International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Non-Malleable Subvector Commitments

Authors:
Benoit Libert , Zama
Download:
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2024
Abstract: Vector commitments are compressing commitments to vectors allowing for short local openings. Rotem and Segev (TCC'21) formalized a notion of non-malleability for vector commitments, which accounts for the information revealed by local openings when an adversary outputs its own commitment and attempts to open it to messages related to those of honest parties. They left open the problem of extending their non-malleable construction to the scenario of subvector commitments, where a committer can compactly open a significant fraction of committed vectors. In this paper, we construct non-malleable subvector commitments by generalizing Garay {\it et al.}'s notion of simulation-sound trapdoor commitments (Eurocrypt'03) to the subvector commitment setting. We then construct simulation-sound subvector commitments from the Bilinear Diffie-Hellman assumption as well as the Strong RSA and Bilinear Strong Diffie-Hellman assumptions. These constructions allow the adversary to see equivocations on multiple tags, and thus yield re-usable (as defined by Damg\aa rd and Groth) non-malleable commitments.
BibTeX
@inproceedings{asiacrypt-2024-34580,
  title={Non-Malleable Subvector Commitments},
  publisher={Springer-Verlag},
  author={Benoit Libert},
  year=2024
}