International Association for Cryptologic Research

International Association
for Cryptologic Research


Non-malleability vs. CCA-Security: The Case of Commitments

Brandon Broadnax
Valerie Fetzer
Jörn Müller-Quade
Andy Rupp
DOI: 10.1007/978-3-319-76581-5_11
Search ePrint
Search Google
Conference: PKC 2018
Abstract: In this work, we settle the relations among a variety of security notions related to non-malleability and CCA-security that have been proposed for commitment schemes in the literature. Interestingly, all our separations follow from two generic transformations. Given two appropriate security notions X and Y from the class of security notions we compare, these transformations take a commitment scheme that fulfills notion X and output a commitment scheme that still fulfills notion X but not notion Y.Using these transformations, we are able to show that some of the known relations for public-key encryption do not carry over to commitments. In particular, we show that, surprisingly, parallel non-malleability and parallel CCA-security are not equivalent for commitment schemes. This stands in contrast to the situation for public-key encryption where these two notions are equivalent as shown by Bellare et al. at CRYPTO ‘99.
  title={Non-malleability vs. CCA-Security: The Case of Commitments},
  booktitle={Public-Key Cryptography – PKC 2018},
  series={Public-Key Cryptography – PKC 2018},
  author={Brandon Broadnax and Valerie Fetzer and Jörn Müller-Quade and Andy Rupp},