How to Shuffle in Public. Adida, B. & Wikström, D. February 2007.
How to Shuffle in Public [link]Paper  doi  abstract   bibtex   
We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption. We construct public-key obfuscations of a decryption shuffle based on the Boneh-Goh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption. Finally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.
@conference {adida07,
	title = {How to Shuffle in Public},
	booktitle = {Proceedings of the Theory of Cryptography 2007},
	year = {2007},
	month = {February},
	publisher = {Springer Berlin / Heidelberg},
	organization = {Springer Berlin / Heidelberg},
	abstract = {We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption.
We construct public-key obfuscations of a decryption shuffle based on the Boneh-Goh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption.
Finally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.},
	keywords = {public key cryptography, re-encryption},
	isbn = {978-3-540-70935-0},
	doi = {10.1007/978-3-540-70936-7},
	url = {http://www.springerlink.com/content/j6p730488x602r28/},
	author = {Ben Adida and Douglas Wikstr{\"o}m}
}

Downloads: 0