In, Dwork et al. posed the fundamental question of existence of commitment schemes that are secure against selective opening attacks (SOA, for short). In Bellare, Hofheinz, and Yilek, and Hofheinz in answered it affirmatively by presenting a scheme which is based solely on the non-black-box use of a one-way permutation needing a super-constant number of rounds. This result however opened other challenging questions about achieving a better round complexity and obtaining fully black-box schemes using underlying primitives and code of the adversary in a black-box manner. Recently, in TCC 2011, Xiao investigated on how to achieve (nearly) optimal SOA-secure commitment schemes where optimality is in the sense of both the round complexity and the black-box use of cryptographic primitives. The work of Xiao focuses on a simulation-based security notion of SOA. Moreover, the various results in focus only on either parallel or concurrent SOA. In this work we first point out various issues in the claims of that actually re-open several of the questions left open in. Then, we provide new lower bounds and concrete constructions that produce a very different state-of-the-art compared to the one claimed in.
展开▼
