International Association for Cryptologic Research

International Association
for Cryptologic Research


Dingyi Pei


Perfectly Hiding Commitment Scheme with Two-Round from Any One-Way Permutation
Commitment schemes are arguably among the most important and useful primitives in cryptography. According to the computational power of receivers, commitments can be classified into three possible types: {\it computational hiding commitments, statistically hiding commitments} and {\it perfect computational commitments}. The fist commitment with constant rounds had been constructed from any one-way functions in last centuries, and the second with non-constant rounds were constructed from any one-way functions in FOCS2006, STOC2006 and STOC2007 respectively, furthermore, the lower bound of round complexity of statistically hiding commitments has been proven to be $\frac{n}{logn}$ rounds under the existence of one-way function. Perfectly hiding commitments implies statistically hiding, hence, it is also infeasible to construct a practically perfectly hiding commitments with constant rounds under the existence of one-way function. In order to construct a perfectly hiding commitments with constant rounds, we have to relax the assumption that one-way functions exist. In this paper, we will construct a practically perfectly hiding commitment with two-round from any one-way permutation. To the best of our knowledge, these are the best results so far.
Non-Interactive and Information-Theoretic Secure Publicly Verifiable Secret Sharing
A publicly verifiable secret sharing scheme is more applicable than a verifiable secret sharing because of the property that the validity of the shares distributed by the dealer can be verified by any party. In this paper, we construct a non-interactive and information-theoretic publicly verifiable secret sharing by a computationally binding and unconditionally hiding commitment scheme and zero-knowledge proof of knowledge.
A New Designated Confirmer Signature Variant with Intended Recipient
Yong Li Dingyi Pei
Previous designated confirmer signature schemes were less efficient because complex zero-knowledge proof employed in confirmation and disavowal protocol. In this paper, we propose a new efficient signature scheme which is recipient-specific and confirmer-specific. The new scheme is transformed from ID-based chameleon signature and inherits its advantage in simplicity and efficiency. The scheme's security relies on the underlying secure chameleon signature and public key encryption scheme. We also considers the case of confirmer as an adversary in security proof.
Delegateable Signature Using Witness Indistinguishable and Witness Hiding Proofs
A delegateable signature scheme is a signature scheme where the owner of the signing key(Alice) can securely delegate to another party(Bob) the ability to sign on Alice's behalf on a restricted subset $S$ of the message space. Barak first defined and constructed this signature scheme using non-interactive zero-knowledge proof of knowledge(NIZKPK)\cite{Barak}. In his delegateable signature scheme, the function of NIZKPK is to prevent the signing verifier from tell which witness(i.e. restricted subset) is being used. Witness indistinguishable(WI) and witness hiding(WH) proof systems are weaker proof model than zero-knowledge proof and were proposed by Feige and Shamir in \cite{FS}, however, the verifier cannot also distinguish the witness which is being used in these two protocols. In this paper, we construct delegateable signature scheme using WI and WH proof protocols.

Program Committees

PKC 2007
Asiacrypt 2004
FSE 2004
PKC 2004
Asiacrypt 2002
Asiacrypt 2000
Asiacrypt 1999
Asiacrypt 1998 (Program chair)
Asiacrypt 1996