[PDF] iacr.org

Non-malleability vs. CCA-security: the case of commitments

B Broadnax, V Fetzer, J Müller-Quade… - … International Workshop on …, 2018 - Springer
B Broadnax, V Fetzer, J Müller-Quade, A Rupp
IACR International Workshop on Public Key Cryptography, 2018Springer
In this work, we settle the relations among a variety of security notions related to non-
malleability and CCA-security that have been proposed for commitment schemes in the
literature. Interestingly, all our separations follow from two generic transformations. Given
two appropriate security notions X and Y from the class of security notions we compare,
these transformations take a commitment scheme that fulfills notion X and output a
commitment scheme that still fulfills notion X but not notion Y. Using these transformations …
Abstract
In this work, we settle the relations among a variety of security notions related to non-malleability and CCA-security that have been proposed for commitment schemes in the literature. Interestingly, all our separations follow from two generic transformations. Given two appropriate security notions X and Y from the class of security notions we compare, these transformations take a commitment scheme that fulfills notion X and output a commitment scheme that still fulfills notion X but not notion Y.
Using these transformations, we are able to show that some of the known relations for public-key encryption do not carry over to commitments. In particular, we show that, surprisingly, parallel non-malleability and parallel CCA-security are not equivalent for commitment schemes. This stands in contrast to the situation for public-key encryption where these two notions are equivalent as shown by Bellare et al. at CRYPTO ‘99.
Springer
Show moreShow less
Save Cite Cited by 8 Related articles All 3 versions
Showing the best result for this search. See all results