On the Existence of Extractable-Binding Commitments

22.02.2018, 11:00 – 12:00

2018/02/22 11:00-12:00

Speaker: Matthias Geihs, TU Darmstadt | Location: Hochschulstraße 10 (S2|02), Piloty Building, Room B002, Darmstadt

Organizer: Dr. Moritz Horsch, TU Darmstadt


An extractable-binding commitment scheme guarantees that the decommitted message has already been known when the commitment was given. Such commitments have powerful applications. For example, they are necessary and sufficient for succinct non-interactive arguments of knowledge (SNARK) and they allow for constructing renewable cryptography (e.g., renewable commitments, signatures, and timestamps).

In this talk, we explore how to construct extractable-binding commitments. First, we investigate the relation between extractable-binding and collision-binding. Then, we show how to construct an extractable binding commitment scheme in the random oracle model. Next, we observe that extractable-binding commitments are implied by extractable-collision resistant hash functions (ECRH), which are known to exist under the knowledge of exponent or the knowledge of knapsack assumption. Finally, we investigate how to construct an ECRH from standard assumptions.