Efficient commitment schemes with bounded sender and unbounded receiver (Q1291804)

A commitment scheme is a protocol by which one party -- the Sender -- can deliver a message to the Receiver without revealing the contents of this message while being committed to this message. Commitment schemes serve as building blocks in the design of various cryptographic protocols. In the paper commitment schemes with computationally bounded Sender (and unbounded Receiver) are considered. While various constructions were already published, all of them rely on composite numbers of a special form. That means that a special initialization procedure to establish such special-form numbers is needed in all of these constructions. A scheme presented in the paper eliminates the need for such expensive initialization steps. After an introduction and formal definition of the notion of commitment scheme a factoring-based scheme which uses the claw-free permutation pairs, so called GMR-scheme due to \textit{S. Goldwasser, S. Micali} and \textit{R. Rivest} [SIAM J. Comput. 17, 281-308 (1988; Zbl 0644.94012)] is presented. Then a modification that allows to eliminate the need for special-form numbers is presented and secrecy for the modified scheme is proved.