Modification and optimisation of a shuffling scheme: stronger security, formal analysis and higher efficiency

Abstract

The shuffling protocol by Peng et al. proposed at Crypto 2005 (called PBD shuffling in this paper) presents a useful new idea, but has four drawbacks or limitations: inconvenient encryption setting, a proof mechanism not simple and efficient enough, unclear privacy claim without formal proof and a costly mechanism: double shuffling. In this paper, a new shuffling scheme is designed to overcome these drawbacks. It employs a more efficient encryption algorithm and more practical parameter settings. It employs a simpler and more efficient proof mechanism. It sets up an appropriate privacy model and employs a novel method to formally prove computational zero knowledge (CZK) of the whole shuffling protocol. It avoids the costly double shuffling mechanism in PBD shuffling. Moreover, its soundness is formally proved based on an optimised mathematical tool without any trust. The new scheme is much more efficient than PBD shuffling. The new shuffling scheme also has advantages over other existing shuffling schemes.