Two-Prover Bit-Commitments: Classical, Quantum and Non-Signaling
This thesis considers multi-prover commitment schemes whose security is based on restrictions on the communication between the provers.
- Fillinger, M.J.
- 19 March 2019
- Thesis in Leiden Repository
This thesis considers multi-prover commitment schemes whose security is based on restrictions on the communication between the provers. The results are applicable to so-called relativistic commitment schemes: schemes whose security is guaranteed by the fact that information does not travel faster than the speed of light. A commitment scheme is a cryptographic protocol solving the following problem: One party, the prover, has selected a value which he wants to keep secret at first. The prover wants to have the option to reveal it to the other party, the verifier, at a later time, but the verifier wants a guarantee that no value other than the originally selected one can be revealed. Standard commitment schemes can only be proven secure with computational hardness assumptions. This can be circumvented by splitting the prover into multiple entities and restricting their communication, e.g., no communication at all, or communication only with a delay (as in relativistic commitment schemes). This dissertation introduces new methods for analyzing and designing such multi-prover schemes. As an application, we show that the Lunghi et al. commitment scheme from 2015 has much stronger security that their original analysis indicated.