Universally composable commitments

Ran Canetti, Marc Fischlin

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


We propose a new security measure for commitment protocols, called Universally Composable (UC) Commitment. The measure guarantees that commitment protocols behave like an "ideal commitment service," even when concurrently composed with an arbitrary set of protocols. This is a strong guarantee: it implies that security is maintained even when an unbounded number of copies of the scheme are running concurrently, it implies non-malleability (not only with respect to other copies of the same protocol but even with respect to other protocols), it provides resilience to selective decommitment, and more. Unfortunately, two-party UC commitment protocols do not exist in the plain model. However, we construct two-party UC commitment protocols, based on general complexity assumptions, in the common reference string model where all parties have access to a common string taken from a predetermined distribution. The protocols are non-interactive, in the sense that both the commitment and the opening phases consist of a single message from the committer to the receiver.

Original languageEnglish
Title of host publicationAdvances in Cryptology, CRYPTO 2001 - 21st Annual International Cryptology Conference, Proceedings
EditorsJoe Kilian
PublisherSpringer Verlag
Number of pages22
ISBN (Print)3540424563, 9783540424567
StatePublished - 2001
Externally publishedYes
Event21st Annual International Cryptology Conference, CRYPTO 2001 - Santa Barbara, CA, United States
Duration: 19 Aug 200123 Aug 2001

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2139 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference21st Annual International Cryptology Conference, CRYPTO 2001
Country/TerritoryUnited States
CitySanta Barbara, CA


  • Commitment schemes
  • Concurrent composition
  • Non-malleability
  • Security analysis of protocols


Dive into the research topics of 'Universally composable commitments'. Together they form a unique fingerprint.

Cite this