并发安全的紧凑多重息票方案

已有多重息票方案的弱点是缺乏支持用户根据需要选择最大兑换数量的高效协议.另一个缺陷是并不满足并发安全性.为了克服这些困难,提出两个并发安全的改进方案.第一个方案是利用关于两个被承诺值的知识证明和2轮并发零知识论证的Sigma协议编译器对底层的Blanton方案进行扩展得到的.第二个方案(即前一个方案的增强版本)利用直线提取技术实现了更为高效的安全性归约过程,并借助基于同态加密的非交互零知识论证避免了对随机预言机的使用.与其他的强不可分割的方案相比,第一个方案具有更高的通信效率,且第二个方案的安全性并不依赖于随机预言模型.

Compact Multi-Coupon Schemes with Concurrent Security

The disadvantage of previous multi-coupon schemes is the lack of efficient protocol in which users can decide the maximal number of redemption according to their demands.And another deficiency is that they cannot remain secure in the concurrent case.This article remedied these obstacles by providing two improved systems with concurrent security.The first scheme was obtained by extending the underlying scheme of Blanton with the proof of two committed values and the Sigma-compiler for two round concurrent zero-knowledge argument.The second scheme(i.e.,the strengthened version of the first one) achieved more efficient security reduction by incorporating the straight-line extraction paradigm and removed random oracles by using the non-interactive zero-knowledge argument from homomorphic encryption.Compared with the other strongly unsplittable schemes,the first scheme has better communicational efficiency and the second one does not rely on the random oracle model.