基于双线性群的同态承诺方案

承诺方案是一种基本而用途广泛的密码学原语，其在数学签名方案、电子支付协议、零知识协议以及安全多方计算协议等方面有着重要应用，因而成为密码学领域重要的研究课题之一.从设计思想来看，大多数有效承诺方案的构造都可纳入q单向群同态这一框架.但q单向性是一种极强的要求，使得其在实例化时可供选择的群结构受到限制.如何突破限制寻求新途径就成为承诺方案构造方面的重要课题.首次基于合数阶双线性群分别构造了无条件隐藏的陷门承诺方案以及无条件绑定的承诺方案，同时证明了在子群判定假设下这两个承诺方案分别是计算上绑定和计算上隐藏的.由于双线性群支持双线性映射，这些承诺方案除具备通常的线性同态性质外还具备特有的乘性同态性质.

Homomorphic Commitment Schemes Based on Bilinear Groups

Commitment scheme is one of the fundamental and useful cryptographic primitives;it has found applications to a wide range of security mechanisms:digital signature schemes,electronic payment systems,zero-knowledge protocols,secure multiparty function evaluation protocols,and so on.Therefore,commitment has received extensive study in the literature.From the perspective of design approach,many of the known and efficient constructions of commitment schemes fall into the paradigm of q-one-way group homomorphism.Though effective and fairly general,q-one-wayness is a strong requirement so that when one tries to instantiate it,the choices of algebraic structures turn out to be limited;hence,it is an important topic to find alternative to the construction of commitment schemes of various properties.In this paper,using bilinear groups of composite order,a perfect hiding trapdoor commitment scheme is constructed for the first time,which is provably computational binding under the subgroup decision assumption.A dual construction of unconditional binding commitment scheme is also presented,which is proven to be computational hiding under the same intractability assumption.These proposals thus give alternative approach to constructing commitment schemes.Moreover,due to the bilinear maps associated with the bilinear groups,the proposed commitment schemes demonstrate unique multiplicative homomorphic property.