How to Shuffle in Public. Adida, B. & Wikström, D. February 2007. ![How to Shuffle in Public [link]](https://bibbase.org/img/filetypes/link.svg "link")
Paper doi abstract bibtex We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption. We construct public-key obfuscations of a decryption shuffle based on the Boneh-Goh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption. Finally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.
@conference {adida07,
title = {How to Shuffle in Public},
booktitle = {Proceedings of the Theory of Cryptography 2007},
year = {2007},
month = {February},
publisher = {Springer Berlin / Heidelberg},
organization = {Springer Berlin / Heidelberg},
abstract = {We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption.
We construct public-key obfuscations of a decryption shuffle based on the Boneh-Goh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption.
Finally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.},
keywords = {public key cryptography, re-encryption},
isbn = {978-3-540-70935-0},
doi = {10.1007/978-3-540-70936-7},
url = {http://www.springerlink.com/content/j6p730488x602r28/},
author = {Ben Adida and Douglas Wikstr{\"o}m}
}
Downloads: 0
{"_id":"fFwoigDGqAWJ4ureY","bibbaseid":"adida-wikstrm-howtoshuffleinpublic-2007","downloads":0,"creationDate":"2017-05-23T13:18:52.252Z","title":"How to Shuffle in Public","author_short":["Adida, B.","Wikström, D."],"year":2007,"bibtype":"conference","biburl":"https://gnunet.org/bibliography/export/bibtex","bibdata":{"bibtype":"conference","type":"conference","title":"How to Shuffle in Public","booktitle":"Proceedings of the Theory of Cryptography 2007","year":"2007","month":"February","publisher":"Springer Berlin / Heidelberg","organization":"Springer Berlin / Heidelberg","abstract":"We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption. We construct public-key obfuscations of a decryption shuffle based on the Boneh-Goh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption. Finally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.","keywords":"public key cryptography, re-encryption","isbn":"978-3-540-70935-0","doi":"10.1007/978-3-540-70936-7","url":"http://www.springerlink.com/content/j6p730488x602r28/","author":[{"firstnames":["Ben"],"propositions":[],"lastnames":["Adida"],"suffixes":[]},{"firstnames":["Douglas"],"propositions":[],"lastnames":["Wikström"],"suffixes":[]}],"bibtex":"@conference {adida07,\n\ttitle = {How to Shuffle in Public},\n\tbooktitle = {Proceedings of the Theory of Cryptography 2007},\n\tyear = {2007},\n\tmonth = {February},\n\tpublisher = {Springer Berlin / Heidelberg},\n\torganization = {Springer Berlin / Heidelberg},\n\tabstract = {We show how to obfuscate a secret shuffle of ciphertexts: shuffling becomes a public operation. Given a trusted party that samples and obfuscates a shuffle before any ciphertexts are received, this reduces the problem of constructing a mix-net to verifiable joint decryption.\r\nWe construct public-key obfuscations of a decryption shuffle based on the Boneh-Goh-Nissim (BGN) cryptosystem and a re-encryption shuffle based on the Paillier cryptosystem. Both allow efficient distributed verifiable decryption.\r\nFinally, we give a distributed protocol for sampling and obfuscating each of the above shuffles and show how it can be used in a trivial way to construct a universally composable mix-net. Our constructions are practical when the number of senders N is small, yet large enough to handle a number of practical cases, e.g. N = 350 in the BGN case and N = 2000 in the Paillier case.},\n\tkeywords = {public key cryptography, re-encryption},\n\tisbn = {978-3-540-70935-0},\n\tdoi = {10.1007/978-3-540-70936-7},\n\turl = {http://www.springerlink.com/content/j6p730488x602r28/},\n\tauthor = {Ben Adida and Douglas Wikstr{\\\"o}m}\n}\n","author_short":["Adida, B.","Wikström, D."],"key":"adida07","id":"adida07","bibbaseid":"adida-wikstrm-howtoshuffleinpublic-2007","role":"author","urls":{"Paper":"http://www.springerlink.com/content/j6p730488x602r28/"},"keyword":["public key cryptography","re-encryption"],"downloads":0},"search_terms":["shuffle","public","adida","wikström"],"keywords":["public key cryptography","re-encryption"],"authorIDs":[],"dataSources":["FWsPTwsmjtrBtRS3B"]}