|
|
中国科学院研究生院学报 2007
Non-malleable mercurial commitment scheme
|
Abstract:
Mercurial commitment scheme is an interesting variation of regular commitment scheme, which additionally allows for a soft decommit stage. The soft decommitments are not required to binding but can not conflict with the true decommmitments (if the true decommmitments exist). In our paper, we consider reusable non-malleable mercurial commitment schemes. Reusable non-malleability is that the adversary accesses to an arbitrary number of commitments, which is a strictly stronger security notion than general non-malleability in which the adversary has access to only one commitment. We adopt the reusability mainly due to the inherent property of mercurial commitment scheme. We introduce the notion of reusable non-malleable mercurial commitment scheme and give a construction based on the multi-trapdoor mercurial commitment scheme.
