer-Verlag, Berlin (2004)

  38. Nguyen, L., Safavi-Naini, R.: An efficient verifiable shuffle with perfect zero-knowledge proof system. Cryptographic Algorithms and Their Uses, pp. 40–56 (2004)

  39. Ogata, W., Kurosawa, K., Sako, K., Takatani, K.: Fault tolerant anonymous channel. ICICS '97, LNCS 1334, pp. 440–444. Springer-Verlag, Berlin (1997)

  40. Ohkubo, M., Abe, M.: A length-invariant hybrid mix. ASIACRYPT 2000, LNCS 1976, pp. 178–191. Springer-Verlag, Berlin (2000)

  41. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. EUROCRYPT 1999, LNCS 1592, pp. 223–239. Springer-Verlag, Berlin (1999)

  42. Park, C., Itoh, K., Kurosawa, K.: Efficient anonymous channel and all/nothing election scheme. EUROCRYPT 1993, LNCS 765, pp. 248–259. Springer-Verlag, Berlin (1993)

  43. Pfitzmann, B.: Breaking an efficient anonymous channel. EUROCRYPT 1994, LNCS 950, pp. 332–340. Springer-Verlag, Berlin (1994)

  44. Schnorr, P., Jakobsson, M.: Security of signed El Gamal encryption. ASIACRYPT 2000, LNCS 1976, pp. 73–89. Springer-Verlag, Berlin (2000)

  45. Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)

    Article  MATH  MathSciNet  Google Scholar 

  46. Tsiounis, Y., Yung, M.: On the security of El Gamal based encryption. PKC 1998, LNCS 1431, pp. 117–134. Springer-Verlag, Berlin (1998)

  47. Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the Hash Functions MD4 and RIPEMD. EUROCRYPT 2005, LNCS 3494, pp. 1–18. Springer-Verlag, Berlin (2005)

  48. Wang, X., Yu, H.: How to Break MD5 and other hash functions. EUROCRYPT 2005, LNCS 3494, pp. 19–35. Springer-Verlag, Berlin (2005)

  49. Wang, X., Yu, H., Yin, Y.: Efficient collision search attacks on SHA-0. CRYPTO 2005, LNCS 3621, pp. 1–16. Springer-Verlag, Berlin (2005)

  50. Wang, X., Yin, Y., Yu, H.: Finding Collisions in the Full SHA-1. CRYPTO 2005, LNCS 3621, pp. 17–36. Springer-Verlag, Berlin (2005)

  51. Wikstrom, D.: The security of a mix-center based on a semantically secure cryptosystem. Indocrypt 2002, LNCS 2551, pp. 368–381. Springer-Verlag, Berlin (2002)

  52. Wikstrom, D.: Five practical attacks for “Optimistic Mixing for Exit-Polls.’ SAC 2003, LNCS 3006 (2003)

Download references

Author information

Authors and Affiliations

  1. School of Information Technology and Computer Science, University of Wollongong, Wollongong, 2522, Australia

    Lan Nguyen & Rei Safavi-Naini

  2. Department of Computer and Information Sciences, Ibaraki University 4-12-1 Nakanarusawa, Hitachi, Ibaraki, 316-8511, Japan

    Kaoru Kurosawa

Authors
  1. Lan Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rei Safavi-Naini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kaoru Kurosawa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lan Nguyen.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Nguyen, L., Safavi-Naini, R. & Kurosawa, K. Verifiable shuffles: a formal model and a Paillier-based three-round construction with provable security. Int. J. Inf. Secur. 5, 241–255 (2006). https://doi.org/10.1007/s10207-006-0004-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-006-0004-8

Keywords

Search

Navigation