Toward Round-Efficient Verifiable Re-Encryption Mix-Net

Abstract

Re-encryption mix-nets (RMNs) provide an efficient cryptographic anonymous channel for useful applications such as e-voting and web browsing. Many studies have been devoted to achieving practically efficient RMN protocols, but less attention has been paid to dealing with their round efficiency than to computation and communication measures. However, in many interactive cryptographic protocols, network latency governs the overall execution time. Because e-voting systems are particularly interaction intensive, the design of a round-efficient RMNprotocol is of particular interest. We propose a constant-round RMN protocol in a three-party model that consists of senders, mix servers and some number of receivers. Here, the main role of the receivers is to jointly decrypt a list of ciphertexts obtained from the mixing stage. Such an explicit three-party model is most suitable for e-voting applications. We define an ideal three-party RMN in the universally composable (UC) framework. We then present a constant-round RMN protocol based on the standard assumptions and prove that it UC-realizes the ideal three-party RMN with respect to a static adversary that can corrupt a minority of mix servers, disallowing receivers who collude with other players. We implmented and evaluatd our RMN protocol over a various range in the number of senders and mix servers. Our evalulation shows that our protocol runs up to 2 :5x faster than Universal RMN protocol. Besides, we provide a detailed theoretical analysis of our protocol in terms of computation, transmission, and round efficiency.