Direct Range Proofs for Paillier Cryptosystem and Their Applications

Zhikang Xie; Mengling Liu; Haiyang Xue; Man Ho Au; Robert H. Deng; Siu-Ming Yiu

Direct Range Proofs for Paillier Cryptosystem and Their Applications

Zhikang Xie, Mengling Liu, Haiyang Xue, Man Ho Au, Robert H. Deng, Siu-Ming Yiu

Department of Computing

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

Abstract

The Paillier cryptosystem is renowned for its applications in electronic voting, threshold ECDSA, multi-party computation, and more, largely due to its additive homomorphism. In these applications, range proofs for the Paillier cryptosystem are crucial for maintaining security, because of the mismatch between the message space in the Paillier system and the operation space in application scenarios.
In this paper, we present novel range proofs for the Paillier cryptosystem, specifically aimed at optimizing those for both Paillier plaintext and affine operation. We interpret encryptions and affine operations as commitments over integers, as opposed to solely over ℤN . Consequently, we propose direct range proof for the updated cryptosystem, thereby eliminating the need for auxiliary integer commitments as required by the current state-of-the-art. Our work yields significant improvements: in the range proof for Paillier plaintext, our approach reduces communication overheads by approximately 60%, and computational overheads by 30% and 10% for the prover and verifier, respectively. In the range proof for Paillier affine operation, our method reduces the bandwidth by 70%, and computational overheads by 50% and 30% for the prover and verifier, respectively. Furthermore, we demonstrate that our techniques can be utilized to improve the performance of threshold ECDSA and the DCR-based instantiation of the Naor-Yung CCA2 paradigm.

Original language	English
Title of host publication	CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	899-913
Publication status	Published - 9 Dec 2024

Cite this

@inproceedings{3737abf4cdbe4ae5964d587d6f302da9,

title = "Direct Range Proofs for Paillier Cryptosystem and Their Applications",

abstract = "The Paillier cryptosystem is renowned for its applications in electronic voting, threshold ECDSA, multi-party computation, and more, largely due to its additive homomorphism. In these applications, range proofs for the Paillier cryptosystem are crucial for maintaining security, because of the mismatch between the message space in the Paillier system and the operation space in application scenarios.In this paper, we present novel range proofs for the Paillier cryptosystem, specifically aimed at optimizing those for both Paillier plaintext and affine operation. We interpret encryptions and affine operations as commitments over integers, as opposed to solely over ℤN . Consequently, we propose direct range proof for the updated cryptosystem, thereby eliminating the need for auxiliary integer commitments as required by the current state-of-the-art. Our work yields significant improvements: in the range proof for Paillier plaintext, our approach reduces communication overheads by approximately 60%, and computational overheads by 30% and 10% for the prover and verifier, respectively. In the range proof for Paillier affine operation, our method reduces the bandwidth by 70%, and computational overheads by 50% and 30% for the prover and verifier, respectively. Furthermore, we demonstrate that our techniques can be utilized to improve the performance of threshold ECDSA and the DCR-based instantiation of the Naor-Yung CCA2 paradigm.",

author = "Zhikang Xie and Mengling Liu and Haiyang Xue and Au, {Man Ho} and Deng, {Robert H.} and Siu-Ming Yiu",

year = "2024",

month = dec,

day = "9",

language = "English",

pages = "899--913",

booktitle = "CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

}

Direct Range Proofs for Paillier Cryptosystem and Their Applications. / Xie, Zhikang; Liu, Mengling; Xue, Haiyang et al.
CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2024. p. 899-913.

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - Direct Range Proofs for Paillier Cryptosystem and Their Applications

AU - Xie, Zhikang

AU - Liu, Mengling

AU - Xue, Haiyang

AU - Au, Man Ho

AU - Deng, Robert H.

AU - Yiu, Siu-Ming

PY - 2024/12/9

Y1 - 2024/12/9

N2 - The Paillier cryptosystem is renowned for its applications in electronic voting, threshold ECDSA, multi-party computation, and more, largely due to its additive homomorphism. In these applications, range proofs for the Paillier cryptosystem are crucial for maintaining security, because of the mismatch between the message space in the Paillier system and the operation space in application scenarios.In this paper, we present novel range proofs for the Paillier cryptosystem, specifically aimed at optimizing those for both Paillier plaintext and affine operation. We interpret encryptions and affine operations as commitments over integers, as opposed to solely over ℤN . Consequently, we propose direct range proof for the updated cryptosystem, thereby eliminating the need for auxiliary integer commitments as required by the current state-of-the-art. Our work yields significant improvements: in the range proof for Paillier plaintext, our approach reduces communication overheads by approximately 60%, and computational overheads by 30% and 10% for the prover and verifier, respectively. In the range proof for Paillier affine operation, our method reduces the bandwidth by 70%, and computational overheads by 50% and 30% for the prover and verifier, respectively. Furthermore, we demonstrate that our techniques can be utilized to improve the performance of threshold ECDSA and the DCR-based instantiation of the Naor-Yung CCA2 paradigm.

AB - The Paillier cryptosystem is renowned for its applications in electronic voting, threshold ECDSA, multi-party computation, and more, largely due to its additive homomorphism. In these applications, range proofs for the Paillier cryptosystem are crucial for maintaining security, because of the mismatch between the message space in the Paillier system and the operation space in application scenarios.In this paper, we present novel range proofs for the Paillier cryptosystem, specifically aimed at optimizing those for both Paillier plaintext and affine operation. We interpret encryptions and affine operations as commitments over integers, as opposed to solely over ℤN . Consequently, we propose direct range proof for the updated cryptosystem, thereby eliminating the need for auxiliary integer commitments as required by the current state-of-the-art. Our work yields significant improvements: in the range proof for Paillier plaintext, our approach reduces communication overheads by approximately 60%, and computational overheads by 30% and 10% for the prover and verifier, respectively. In the range proof for Paillier affine operation, our method reduces the bandwidth by 70%, and computational overheads by 50% and 30% for the prover and verifier, respectively. Furthermore, we demonstrate that our techniques can be utilized to improve the performance of threshold ECDSA and the DCR-based instantiation of the Naor-Yung CCA2 paradigm.

UR - https://doi.org/10.1145/3658644.3690261

M3 - Conference article published in proceeding or book

SP - 899

EP - 913

BT - CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

ER -

Direct Range Proofs for Paillier Cryptosystem and Their Applications

Abstract

Other files and links

Fingerprint

Cite this